Wpa is most common WiFi security that we use today. Its algorithm is secure enough, but still, you can hack it.
I have found two best way to hack WPA wireless network. First one is best for those who want to learn wifi hacking. The second method is best for those who want to hack wifi without understanding the process
Make sure you installed Linux because these tools are working in Linux. Kali Linux and Parrot sec are recommended distributions.
This is still the most common way to hack WPA network. If you are looking for content to learn WPA hacking, then it is perfect for you.
Anyway, today our topic is how to hack WPA or wpa2 wifi from your home or without any signal.
If you are completely new to hacking then read my post hacking for beginners
In this technique, nothing new same software Aircrack-ng and crunch Just modified commands in the right way.
And you haven’t wait for until a client joins that network. I will show you how to disconnect the client from the router.
Ok, let’s start.
How to install Hacking OS Kali Linux on Pc
Ignore above warning if you did not understand this.
If you have any suggestion, complaint or unable to understand then don’t forget to leave a comment.
I have divided tutorial into 2 parts. part 2 can be done from your home but for part 1 you need the wifi signal.
Part 1: Capturing WPA Handshake
what is WPA handshake
Power on your Machine and open terminal.
Type su.
If you are not log in as the root user, then it will ask for root password.
Next step type ifconfig and press enter. It will show all available network interface. Take a look all of these. If there is wlan0 is present, then you can go ahead. In some distribution, it is named something different like wlXXXX. It indicates that you can use wifi.
Next step is about killing your internet. It is important. Here is the command.
ifconfig wlan0 down
Next step is about enables monitor mode.
iwconfig wlan0 mode monitor
Above command will enable monitor mode. You have to enable monitor mode. Monitor mode is used see information about wifi networks that are available in our range. For disconnecting the client from network monitor mode is important (read full post you will understand what I am talking about).
After that, you need to kill (stop) some computer process.
airmon-ng check kill
It will kill all the process that can cause a problem in wifi hacking. For e.x. Network manager. We all of us enable auto-connect to our network. For hacking, it causes a problem, so you have to stop this process.
After that, you can see all available network (depend upon your wireless card range). I from a village so there is only one wifi network available. To do this run following command.
airodump-ng wlan0
It will show all network with a lot of information. It will continue until you did not stop it.
Press ctrl+c to stop it.
Next step is important to See everything about your target network BSSID is mac address ESSID is the name of Network. ENC shows security used network. Before going ahead make sure it is WPA or wpa2. CH shows your channel number.
Depending upon your target you have to change channel number. In my case, it is eight look it above screenshot.
iwconfig wlan0 channel 8
Your adapter channel will change from anything to 8.
Using following command you can capture WPA handshake.
airodump-ng -c 1 -bssid 90:8D:78:73:34:12 -w scan wlan0
Here -c is channel no. and –bssid is the id of a target network. -w is the file where we want to save handshake with the name of the scan.
This will try to capture handshake mean wait until somebody is not joining your wifi (which makes no sense). But you did need to wait. Open a new terminal and run this aireplay-ng -0 0 -a bssid here. Here is the full command.
aireplay-ng -0 0 -a 90:8D:78:73:34:12 wlan0
It will launch dos attack on Router so all connected devices(client) will be disconnected. When any device disconnects from the router, you will see WPA Handshake captured in the previous terminal.
When the handshake is captured press ctrl+c to stop aireplay-ng. It is important to stop because it stops internet of WiFI.
As you see I have posted the screenshot of both terminals. You can see WPA handshake is captured so no need of the second terminal.
Now part 1 is complete go back to your home. To confirm type ls if there is any file with the name of scan-01.Cap here is the screenshot.
Part 2
Now relax because next steps are bit different from above commands.
Now you can go back to your home because the next steps can be done from anywhere in the world.
We have captured WPA handshake, but now we have to crack it using wordlist attack.
I hope you wordlist attack in hacking for beginners post (scroll to top)
If you already know then great. We will create word list text file using crunch.
