Is it possible to hack a wpa2 network

Finally , i got the WPA handshake from my ubuntu machine which is act like as client and monitoring system. Good question. Select Null Byte and then click on the "How To" button. It will bring up the several of my series such as Wi-Fi and Linux. But then i disable wps on my router and tried again however now i am unable to capture the handshake i have tried multiple times using different programs and sending various auth codes and deauth code worked however handshaked was not captured.

I am getting this error when issuing aireplay-ng --deauth -a BSSID mon0 "Couldn't determine current channel for mon0, you should either force the operation with --ignore-negative-one or apply a kernel patch. This question has come up and been answered multiple times before in the comments above. Check those out. Hello again OTW i finnaly fix my problem with step 4 after i read all coments 40times now after i make deauth will i get handshake imidietly or i need wait.

First, the handshake is only available when someone re-authenticates and then it should be almost immediate. Hi can you please make a tutorial of how to hack instagram to get the username and password of a account. Is Instagram an option for Aircrack-ng? Hi I know what Aircrack-ng does. Check out my recent article on BeEF. Tell me about the AP. Like ISP Also if it is factory default it is a good chance it is random alpha.

I have the theory correct but cant make the list because it is 65PB and a mask would take 55 yrs on my GPU set up. About 1k yrs without GPU. I am unale to capture the handshake. The airodump-ng terminal does not shows up WPAhandshake. I am using Ubuntu Whenever i enter the " aireplay-ng --deauth -a mon0" command I get this back: " Waiting for beacon frame BSSID: on channel Hi this question was answered a ton of times but just add the --ignore-negative-one to the command and it should go through.

To everyone. Am new here. Pls could someone explain to me in details, how this works? Any explanation will be highly appreciated. You may start reading this article about wifi terminologies. This may help you understand most of the concepts stated in this article.

You should also check this for more understanding. The last time i try i come to the situation where the password or key is finally found massage appears changing the current passphrase massage. Im happy with that but when i try to enter the password to connect, the password seems not right because i failed to connect. Later i try more couple times then the password appear is same like the first time i find it and it just not working.

What is actually happening? I wonder if i miss a thing. Quick question I got the handshake on my home network, when i went to crack the handshake using the rockyou text file it came up empty even though i put the key in the file. I also tried with smaller files making sure each time the file had the key. What could be going wrong? Sorry if this question has been asked before, I tried looking for it but could not find anything. Any help would be appreciated. This is a problem most people have no clue about and assume that the password list is bad when in fact they don't have a good handshake.

If you could help me it would be much appreciated! Greetings, help us help you. Check the spelling of the commands you enter before asking for help.

Try this thread since its VM. Also this issue has been resolved if its just drivers. Search the WHT forum. Great guide! However I have a problem, i did everything as you said and after the deauth step the handshake never appears for me. Am I doing something wrong? My interface is mon2. Can someone help me please? Thanks in advance :! Then re issue the commands.. Will solve your -1 issue in tools before it begins.

Restart it with service network-manager 'start restart stop'. Brackets have run wild! So for a reference only. I must have a misunderstanding of high gain directional antennaes HGDA. From what I am reading on several product descriptions, it appears that these are attached at the source wifi router to boost the signal.

But your comment implies that someone who wants to hack a neighbor's wifi can set this up, obviously at a location remote from the source. There was no common client.

The cracked password was same for both of them. But it didnt worked on one but worked on other. Thanks regards:raza. I can see that I'm late to the game here but just wanted to throw out a thank you.

These tuts have been a huge help and I've learned more here than anywhere else on the interwebs. Because mine says that there are no such files or directory. Hello everyone, im trying to crack wpa with RTLcu and everything is going well until its time to deauthenticate clients and then nothing happens.

I tried it on my own network and my neighbors. Any help on whats going wrong? It's not in the compatibility list but it goes on monitor mode and all of the above except forcing deauthentication. You think the adapter is the problem? Damien Change the paths to the wordlists to reflect your environment. Change everything that says mon0 to wlan0mon Should work like a charm again. When I try the first airodump the fixed channel keeps on changing.

How do I make it stay on one channel? What are the commands you speak of? I can speculate all day but need a little bit more info based on your statement.

