Hack Any WPA\ WPA2 WiFi Password: Perfect guide to beginner
Harinderpreet singh Last updated
I have found 2 best way to hack wpa wireless network. First one is best for for those who want to learn wifi hacking. Second method is best for those who want to hack wifi without understanding the process
Make sure you installed Linux because these tools are working in Linux. Kali Linux and Parrot sec are recommended distributions.
From last 2 months, I did not post anything due to my exam and some other works. Really sorry for that.
Anyway, today our topic is how to hack WPA or wpa2 wifi from your home or without any signal.
Note: you can hack WPA without Signal but you need to wifi signal for 10 minutes after that you can go back to your home for cracking the password. When the cracking process is done then you can use wifi on Android or iPhone.
Warning: For Vmware or Virtual box you have to buy a wireless adapter but I not recommend you to hack wifi using Vmware or Virtual box because you need a lot of power. anyway, check the tutorial.
Ignore above warning if you did not understand this.
If you have any suggestion, complaint or unable to understand then don’t forget to leave a comment.
I have divided tutorial into 2 parts. part 2 can be done from your home but for part 1 you need the wifi signal.
Part 1: Capturing WPA Handshake
what is WPA handshake
Before reading this post many of you have tried to guess wifi password. Suppose you can try password without any signal. It can be done by WPA handshake file. In other words, it is a file of a particular wireless network where you can try passwords without signal. One more thing system will try passwords with speed of 1000w/s or more depends on your hardware.
Power on your Machine and open terminal.
if you are not log in as root user then it will ask for root password.
Next step run ifconfig command. It will show all available network interface. Take a look all of these. if there is wlan0 is present then you can go ahead. In some distribution, it is named something different like wlXXXX. it indicates that you can use wifi.
Next step is about killing your internet. It is important. here is the command.
ifconfig wlan0 down
Next step is about enables monitor mode.
iwconfig wlan0 mode monitor
Above command will enable monitor mode. you have to enable monitor mode. Monitor mode is used see information about wifi networks that are available in our range. For disconnecting the client from network monitor mode is important (read full post you will understand what I am talking about).
After that, you need to kill (stop) some computer process.
airmon-ng check kill
it will kill all the process that can cause a problem in wifi hacking. For e.x. Network manager. we all of us enable auto-connect to our network. For hacking, it causes a problem so you have to stop this process.
After that, you can see all available network (depend upon your wireless card range). I from a village so there is only one wifi network available. To do this run following command.
It will show all network with a lot of information. It will continue until you did not stop it.
Press ctrl+c to stop it.
Next step is important to See everything about your target network BSSID is mac address ESSID is the name of Network. ENC shows security used network. Before going ahead make sure it is WPA or wpa2. CH shows your channel number.
Depending upon your target you have to change channel number. In my case, it is 8 look it above screenshot.
iwconfig wlan0 channel 8
Your adapter channel will change from anything to 8.
Using following command you can capture WPA handshake.
here -c is channel no. and –bssid is the id of a target network. -w is the file where we want to save handshake with the name of scan.
This will try to capture handshake mean wait until somebody is not joining your wifi (which makes no sense). But I am here no need to wait. Open a new terminal and type aireplay-ng -0 0 -a bssid here. Here is the full command.
aireplay-ng -0 0 -a 90:8D:78:73:34:12 wlan0
It will launch dos attack on Router so all devices(client) that are connected to the router will be disconnected. When any device disconnects from the router you will see WPA Handshake captured in the previous terminal. When the handshake is captured press ctrl+c to stop aireplay-ng. It is important to stop because it stops internet of that network.
As you see I have posted the screenshot of both terminals. You can see WPA handshake is captured so no need of the second terminal.
Now part 1 is complete go back to your home. To confirm type ls if there is any file with the name of scan-01.cap here is the screenshot.
Now relax because next steps are bit different from above commands.
Now you can go back to your home because next steps can be done from anywhere in the world.
We have captured WPA handshake but now we have to crack it using wordlist attack.
I hope you wordlist attack in hacking for beginners post (scroll to top)
If you already know then great. we will create word list txt file using crunch.