Command to create the wordlist.
crunch min max characters -o filename to save results
example
Crunch 8 10 1234567890 -o password.txt
it will create a wordlist of digits 1234567890 (you can use characters too) where minimum length is 8 and the maximum length is 10. All that words will be saved in the password.txt file.
Read How to use crunch in advance
aircrack-ng -w password.txt scan.cap
it will try every word of password.txt as password. if password is in the file it will show you something like this.
Tips to Make cracking process faster:
- Close unnecessary tabs it will create process fast.
- Use More than One Computer with different word list files.
Task is not complete
Know you have hacked wifi, but you have to type some commands for disabling monitor mode and starting NetworkManager here are these commands
If you want to understand this technique read aircrack-ng method before this
One main problem with aircrack-ng is that it become long process when password length is greater than 8.
Some people use the unique character in the password which makes impossible to hack.
Fluxion is the solution to all these problems. It is future of wifi hacking
It is easy to use, and your task will be complete within few minutes.
Ok, no more words.
How fluxion works?
Well, first of all, it captures WPA handshake automatically and then applies Man in the middle attack.
Ii will ask your victim for the password (see the screenshot).
You know Best thing about Fluxion is
If user types the wrong password, it detects automatically (because it capture WPA handshake, so it try user input as the password using aircrack-ng ) and shows user warning like this
Mean your wifi hacking passwords chance are 99% (fucking amazing 🙂 ).
When victim typed correct password, then all service will be stopped running by fluxion, and so the user can use the internet.
Here is how to install it and use it
it is available at GitHub run this command to clone it.
git clone https://github.com/wi-fi-analyzer/fluxion.git
This command will save it to the current working directory which is ~ in my case.
After downloading we need to navigate to that directory so do it
cd fluxion
This directory has some directories and files. But need to run only one bash script
bash fluxion.sh
This command will start fluxion script and detects all that is required. If any package is missing install because for a successful attack you need all packages.
In the case of Kali Linux or parrot, you haven’t do anything.
As you see in the screenshot you need to select your language. I am assuming that you know English so press 1.
In next step, it needs to scan your area you can select all channel or the specific channel. My router channel settings are set to auto So I will choose 1 for scanning all channels.
As you can see it will show you all networks available in your range when you see your target network close WIFI Monitor window.
On closing, it will show your networks in the terminal. In my case three networks available. You can select network using their ID I want to hack Maan network so I will choose 2.
In next window, you need to select attack option. Basically, it is how you create your own network. I will advise you to choose Hostapd which is also recommended by Fluxion and airbase-ng is buggy. Seriously it is.
Next step is about the location of handshake file. you can pass your own path but no need of it. Just press Enter. It will select automatically.
Hmm, you choose your path for handshake file but how you capture your handshake. There are two ways
- By pyrit
- aircrack-ng
You can choose anyone but Fluxion recommended pyrit So select by pressing 1
This is essential step how you want to capture handshake Do you want to disconnect all devices or a specific one.
I recommended one because it asks for the password everyone.
So everyone supposed it would be definitely by ISP.
Pressing one will disconnect all devices connected to the network.
It will open three terminals.
1.One is for capture handshake
2.Second is for disconnecting client so you can capture handshake without waiting for the client who joins the network.
3. Third is fluxion so you can stop other two terminals when handshake is captured
Hey, beginner how to read it carefully, When you see WPA handshake is captured like this screenshot. Immediately press 1 in your terminal. Deauthing devices from the network stop internet
It will stop other two windows and ask for the SSL certificate. GO ahead and select 1.
Next window about interface you have only one option web interface select it.
Selecting the SSL certificate it needs the language of password login page. Choose your language. I will select English.
When you select the language fluxion script will open 4 terminal.
On the other side, your victim who is using wifi will be redirected to page like this
Suppose user type wrong password but I told you it capture WPA handshake so it will detect the wrong password and show a warning to the user.
IF you victim used the correct password, then he can use the internet.