Hi i have some trouble in step i cant upload screenshot so: when i enter aireplay-ng --deauth -a Make certain you followed all the steps carefully. If you are still unsuccessful, please post a screenshot of your steps so we can help you.

This was a great tutorial, I followed the instructions and after much tinkering managed to capture the encrypted password right after some 30 deauth packets were sent. I've spent six days and gone through seven dictionaries including that gigantic crackstation one, but to no result. Is there an online site with more processing power and a bigger dictionary that might be able to tackle it?

I'm willing to donate a major organ now I've invested so much time on this pet project. It has been said, but I just have to say it again. What an amazing tutorial it is. However the default password don't work for me. Tried to replace darkc0de with crackstation-human-only, don't work. Tried replace WPAcrack Hi, does anyone know the algorithm aircrack-ng uses to crack passwords?

I was also wondering if adding words from a different language to my darkc0de. And this is what it is showing after i pass the first command. I am on edge. What to do since it not even finding the wordlists.. If you are not sure of the password or validity of the cap file could be a lot longer. I have banged on cap files for months before with no luck. This is probably a stupid question to most of you, but is it possible to get detected using this method?

Guru, previously i had it but lack of wordlists. Now i've come to same as 'armaan' when he not even getting the default wordlist. By the way, how to add the wordlist into the usb? I unetbootin too but then my air-crack file gone missing.

Format the thumb, put in wordlist first follow by air-crack, then my wordlistbecame not available. Kindly help me with this. That looks like an internal card, and if you're using a VM that might not be recognized because it's already in use by your main OS.

Also, airmon-ng start wlan0 is just for putting card in monitor mode, you are not supposed to see any 'channel' there. Maybe you meant. If it says something like 'Device or resource busy' try this ifconfig wlan0mon down iwconfig wlan0mon mode monitor ifconfig wlan0mon up. Again, if it fails on the VM, try with the live usb, that should work.

Hello firstly thanks for the great tutorial. I need some assistance please help. I followed all the steps After using the aircrack command I'm getting a "passphrase not found" error.

I know this is a error because I tried cracking my own wifi and created my own word list with the wifi pswd.

EDIT: I've tried removing aircrack and installing it again and it worked,probably version compatibility or dependency issues I guess. Thanks again for the tutorial :. I got the handshake and I use rockyou. Rockyou is not an exhaustive dictionary. In addition, it is in English.

If the owner used a non-English passphrase, it won't work. Thank you,OWT Do u know some exhaustive dictionaries which can be used to crack the password from a non-English Passphrase? IMHO new aircrack-ng aircrack-zc uses wlan0mon interface and not mon0. We used wordlist in this tutorial. Connection to the network will be possible only in the vicinity of the access point and reconnection will be disabled, in order to secure from Evil Twin Attack.

I know OTW is no longer here Anyways if there is someone out there to answer my question would be really delighted:. Also i read on other comments about the mon0 and wlan0mon thing? Is it a big deal? After I get access of the victim internet, should I be worried in hide my connection by using VPN for example? What are the traces and odds by doing this hack? Sir OTW, Thank you for all your tutorials. All your efforts is appreciated and we all are grateful to you. I have the same problem as "Mike Premo" :.

I'm sorry to ask it again, but I didn't find any guide or answer here, so I hope with re-asking the question, others could use the precise answer. For me too just like Mike all the steps work well except this step 3 and step 6 Got no data packets from target network!

I use Kali through Live Linux and I have downloaded the dictionary by my own. Yeah except when you want to crack WPA2 16 char. A-Z and ; leaving you with '7. Which is now used by Verizon FiOS.. I am going in Circles with "airmon-ng start wlan0". When I run this command, I get a notice to run "airmon-ng check kill" first. I run this command and then re-enter "airmon-ng start wlan0", I get same notice to run "airmon-ng check kill".

When I try to step 3 it doesn't work. I am trying to hack into my own wifi network. Should I be logged on to it or no? When I do step 3 the bssid is said to be incorrect. When I do the airodump-ng start there are multiple instances of my wifi network with very similiar bssid's and the same essid's.

Also when it is scanning it keeps on refreshing and changing the bssid, scrolling itself down constantly. In the screen shot on the tutorial the bssid has no letters. My bssid has a few letters what do I do? I have found a problem that I tried to do deauth by aireplay but I cannot kick the device connected to AP out while the packet lost getting higher and higher.