Command to create the wordlist.
crunch min max characters -o filename to save results
crunch 8 10 1234567890 -o password.txt
it will create a wordlist of digits 1234567890 (you can use characters too) where minimum length is 8 and the maximum length is 10. All that words will be saved in the password.txt file.
it will try every word of password.txt as password. if password is in the file it will show you something like this.
Tips to Make cracking process faster:
Close unnecessary tabs it will create process fast.
Use More than One Computer with different word list files.
Task is not complete
Know you have hacked wifi but you have to type some commands for disabling monitor mode and starting NetworkManager here are these commands
If you want to understand this technique read aircrack-ng method before this One main problem with aircrack-ng is that it become long process when password length is greater than 8. Some people use the special character in the password which makes impossible to hack. Fluxion is the solution of all these problems. It is future of wifi hacking. It is easy to use and your task will be complete within few minutes. Ok, no more words.
How fluxion works?
Well, first of all, it captures WPA handshake automatically and then applies Man in the middle attack. I will ask the user for the password as take a look at this screenshot. You know next line is the best thing of this script. If user types the wrong password it detects automatically (because it capture WPA handshake, so it try user input as the password using aircrack-ng ) and shows user warning like this Mean your wifi hacking passwords chance are 99% (fucking amazing). When victim use correct password all process is stopped and connect the user to the internet. Here is how to install it and use it it is available at GitHub run this command to clone it.
This command will save it to the current working directory which is ~ in my case. After downloading we need to navigate to that directory so do it
This directory has some directories and files. But need to run only one bash script
This command will start fluxion script and detects all that is required. If any package is missing install because for a successful attack you need all packages. In the case of Kali Linux or parrot, you haven’t do anything As you see in the screenshot you need to select your language. I am assuming that you know English so press 1.
In next step, it needs to scan your area you can select all channel or the specific channel. My router channel settings are set to auto So I will choose 1 for scanning all channels.
As you can see it will show you all networks available in your range when you see your target network close WIFI Monitor window. On closing, it will show your networks in the terminal. In my case three networks available. you can select network using their ID I want to hack Maan network so I will choose 2. In next window, you need to select attack option. Basically, it is how you create your own network. I will advise you to choose Hostapd which is also recommended by Fluxion and airbase-ng is buggy. Seriously it is. Next step is about the location of handshake file. you can pass your own path but no need of it. Just press Enter. It will select automatically. Hmm, you choose your path for handshake file but how you capture your handshake. There are two ways
You can choose anyone but Fluxion recommended pyrit So select by pressing 1
This is important step how you want to capture handshake Do you want to disconnect all or specific one. I recommended 1 because it asks for the password everyone. So everyone supposed it is by ISP.
Pressing 1 will disconnect all devices connected to the network. It will open three terminals. 1.One is for capture handshake 2.Second is for disconnecting client so you can capture handshake without waiting for the client who joins the network. 3. Third is fluxion so you can stop other two terminals when handshake is captured Hey, beginner how to read it carefully, When you see WPA handshake is captured like this screenshot. Immediately press 1 in your terminal. Deauthing devices from the network stop internet
It will stop other two windows and ask for the SSL certificate. GO ahead and select 1.
Next window about interface you have only one option web interface select it. selecting the SSL certificate it needs the language of password login page. Choose your language I will select 1
When you select the language fluxion script will open 4 terminal.
On the other side, your victim who is using wifi will be redirected to page like this
Suppose user type wrong password but I told you it capture WPA handshake so it will detect the wrong password and show a warning to the user. And If user type correct password user will be connected to the internet and you will find password like this.
Here is how got password using aircrack-ng and close all other processes. So your victim can use the internet without any problem
How to secure your wifi network from Fluxion
you can stop fluxion attack on your wifi. Basically, you need to stop dos attack
In the modern router, you can disable Dos attack which stops hacker to capture WPA handshake. To do this login to your router. I am using DLink router navigate if you are using d link router too following my steps.
Click on advance tab and navigate to dos settings. Check enable dos prevention and set Whole System Flood: SYN to 2 packets/seconds. Handshake use Syn floods using TCP protocol
if you have any suggestion, problem then comment blow. I reply to everyone :).