How to crack a Wi-Fi network with WPA encryption.
-->
Despite the presence of condemning the comments in the style of "you can not teach people to break the network" we are once again reminded that the knowledge and the way of using it - quite different things. course, is to use someone else's router in any case impossible.This material does not include many clarifications on the implementation of burglary and is only indicative sense. He calls not break the network, and properly configure the router in order to avoid being smashed.
Despite the presence of condemning the comments in the style of "you can not teach people to break the network" we are once again reminded that the knowledge and the way of using it - quite different things. course, is to use someone else's router in any case impossible.This material does not include many clarifications on the implementation of burglary and is only indicative sense. He calls not break the network, and properly configure the router in order to avoid being smashed.
Many of us are eager to embrace the fact that WPA encryption is bulletproof for all types of attacks, however, many manufacturers of routers still inexplicably make active WPS function with authentication by PIN code. The fact that the 8-PIN iznachny based on such algorithm that an attacker is sufficient to select only the first 7 characters of the code, with the first four and the last three are selected separately, for a total of only 11,000 maximum possible code. In practice, it is quite simply chosen.
To crack Wi-Fi network with a WPS attacker will need:
- BackTrack 5 Live CD
- computer with a Wi-Fi adapter and a DVD-drive
- your Wi-Fi network with WPA encryption and WPS enabled
- some patience
Since the R2 version of BackTrack 5 includes a tool called Reaver, that exploits a vulnerability WPS. To crack is necessary to collect some information, in particular, the interface name of your wireless card and router BSSID victim. It is also necessary to translate Wi-Fi card into monitor mode.
In the terminal, type the following command:
iwconfig
Press Enter. If you have a wireless card, then most likely, it will be called wlan0. In any case, in the future enough to replace wlan0 for your option, and it will work.
We translate the card into monitor mode:
airmon-ng start wlan0
Among other information, you need to remember the name of the interface monitor mode, in this case mon0.
Learn BSSID router victims:
airodump-ng wlan0
If that fails, then try:
airodump-ng mon
When the list that appears, find the desired network, you can press Ctrl + C to stop the updating of the list. Copy the BSSID and proceed to the most interesting.In the terminal, enter:
reaver-i moninterface-b bssid-vv
moninterface - name of the interface monitor mode, bssid - BSSID router victim
The process has started. You can drink tea, play with the cat and do other interesting things. Utility can take up to 10 hours for the selection of PIN. If successful, you will receive a PIN and password to the access point.
Protection
To protect against this kind of thing, you need to disable WPS (some models can be called QSS) in the settings of the router. Do not want to be and set the MAC filter through which all field devices can not connect to the network (however, and will not rule out the possibility that an attacker gains access to the list of allowed MAC addresses and falsifies the address).
Social Plugin