Your tutorials are great I tried to crack a WiFi password using aircrakng. Everything is fine. Works pretty well. But no any word list dictionary can give me the correct password. My country is Italy. Maybe those lists in English. My question is, is it possible me to make a Italian word based word list or is there any place to download? I have captured the handshake of my wifi, but i couldn't crack it even using rockyou. Welcome back, my greenhorn hackers.

Subscribe Now. The command will create the file. Adam: It doesn't sound like you got it all. It should be gb. I am getting the same error now, have you found anything? I ran into a similar problem. The way I solve it was like this: Instead of typing airodump-ng --bssid -c 6 --write WPAcrack mon0 , after the -c put the channel that the AP uses, in your case 9.

You are right, it should have been --write. Thanks for catching that typo. Please could u explain to me what I did wrong? Side note: Use rockyou.

You will have better luck with it. Ok master OTW I get this error.. King: I put two links to other password list in the article.

Try those first. Daniel: What wireless adapter are you using? It's likely a driver issue. Chipset Atheros AR Driver ath9k. I would suggest, re-installing the driver. Daniel: I forgot to ask you, did you already use your wlan0 to connect to an AP? Can I hack with TP Link wireless adapters? Johnny: You can check the aircrack-ng website for compatible wireless adapters. American: Thanks for that info! Thanks for correcting me. That's what I get from skimming instead of reading. Thanks in advance, nice guides!

Think it comes with kali. John: You are right, it should have captured the handshake when they re-authenticated. Jerallian: I don't know for certain, but I believe that it is not included in Kali. Fallen; Each time you run aircrack-ng, it creates a new file, so it means no handshake in that file. The machine will automatically reauthenicate after you deauthenicate, almost immediately. Did you restart airodump-ng? Its not in Kali. Otherwise, you just need to be patient. MG: Welcome to Null Byte!

Fallen: If you have an idea of the password, choose a password file that is appropriate. Fallen Ones: To get the handshake, someone has to authenticate.

Fallen: What version of BT are you running? Airodump-ng should be in all of them. Do you mean BT5v3? If so, its there. I;ve tried that and only get the help command, i also tried to remove the space inbetween the airodump-ng and --bssid but it goes back to saying the command doesn't exist Edit- PM Wait, i think i see where it might have went wrong.. The file is actually realuniq. Fallen: You are confusing the two cracks. Fallen: Also, yes, if you edit that file it won't run. Try a small file first.

It will be much faster. I presume I'll have to try with another password files? Mloiz: This attack is only as good as your wordlist. Try another wordlist. Mloiz: You can use the same. I didn't manage : I tried once with darc0de. Mloiz: I don't know if you made a mistake, but if the admin of the AP chose a passphrase that is unique on not on any of those lists, then this method won't find it. FiveKey: First, welcome to Null Byte! Jacob: First, I want you to be careful until you know more.

Thnks OTW. Any idea what my problem may be? I'm unable to proceed to the next steps as a result of that. As well as PID Name dhclient3 dhclient dhclient Let me know if you can guys?

James: Are you using a VM? James: VMWare workstation takes your wireless adapter on your host machine and pipes it into your virtual machine as a wired connection, eth0. Thans OTW, I will look into that. James; As long as you are using a vm, you can't do wifi hacking until you get an external card.

Sir OTW, I've tried the darkcode list but im getting no result at all.. My wifii card isn't found in backtrakck how do I enable it? Darksoulkilla: Welcome to Null Byte! Please advise. James: In the vm interface, you must tell the vm to connect your removeable device.

I'm in wlan0 Thanks a lot man! How does one update VMware Tools in the interface? James; Great! Glad you were successful! At the bottom of the vm screen you will see a button to update the vm tools. Simply install them or leave them be. Please advise? Did you read the whole tutorial? That is what you should see. Let me know what you think remember I know nothing. Ali: Check to see whether your wordlist is actually at that location.

Bilal: The other option is to create a dual boot system. Bilal: If you installed BT as a dual boot,you are ready to start hacking! Good luck! Thank you but i tried and at the second command, airodump-ng mon0 it says no device found. Please log in with your username or email to continue. No account yet? Create an account. Edit this Article. We use cookies to make wikiHow great. By using our site, you agree to our cookie policy.

