Vous êtes sur la page 1sur 16

Wireless Domination

Completer Guide on wireless hacking..!!

Hack WiFi Install BackTrack Other Cool Stuffs

Hack WiFi How to crack WPA2 WiFi password using reaver (99% chance) !!

« How to crack wep wifi password..!!


How to crack WPA2 and WPA WiFi password – Step by step guide!
»

Subscribe via
Email
How to crack WPA2 WiFi
password using reaver
Enter your email address to
receive notifications of new
posts by email.

(99% chance) !! 10 Email Address

Subscribe
open in browser PRO version Are you a developer? Try out the HTML to PDF API pdfcrowd.com
Subscribe
5 Jun 2013 | Hack WiFi

Like Us
Today I am going to teach you how to easily hack WPA/WPA2-PSK
Hack Wifi
enabled network using reaver. But, for that the targeted router should
support WPS(WiFi Protected Setup) which is supported by most of the Like
Tw eet
router nowadays. WPS is an optional device configuration protocol for
wireless access points which make it really easier to connect. 2,526 people like Hack Wifi.
0
This feature exist in most of the router for the easy setup process through
the WPS pin which is hard-coded into the wireless access point. Reaver
takes the advantage of a vulnerability in WPS. Thanks to Craig Heffner for
releasing an open-source version of this tool named Reaver that exploits the
Subm it vulnerability. In simple tone, Reaver tries to bruteforce the pin; which in
result reveal WPA or WPA2 password after enough time.
8 Fac ebook s oc ial plugin

Like What You’ll Need


0 You do not have to be a expert at Linux or in even using computer. The
simple command-line (console ) will do all the things. But you may need a
lot of time for this process and also some luck. The brute force may take
from 2 hours to more than 10 hours too sometimes. There are various ways
to set up reaver but here are the requirement for this guide.

Share
Backtrack OS. Backtrack is a bootable Linux distribution with lots of
pen-testing tools. You can use various other Linux distribution but I
prefer backtrack. If you don`t know how to install backtrack then please

open in browser PRO version Are you a developer? Try out the HTML to PDF API pdfcrowd.com
check this link first.
A computer and wireless network card. I cannot guarantee if this
will work with all the internal wireless card but i recommend a external
Make Money
wireless card. Online
A lot of Patience. The process is simple but brute forcing the
PIN takes a lot of time. So you have to be patience. Kicking the
Computer won’t help you this time.

Let’s Get Started


Now you should have a backtrack OS ready for action.

Step 1: Boot into BackTrack


You can use any method to boot into backtrack; like from live cd, VMware,
dual boot, etc. So, just boot it first into the GUI mode and open up a new
console(command line) which is in the taskbar. So just boot into backtrack.
During the boot process, BackTrack will prompt you to to choose
the boot options. Select “BackTrack Text – Default Boot Text Mode”
and press Enter.

After some time Backtrack will take you into a command line prompt where
you should type startx and press Enter. BackTrack will boot will into
Graphical User Interface (GUI) mode.

Step 2: Install Reaver(Skip this step if you are using


BackTrack 5)
open in browser PRO version Are you a developer? Try out the HTML to PDF API pdfcrowd.com
Reaver should be already installed in the Backtrack 5 but if you are using
older backtrack or any other Linux distribution you can install Reaver by
using few steps below.

1. First Connect your BackTrack to the internet. For WiFi connection go


to Application > Internet > Wicd Network Manager
2. Select your network and click connect and input your
password if necessary, click OK and click CONNECT the
second time.

Now that you are connected to internet its time to install Reaver. Click the
terminal icon in the menu bar. And at the console type the following:

apt-get update
apt-get install reaver

Now if everything worked fine you will get a freshly installed Reaver ?

tool. Now if you are testing it in your own system then please go to
Wicd Network Manager and Disconnect yourself first.

Step 3 : Gather Information


Before launching the Reaver attack you need to know your target wireless
network name, BSSID ( it is the series of unique letters and number of a
particular router) and its channel number. So to know this make your
wireless card into monitor mode and gather the required information of the
access points. So let us do all these things.

