Get Free Hacking course

Enter your name & email and I'll send you a video hacking course $195 Free

I don't like free stuff!

Hack Any WPA\ WPA2 WiFi Password: Perfect guide to beginner

Harinderpreet singh Last updated

I have found 2 best way to hack wpa wireless network. First one is best for for those who want to learn wifi hacking. Second method is best for those who want to hack wifi without understanding the process

Make sure you installed Linux because these tools are working in Linux. Kali Linux and Parrot sec are recommended distributions.

From last 2 months, I did not post anything due to my exam and some other works. Really sorry for that.

Anyway, today our topic is how to hack WPA or wpa2 wifi from your home or without any signal.

Note: you can hack WPA without Signal but you need to wifi signal for 10 minutes after that you can go back to your home for cracking the password. When the cracking process is done then you can use wifi on Android or iPhone.

If you are completely new to hacking then read my post hacking for beginners

In this technique, nothing new same software Aircrack-ng and crunch Just modified commands in the right way.

And you haven’t wait for until a client joins that network. I will show you how to disconnect the client from the router.

ok, let’s start.

How to install Hacking OS Kali Linux on Pc

Warning: For Vmware or Virtual box you have to buy a wireless adapter but I not recommend you to hack wifi using Vmware or Virtual box because you need a lot of power. anyway, check the tutorial.

Ignore above warning if you did not understand this.

If you have any suggestion, complaint or unable to understand then don’t forget to leave a comment.

I have divided tutorial into 2 parts. part 2 can be done from your home but for part 1 you need the wifi signal.

Part 1: Capturing WPA Handshake

what is WPA handshake
Before reading this post many of you have tried to guess wifi password. Suppose you can try password without any signal. It can be done by WPA handshake file. In other words, it is a file of a particular wireless network where you can try passwords without signal. One more thing system will try passwords with speed of 1000w/s or more depends on your hardware.

Power on your Machine and open terminal.

type su.

if you are not log in as root user then it will ask for root password.

Next step run ifconfig command. It will show all available network interface. Take a  look all of these. if there is wlan0 is present then you can go ahead. In some distribution, it is named something different like wlXXXX. it indicates that you can use wifi.


Next step is about killing your internet. It is important. here is the command.

ifconfig wlan0 down

Next step is about enables monitor mode.

iwconfig wlan0 mode monitor

Above command will enable monitor mode. you have to enable monitor mode. Monitor mode is used see information about wifi networks that are available in our range. For disconnecting the client from network monitor mode is important (read full post you will understand what I am talking about).

After that, you need to kill (stop) some computer process.

airmon-ng check kill

airmon-ng check kill

it will kill all the process that can cause a problem in wifi hacking.  For e.x. Network manager. we all of us enable auto-connect to our network. For hacking, it causes a problem so you have to stop this process.

After that, you can see all available network (depend upon your wireless card range). I from a little village so there is only one wifi network available. To do this run following command.

airodump-ng wlan0

airodump-ng wlan0

It will show all network with a lot of information. It will continue until you did not stop it.

Press ctrl+c to stop it.

Next step is important to See everything about your target network BSSID is mac address ESSID is the name of Network. ENC shows security used network. Before going ahead make sure it is WPA or wpa2. CH shows your channel number.

Depending upon your target you have to change channel number. In my case, it is 8 look it above screenshot.

iwconfig wlan0 channel 8

Your adapter channel will change from anything to 8.

Using following command you can capture WPA handshake.

airodump-ng -c 1 -bssid 90:8D:78:73:34:12 -w scan wlan0

here -c is channel no. and –bssid is the id of a target network. -w is the file where we want to save handshake with the name of scan.

airodump-ng wpa handshake

This will try to capture handshake mean wait until somebody is not joining your wifi (which makes no sense). But I am here no need to wait. Open a new terminal and type aireplay-ng -0 0 -a bssid here. Here is the full command.

aireplay-ng -0 0 -a 90:8D:78:73:34:12 wlan0


It will launch dos attack on Router so all devices(client) that are connected to the router will be disconnected. When any device disconnects from the router you will see WPA Handshake captured in the previous terminal. When the handshake is captured press ctrl+c to stop aireplay-ng. It is important to stop because it stops internet of that network.

wpa handshake

As you see I have posted the screenshot of both terminals. You can see WPA handshake is captured so no need of the second terminal.

Now part 1 is complete go back to your home. To confirm type ls if there is any file with the name of scan-01.cap here is the screenshot.

handshake file confirm

Part 2

Now relax because next steps are bit different from above commands.

Now you can go back to your home because next steps can be done from anywhere in the world.

We have captured WPA handshake but now we have to crack it using wordlist attack.

I hope you wordlist attack in hacking for beginners post (scroll to top)

If you already know then great. we will create word list txt file using crunch.

Command to create the wordlist.

crunch min max characters -o filename to save results


crunch 8 10 1234567890 -o password.txt

it will create a wordlist of digits 1234567890 (you can use characters too) where minimum length is 8 and the maximum length is 10. All that words will be saved in the password.txt file.

