Académique Documents
Professionnel Documents
Culture Documents
WirelesSHack
Source of news for electronic projects including Kali Linux, Wireless Security, KODI, SDR, Raspberry Pi, How-To-
information, Guides and Tutorials.
Home
KODI
SDR
Raspberry Pi
Pen Testing
WIFI and Wireless
This is a multiple part series for someone new to wireless hacking, with
pictures and videos.
Introduction To Kali and WiFi Pen Testing
How to Install Kali Linux
WEP Hacking
Kali Linux and Reaver
Getting a Handshake and a Data Capture, WPA Dictionary Attack
Using Aircrack and a Dictionary to Crack a WPA Data Capture
Cracking a WPA Capture with the GPU using HashCat
Next Creating a Dictionary / Wordlist with Crunch Part 8
1 of 24 01/08/17 14:04
Step By Step Kali Linux and Wireless Hacking Bas... http://www.wirelesshack.org/step-by-step-kali-linu...
Note: If you are using a updated version of Kali and aicrack-ng mon0
interface has been changed to wlan0mon. Read here for more info.
Also this is a good place to start for someone new to wireless pen testing
before moving on to WPA encryption.
The basic idea of this attack is to capture as much trac as possible using
airodump-ng. Each data packet has an associated three byte Initialization
Vector called IVs. After the attack is launched the goal is to get as many
encrypted data packets or IVs as possible then use aircrack-ng on the
captured le and show the password.
At this point Kali Linux should be running along with the WEP encrypted
router and a wireless connected device. Also a wireless USB adapter
should be plugged in and ready.
Open a terminal window by pressing the terminal icon at the top left.
2 of 24 01/08/17 14:04
Step By Step Kali Linux and Wireless Hacking Bas... http://www.wirelesshack.org/step-by-step-kali-linu...
Next type in the command airmon-ng without the quotes to see if your
adapter is seen by Kali Linux. It should show the interface, chipset, and
driver. If it doesnt then some troubleshooting will have to be done as to
why the adapter is not seen.
Next type in airmon-ng start wlan0 to set the USB adapter into monitor
mode.
3 of 24 01/08/17 14:04
Step By Step Kali Linux and Wireless Hacking Bas... http://www.wirelesshack.org/step-by-step-kali-linu...
Now we need to see what routers are out there and nd the test router.
To do this run the command airodump-ng mon0. After this command is
run a screen will come up showing the routers in range and there
information.
(If a adapter comes up enabled on mon1 or mon2 simply used that instead
of mon0)
4 of 24 01/08/17 14:04
Step By Step Kali Linux and Wireless Hacking Bas... http://www.wirelesshack.org/step-by-step-kali-linu...
The test machine that was setup should be seen along with its
information. The information needed will be the BSSID, channel (CH), and
ESSID. The test machine here is the dlink router with the BSSID:
00:26:5A:F2:57:2B the channel is on 6 and the ESSID is dlink.
Once this information is seen dont close the terminal window press
CTRL+C inside the window to stop it from using the USB adapter and
leave it to refer back to.
Open another terminal window to run the next command. Also when
done this way the BSSID can be simply copied and pasted when needed.
Change the le name, channel, and bssid to match your test router. Copy
the information from the rst terminal window. Copy and pasting the
BSSID into the new terminal window is much quicker then typing it for
5 of 24 01/08/17 14:04
Step By Step Kali Linux and Wireless Hacking Bas... http://www.wirelesshack.org/step-by-step-kali-linu...
most.
airodump-ng -w (ESSID) -c (channel) bssid (BSSID) mon0
After this is done correctly a window will come up and show information
about the target router. The main feedback we need to watch is the
Beacons and the Data.
These numbers will start at zero and grow as trac is passed between
the router and another device. As these numbers grow, they are being
captured in the le specied in the previous command for this example it
would be a le named dink. IVs need to grow big to crack the password
usually at least 20,000 plus, but ideally 100,000 plus. At this point
someone can simply wait for the IVs to grow large enough to crack the
6 of 24 01/08/17 14:04
Step By Step Kali Linux and Wireless Hacking Bas... http://www.wirelesshack.org/step-by-step-kali-linu...
To speed up the IVs open a third terminal window letting the second run
capturing the data. In the new terminal window the aireplay-ng command
will be used in a two part process rst use the command aireplay-ng -1 0
-a (BSSID) mon0. So for this example it would be aireplay-ng -1 0 -a
00:26:5A:F2:57:2B mon0
After this run the command airplay-ng -3 -b (BSSID) mon0 for this
example it would be the following:
aireplay-ng -3 -b 00:26:5A:F2:57:2B mon0
7 of 24 01/08/17 14:04
Step By Step Kali Linux and Wireless Hacking Bas... http://www.wirelesshack.org/step-by-step-kali-linu...