Cookie Settings. Learn why people trust wikiHow. Download Article Explore this Article parts. Tips and Warnings. Related Articles. Article Summary. Part 1. Understand when you can legally hack Wi-Fi. In most regions, the only time you can hack a WPA or WPA2 network is when the network either belongs to you or belongs to someone who has given you explicit consent to hack the network. Hacking networks that don't meet the above criteria is illegal, and may constitute a federal crime.

Download the Kali Linux disk image. Wait for the file to finish downloading. Attach a flash drive to your computer. You'll need to use a flash drive with at least 4 gigabytes of space for this process. Make your flash drive bootable. This is necessary in order to be able to use the USB flash drive as an installation location. You can also use a Mac for this step. Make sure you leave your USB flash drive plugged in after you finish this process.

Install Kali Linux. To install Kali Linux on your computer, do the following: Prompt your Windows computer to restart. Enter the BIOS menu. Set your computer to start from your USB drive by finding the "Boot Options" or similar section, selecting your USB drive's name, and moving it to the top of the list.

Save and exit, then wait for the Kali Linux installation window to appear you may have to restart your computer one more time. Follow the Kali Linux installation prompts. Buy a Wi-Fi card that supports monitoring.

You can find Wi-Fi cards online or in tech department stores. If you're using Kali Linux in a virtual machine, you will need a Wi-Fi card regardless of your computer's card.

Log into your Kali Linux computer as root. Enter your root username and password when logging in. You will need to be on your root account at all times during the hacking process. Plug your Wi-Fi card into your Kali Linux computer.

Doing so will immediately prompt the card to begin setting up and downloading drivers for itself; if prompted, follow the on-screen instructions to complete the setup. Once you're done with this step, you can proceed with hacking your selected network.

If you've already set up the card on your computer before, you'll still have to set it up for Kali Linux here by plugging it in. In most cases, simply attaching the card to your computer will be enough to set it up. Part 2. Open your Kali Linux computer's Terminal. Network security is a big subject, and not something amenable to a SuperUser question. But the basics are that security is built up in layers so that even if some are compromised, not all are.

If you want to enhance the protection of your Wi-Fi network, you can view it as a transport layer only, then encrypt and filter everything going across that layer. This is overkill for the vast majority of people, but one way you could do this would be to set the router to only allow access to a given VPN server under your control, and require each client to authenticate across the Wi-Fi connection across the VPN.

Thus, even if the Wi-Fi is compromised, there are other harder layers to defeat. A subset of this behaviour is not uncommon in large corporate environments. A simpler alternative to better securing a home network is to ditch Wi-Fi altogether and require only cabled solutions. If you have things like cell phones or tablets, this may not be practical though. In this case you can mitigate the risks certainly not eliminate them by reducing the signal strength of your router.

You can also shield your home so that your frequency leaks less. I have not done it, but strong rumour researched has it that even aluminum mesh like fly screen across the outside of your house with good grounding can make a huge difference to the amount of signal that will escape.

But of course, bye-bye cell phone coverage. Even just monitoring for anomalies with total bytes in and out of various interfaces could give you a good degree of protection. There is no quick and easy answer. As others have said, SSID hiding is trivial to break. In fact, your network will show up by default in the Windows 8 network list even if it is not broadcasting its SSID.

The network still broadcasts its presence via beacon frames either way; it just does not include the SSID in the beacon frame if that option is ticked. The SSID is trivial to obtain from existing network traffic. MAC filtering is not terribly helpful either. It might briefly slow down the script kiddie that downloaded a WEP crack, but it is definitely not going to stop anyone that knows what they are doing, since they can just spoof a legitimate MAC address.

As far as WEP is concerned, it is completely broken. The strength of your password does not matter much here. If you are using WEP, anyone can download software that will break into your network pretty quickly, even if you have a strong password.

If your hardware supports WPA but not WPA2, it is better than nothing, but a determined user can probably crack it with the right tools. Disable it regardless of what network encryption technology you are using. If you have a descent password, your friend is not going to get into your WPA2 secured network without getting the password. Now, if the NSA is trying to get into your network, that is another matter.

Then you should just turn off your wireless entirely. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience. Necessary Necessary. Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website.

These cookies do not store any personal information. Non-necessary Non-necessary. Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.