Read How to use crunch in advance

Last step:

aircrack-ng -w password.txt scan.cap

it will try every word of password.txt as password. if password is in the file it will show you something like this.

wpa password is hacked

Tips to Make cracking process faster:

  1. Close unnecessary tabs it will create process fast.
  2. Use More than One Computer with different word list files.

Task is not complete

Know you have hacked wifi but you have to type some commands for disabling monitor mode and starting NetworkManager here are these commands

going back to pervious settings disable monitor mode, starting network manager

If you want to understand this technique read aircrack-ng method before this
One main problem with aircrack-ng is that it become long process when password length is greater than 8.
Some people use the special character in the password which makes impossible to hack.
Fluxion is the solution of all these problems. It is future of wifi hacking.
It is easy to use and your task will be complete within few minutes.
Ok, no more words.

How fluxion works?

Well, first of all, it captures WPA handshake automatically and then applies Man in the middle attack.
I will ask the user for the password as take a look at this screenshot.fluxion wifi hacking password forum for victim
You know next line is the best thing of this script.
If user types the wrong password it detects automatically (because it capture WPA handshake, so it try user input as the password using aircrack-ng ) and shows user warning like thisfake password is detected by fluxon
Mean your wifi hacking passwords chance are 99% (fucking amazing).
When victim use correct password all process is stopped and connect the user to the internet.
Here is how to install it and use it
it is available at GitHub run this command to clone it.

git clone

This command will save it to the current working directory which is ~ in my case.
After downloading we need to navigate to that directory so do it

cd fluxion

This directory has some directories and files. But need to run only one bash script


This command will start fluxion script and detects all that is required. If any package is missing install because for a successful attack you need all packages.
In the case of Kali Linux or parrot, you haven’t do anything
As you see in the screenshot you need to select your language. I am assuming that you know English so press 1.

In next step, it needs to scan your area you can select all channel or the specific channel. My router channel settings are set to auto So I will choose 1 for scanning all channels.

As you can see it will show you all networks available in your range when you see your target network close WIFI Monitor window.result of all channel-min
On closing, it will show your networks in the terminal. In my case three networks available. you can select network using their ID I want to hack Maan network so I will choose 2.netowrk in fluxion -min
In next window, you need to select attack option. Basically, it is how you create your own network. I will advise you to choose Hostapd which is also recommended by Fluxion and airbase-ng is buggy. Seriously it is.
Next step is about the location of handshake file. you can pass your own path but no need of it. Just press Enter. It will select automatically.selecting path for handshake file captured by pyrit
Hmm, you choose your path for handshake file but how you capture your handshake. There are two ways

  1. By pyrit
  2. aircrack-ng

You can choose anyone but Fluxion recommended pyrit So select by pressing 1

pyrit for wpa handshake
This is important step how you want to capture handshake Do you want to disconnect all or specific one.
I recommended 1 because it asks for the password everyone.
So everyone supposed it is by ISP.

Pressing 1 will disconnect all devices connected to the network.
It will open three terminals.
1.One is for capture handshake
2.Second is for disconnecting client so you can capture handshake without waiting for the client who joins the network.
3. Third is fluxion so you can stop other two terminals when handshake is captured
Hey, beginner how to read it carefully, When you see WPA handshake is captured like this screenshot. Immediately press 1 in your terminal. Deauthing devices from the network stop internet

handshake captured
It will stop other two windows and ask for the SSL certificate. GO ahead and select 1.

creating ssl for login password login forum
Next window about interface you have only one option web interface select it.
selecting the SSL certificate it needs the language of password login page. Choose your language I will select 1

When you select the language fluxion script will open 4 terminal.four terminal

On the other side, your victim who is using wifi will be redirected to page like thisfluxion wifi hacking password forum for victim

Suppose user type wrong password but I told you it capture WPA handshake so it will detect the wrong password and show a warning to the user.fake password is detected by fluxon
And If user type correct password user will be connected to the internet and you will find password like this.when user type correct password

Here is how got password using aircrack-ng and close all other processes. So your victim can use the internet without any problem

hacked password by fluxion using aircrack-ng

How to secure your wifi network from Fluxion

you can stop fluxion attack on your wifi. Basically, you need to stop dos attack

In the modern router, you can disable Dos attack which stops hacker to capture WPA handshake. To do this login to your router. I am using DLink router navigate if you are using d link router too following my steps.

Click on advance tab and navigate to dos settings. Check enable dos prevention and set Whole System Flood: SYN  to 2 packets/seconds. Handshake use Syn floods using TCP protocol

how to make your wifi unhack able

if you have any suggestion, problem then comment blow. I reply to everyone :).

Next post How to control full wifi by hacking a wireless router.

4 thoughts on “Hack Any WPA\ WPA2 WiFi Password: Perfect guide to beginner

  1. I’m having some issue’s ,
    Every single time i’m using “airodump-ng -c 1 -bssid xx:xx:xx:xx:xx:xx -w scan wlan0 ”
    it keeps telling me :
    Notice : channel range already given
    “airodump-ng –help” for help.

    i don’t quite get it ,
    plz help me :'(

Leave a Reply

Your email address will not be published. Required fields are marked *