First lets find your wireless card. Inside terminal or console, type:

open in browser PRO version Are you a developer? Try out the HTML to PDF API pdfcrowd.com
airmon-ng

Press Enter and there you should see a list of interface names of
different devices. There should be a wireless device in that list you
you have connected it to BackTrack. Probably it may be wlan0 or
wlan1.

Note: To connect your wireless network card into WMware. Firstly,


connect it to the USB and then you will see a small USB icon like in
the figure in the top right of VMware. Then, right click on it and click
connect. At last, USB sign will turn into green colour and start to
glow.

Enable monitor mode. Supposing your wireless card interface


open in browser PRO version Are you a developer? Try out the HTML to PDF API pdfcrowd.com
name as wlan0, type this command in that same console.

airmon-ng start wlan0

This code will create a new monitor mode interface mon0 like in the
screenshot below which you want to keep note of.

Search the BSSID of the Access Point(router) you want to


crack. There are few ways to search for the Access Point BSSID
but I prefer to use the inbuilt reaver search method which shows the
list of WPS vulnerable BSSID only.

open in browser PRO version Are you a developer? Try out the HTML to PDF API pdfcrowd.com
Watch TV Online (FREE)!
Stream over 2,150 Channels. One-Time Setup Fee
Unlimited Access

In the console type this following command and press enter:

wash -i mon0

You will see the list of wireless networks that support WPS which
are vulnerable to Reaver as seen in the screenshot below. After few
minutes you can stop the scan by pressing Ctrl+C.

Step 4: Lets start Cracking


I suggest you to try to crack the ones which have WPS lock
disabled or say “NO” in WPS Locked column. It may also work if it
says YES but I am not sure of that. For that, copy the BSSID of the
target AP and also keep note of its channel and in the console and
type the following and Enter:

open in browser PRO version Are you a developer? Try out the HTML to PDF API pdfcrowd.com
reaver -i monitormode -c channel -b targetbssid -vv

For My Case the monitor mode will be mon0 channel would be 1


,targetbssid would be C8:3A:35:54:88:81 and -vv is written to show
the current statistic of the attack like percentage completed,
currently brute forcing PIN and so on; so we will type the following
and enter:

reaver -i mon0 -c 1 -b C8:3A:35:54:88:81 -vv

Press Enter and if everything goes right then you will see the attack
process like in the screenshot below. Please note that you will not
get “Restore previous session…” like me because I have already
tried to crack it so, it is prompting me to either to resume from that
paused point or not. Your progress will also be saved if your press
Ctrl+C. It will prompt you the same if you again hit the same above
command and you can resume it from there.

open in browser PRO version Are you a developer? Try out the HTML to PDF API pdfcrowd.com
Now just wait or have some coffee and let Reaver do its magic. It
might take from 2 hours to 10 hours or more. There are 8 numeric
digits of WPS but due the fact that WPS authentication protocol
cuts the pin in half and validates each half separately. Since the last
digit of pin is a cheksum value which can be calculated on the basis
of previous value there are 10^4=10,000 possible values for first half
and then 10^3=1000 values for the last pin. So the WPS pin code
can be calculated in 11,000 possible pin code. Some AP can check
the WPS pin in the rate of 1 pin per second and some take more so
the time depend upon the AP and even the network connection
strength depends too.

When the PIN is successfully brute-forced Reaver will show you the
WPS PIN and the plain password of the AP like in the below
screenshot.

I recommend you to keep note of the WPS pin so that if the


open in browser PRO version Are you a developer? Try out the HTML to PDF API pdfcrowd.com
password is changed again you can hack that in few seconds the
next time by using the following process.

reaver -i (monitor interface) -b (BSSID) -c (channel) –pin=(8 digit


pin) -vv

Example:

reaver -i mon0 -b 11:22:33:44:55:66 -c 1 –pin=12345678 -vv

So now the error part as you might get a bunch of error depending
upon your conditions. You might get some timeout but it is normal
but if you are getting other errors then see the below Error section
for that

Error Section:

If you are getting the following error then check the corresponding
solution for that.

