Wifi Pentesting - Tips Tricks Tools | Cyber Dioxide

Whenever i upload or tell people about WiFi pen-testing, from the next day my inbox starts to flood with messages of strangers "Hey, can you help me do xyz with my neighbor WiFi?". But rather then answering everyone individually. I decided to dedicate my precious time to write a wonderful blog to bring a new world of WiFi pen-testing to everyone. So next time someone message me, rather then replying individually i would just send the link to this blog. Without more buttering, lets get straight into it.

NOTE: This is only for educational purpose, but i also know that you are going to ignore this line


Want to Jam a WiFi?

If you are tired of your little brother listening YouTube too laud, watching your teacher giving you a presentation on internet, want to disable your friend from studying late nigh. Here is all in one solution. A WiFi jammer for every one, with simple to use web interface and a user manual.

Order Now

What the Heck is WiFi Pen-testing?

WiFi pen-testing short for WiFi penetration testing refers to proccess of using various techniques to find and exploit vulnerability in a WiFi.The goal is to identify weaknesses in your network's defenses and rectify them before a real attacker can exploit them.

Wireless access points are some of the easiest to compromise. This is because hacking one doesn't require any social engineering, direct physical access to the device, or any special skills. All it takes is physical proximity. A hacker can simply sit on the same floor of your building and attempt to log into your network. Most of the time, they'll be able to do so without being detected.

Like i already said, I'll just take you directly to existing vulnerabilities because you guys are pro cyber security experts (+_+).

Things you need:

  • WiFi card that supports monitoring mode (I use TP-Link wn722n)
  • A computer running Linux (You can also do on windows check here)
  • A wordlist for password matching
  • Little determination and more patience

Lets GOo0:

Open up you Linux terminal, i assue you are using kali linux, if you dont you will have to install these tools separately.

  • Aircrack-ng
  • WiFite
  • WiFi-Brute

Aircrack-ng:

Connect your WiFi adapter to your Linux and verify that it is connected.

ifconfig-linux-interface-configuration

Stop the current processes which are using the WiFi interfaces.

stop-process-which-are-using-wifi-linux 

Now, start your wlan0 which is the interface of your connected WiFi adapter, in monitor mode.

start-interface-linux
 

 To view all the Wifi networks around you and get information about device Mac.

 view-all-wifi-networks

Capture Packets:

Now we will capture packets, these packets are not like ordinary packets that you capture with Wireshark, these packets are handshakes that are captures when you are disconnected by your router, and you sends auth packet to router.

To view the clients connected to the target network.

airodump-ng -c 1 --bssid 80:35:C1:13:C1:2C -w /root wlan0mon

 view-connected-clients-to-target

Open a new terminal window to disconnect the clients connected to the target network.
 
disconnect-clients-connected-to-target

When the client is disconnected from the target network. He tries to reconnect to the network and when he does you will get something called WPA handshake in the previous window of the terminal.

capturing-WPA-handshake

Decrypting Secrets:

Now time to unlock the password from captured handshake file. We will use dictionary attack with aricrack-ng for finding password

aircrack-ng -a2 -b 80:35:C1:13:C1:2C -w /root/my1Mpasswords.txt /root/hacking-01.cap
wifi-password-cracked 

Whoop Whoop

Now we know how WiFi password can be cracked via handshake, its time to automate this stuff with a tool that will do everything for you. Most of you might say that i didn't shown this before, but the point was to learn so that you are able to crack when you are in desert (Its not about desert). This tool can cause errors sometimes, therefore one must learn to perform attack manually too. Lets put light on shadow. 

WiFite:

Ladies and gentlemen, introducing one only WiFite.WiFite is a powerful and versatile open-source tool designed for wireless penetration testing and security assessments. As an essential component of a penetration tester's toolkit, WiFite focuses specifically on automating the process of cracking and securing Wi-Fi networks. This tool streamlines the complex task of auditing and assessing the security of wireless networks, making it an invaluable resource for cybersecurity professionals, ethical hackers, and network administrators.

To use this, simply connect your adapter and root your terminal, enter command

wifite

It'll start. It will use default wordlist so incase you want to add your own wordlist and interface

wifite -i wlan0 -w /myDangerousWords.txt

Assistance

Need assistance or have questions? Contact our support team at saad@cyberdioxide.com. For community discussions and updates, join our Telegram chanel or follow us on instagram

Telegram

Telegram Channel

 

Previous Post Next Post