Here is how got password using aircrack-ng and close all other processes. So your victim can use the internet without any problem
How to secure your wifi network from Fluxion
Best way to secure your WiFi is reduce your WiFi signal. Believe me it is very powerful. If you want to know how to fully secure you WiFi all attacks Read this How to secure your WiFi password
Next post How to control full wifi by hacking a wireless router.
Which adapter should i use in virtual box kali In India for hacking. Cheapest and best. Please suggest.
https://zsecurity.org/product/realtek-ar8812au-2-4-5-ghz-usb-wireless-adapter/
Can i do it on IOS…?
Actually i don’t know about ios operating system
I am a beginner i don’t know anything plz tell me how to download linux and all other which help in hacking.
Read my article about Kali Linux for beginners
where is your article please send me link of your article
here it is
after installing fluxion when i typed command “bash fluxion.sh” the terminal shows
“You don’t have admin privilegies, execute the script as root.
”
how to solve this problem
Help…
Run this script as the root user
first type su then it will ask root user password then enter password and run the script
How to install dhcpd, hostapd,lighttpd, php-cg when i try to install it its tells unable to locate package pls help i am using kali linux in vm
try apt-get install {package name}
if this is not working for you then update your kali Linux
Plz make a video of it.
If I published a video I will let you know by email you
After opening fluxion how to install missing files pls tell me fast
using apt-get install package_name
Do u have Word lists in .pcap extension??
the wordlist is with .txt extension. pcap is captured handshake file
hi. i have a problem in installing AWUS036H network adapter in kali linux. how can i download and install driver? if anyone knows to solve this problem. please help me.
Thank you
sometimes you need a driver for installing the adapter. did you check it on windows
Hi,
i have tested your method on my home network, but no message appeared on any of the devices which are connected to the home network, it only disconnected the internet..!
actually sometimes system detect this process but you can use wordlist attack
first step:
bash: git: command not found
lol
here is how to install git how to install git
i want to use fluxion by bruteforce method ..can u provide a tutorial on my gmail account..
fluxion is not a brute force attacking tool
When I start fluxion
Dhcpd, hostapd, lighttpd, php-cgi not installed then how to install it
well, these are packages in Kali these are pre-installed. you can install it using apt-get install hostapd
one by one
in some linux distribution like fedora use yum install hostapd …..
Hope tha tmake sense
I have installed host pad, lighttpd and php-cgi. But dhcpd is not installing i’ve tried so many times but it’s not installing
which Linux distribution you are using
Hi,1)u tutorial is really helpfull and interesting..maybe u can go deeply on how to create a wordlist..
2)fluxion method,what happen when a client surf a https website?is it will remain error page?client can only be redirect to portal site we created if he surf http..
thanks for your words. ok I update posted write more details about wordlist.
I’m using mi phone. So it will automatically detect that network is redirecting to some page so it will open that login page. I open in chrome it is not working.
That’s why I post two ways for hacking FB
please give me your facebook id link…please please
Do you want my fb id
yeah bro…. please… I have to need your fb ID
fb.com/1pcfanz
hey bro…I want to be a good hacker…. so what I should to do….?
please help me.. please please
Subscribe my blog you will get a free hacking course
very nice article sir plz upload more article
thank you
How to install dhcpd, hostapd,lighttpd, php-cg1
I am using kali live from bootable usb…..please help
Make sure your using updated version of kali. if not then run this apt-get update -y; apt-get dist-upgrade -y
if you are using updated version then run this command
apt-get install dhcpd
Let me if you need further help
Nice post, things explained in details. Thank You.
Welcome
I’m having some issue’s ,
Every single time i’m using “airodump-ng -c 1 -bssid xx:xx:xx:xx:xx:xx -w scan wlan0 ”
it keeps telling me :
Notice : channel range already given
“airodump-ng –help” for help.
i don’t quite get it ,
plz help me :'(
Did your channel name is same for iwconfig command that you run before airodump-ng . It should be same channel name