If 10 consecutive unexpected WPS errors are encountered, a


warning message will be shown. Since this may be a sign that
the AP is rate limiting pin attempts, a waiting command can be
issued that will occur whenever these warning messages
appears by issuing the following command:

reaver -i mon0 -b 00:01:02:03:04:05 --fail-wait=360

The default receive timeout period is 5 seconds. This timeout


period can be set manually if necessary (minimum timeout
period is 1 second):

open in browser PRO version Are you a developer? Try out the HTML to PDF API pdfcrowd.com
reaver -i mon0 -b 00:01:02:03:04:05 -t 3

The default delay period between pin attempts is 1 second. This


value can be increased or decreased to any value. Please note
that 0 means no delay:

reaver -i mon0 -b 00:01:02:03:04:05 -d 0

So here ends the tutorial on how to crack wireless network easily


using reaver. Good Luck Hacking…!!!

10 thoughts on “How to crack WPA2 WiFi password


using reaver (99% chance) !!”
Jun 15, 2013 8:42 pm
Mattke

Reply Heya we are the very first time right here. I


stumbled onto this kind of plank and I to seek out
open in browser PRO version Are you a developer? Try out the HTML to PDF API pdfcrowd.com
It genuinely helpful & the idea taught me to be
out there lots. I hope to supply a thing returning
plus support other folks like you served my
family.

Jun 16, 2013 5:18 am


Click Here

Reply Someone essentially lend a hand to make


significantly articles I might state. That is the first
time I frequented your web page and to this
point? I surprised with the research you made to
create this actual submit incredible. Fantastic
activity!

Aug 13, 2013 5:08 pm


insanelymike

Reply hello when i start to crack the wireless network


using the reaver command
i just only get this 3 lines these ones:

[+] switching mon0 to channel 11


[+] waiting for beacon from xx:xx:xx:xx:xx:xx
[+] associated with xx:xx:xx:xx:xx:xx (ESSID:
xxxxxxxxxxx)

thats all i get the cursor stops there and it


doesnt do nothing!
open in browser PRO version Are you a developer? Try out the HTML to PDF API pdfcrowd.com
please help
forgive my bad english
regards greetings from mexico.

Aug 14, 2013 2:52 am


Admin
Reply
Have you used the reaver command for
those accesss points which comes in the
list of ( wash -i mon0 ) or is that from (
airodump-ng mon0 )

Aug 16, 2013 9:28 am


2rko2rero

Reply reaver -i mon0 -b 00:01:02:03:04:05 –fail-


wait=360
Do i have to exit reaver to execute the
commands above
Thanks great wisdom you shared!

Aug 17, 2013 3:33 am


Admin
Reply
Stop any other reaver process if it is
running by pressing Ctrl+C and then apply
this command. And also use -vv at the
open in browser PRO version Are you a developer? Try out the HTML to PDF API pdfcrowd.com
end of this command.

Aug 20, 2013 7:51 am


meizitang

Reply Awesome! Its really awesome article, I have got


much clear idea on the topic of from this article.

Aug 23, 2013 12:12 am


Sinu

Reply If i get WPS pin, what i will do for getting new


password

Aug 28, 2013 3:46 am


Admin
Reply
You have to write the following command..
reaver -i mon0 –bssid XX:XX:XX:XX:XX -c
(channel) –pin=”12345678″ -vv

Sep 2, 2013 3:19 pm


ramees

Reply hello

open in browser PRO version Are you a developer? Try out the HTML to PDF API pdfcrowd.com
I am looking for wpa2 password hacking i can’t
this type meth herd

can you help me

Leave a Reply
Author (required)

Email (will not be


published)(required)

Website

b i link b-quote code close tags

open in browser PRO version Are you a developer? Try out the HTML to PDF API pdfcrowd.com
Post Comment

Notify me of follow-up comments by email.

Notify me of new posts by email.

« How to crack wep wifi password..!!


How to crack WPA2 and WPA WiFi password – Step by step guide!
»

© 2013 Wireless Domination — All Rights Reserved.

open in browser PRO version Are you a developer? Try out the HTML to PDF API pdfcrowd.com

Vous aimerez peut-être aussi