This will begin sending out ARP request and the data and the beacons
should begin to grow quickly. Again speeding up the capturing of the IVs
is not necessary but handy.
To use aircrack-ng we need the data le being written to the hard drive. In
this example it is dlink. Open a new terminal window and type the
command ls to see the le. The one aircrack-ng needs is the .CAP le
here it is called dlink-01.cap.
Aircrack will begin to run and start to crack the password. Here is what is
what it looks like when it is done.
8 of 24 01/08/17 14:04
Step By Step Kali Linux and Wireless Hacking Bas... http://www.wirelesshack.org/step-by-step-kali-linu...
After Key Found it shows the password in hexadecimal or ASCII they are
the same and either one can be used. For this example the password on
the router was 12345.
9 of 24 01/08/17 14:04
Step By Step Kali Linux and Wireless Hacking Bas... http://www.wirelesshack.org/step-by-step-kali-linu...
Wireless Security
Step By Step Kali Linux and Wireless Step By Step Kali Linux and Wireless Hacking
Hacking Basics Installation Part 2 Basics Reaver Part 4
10 of 24 01/08/17 14:04
Step By Step Kali Linux and Wireless Hacking Bas... http://www.wirelesshack.org/step-by-step-kali-linu...
31 thoughts on Step By Step Kali Linux and Wireless Hacking Basics WEP Hacking Part
3
Tecno
October 18, 2015
Ive a problem on the terminal im new with Kali and linux in general, im using bootable
USB this is the the problem im facing:
Reply
WirelessHack
October 18, 2015
Kali 2.0 has been having these errors with some setups.
11 of 24 01/08/17 14:04
Step By Step Kali Linux and Wireless Hacking Bas... http://www.wirelesshack.org/step-by-step-kali-linu...
Reply
ANISH
December 19, 2015
Reply
WirelessHack
December 19, 2015
@ANISH: Kali is not seeing your WiFi at all be sure you have Kali compatible USB
adapter.
12 of 24 01/08/17 14:04
Step By Step Kali Linux and Wireless Hacking Bas... http://www.wirelesshack.org/step-by-step-kali-linu...
Reply
zero
January 6, 2016
how do we troubleshoot the adapter so that kali can see the adapteram having
trouble doing that
Reply
Halp
October 24, 2015
Reply
Halp
October 24, 2015
Extra info: Im not getting any handshake during airodump, nor am I getting any
stations.
Reply
WirelessHack
October 25, 2015
Do you have a Kali Linux compatible USB adapter? How are you running Kali?
Reply
chand
December 18, 2015
A.s to All and i have a poblem that i have also running the kali linux but i can not access
13 of 24 01/08/17 14:04
Step By Step Kali Linux and Wireless Hacking Bas... http://www.wirelesshack.org/step-by-step-kali-linu...
the wi password by using the wite and and some others commands
wpa/wpa2.:)Have a any person who will help me.?
Reply
Norm Perron
December 25, 2015
Im just getting started with Kali. Using the booted DVD. In Terminal, entering
airmon-ng shows:
phy0 wlan0 i Intel wireless-n 2230
phy1 wlan1mon rt2800usb asustek usb-n53 ralink rt3572
entering airodump-ng *
where for * I entered lots of possible strings like wlan1monmon, [phy1]wlan1mon
I always get:
arp linktype is set to 1 (ethernet) = expected arphrd_ieee80211,
arphrd_ieee80211_full
make sure rfmon is enabled: run airmon-ng start wlan1monmon
sysfs injection support was not found either.
Questions:
should my last commend be dierent?
could i be getting a false reading on injection support (looking for the wrong device)?
assuming this asus ralink rt3572 is not supported, i also have a eub-362 usb client, does
anyone know if that is supported?
Thanks, Norm
Reply
14 of 24 01/08/17 14:04
Step By Step Kali Linux and Wireless Hacking Bas... http://www.wirelesshack.org/step-by-step-kali-linu...
Norm Perron
December 25, 2015
Also, Kali 2.0 has timed out, with the time and date showing and some arrows pointing
up. How do I get back to the terminal session while running the bootable cd? Thanks
Reply
Alex
January 1, 2016
While capturing the selected network, my beacons grow slowly, and #Data is always
zero. When I use aircrack-ng it says Got no data packets from target network!
Can anyone help me out? Please. Thanks in advance.
Reply
buzz
January 8, 2016
did you use the terminal commands that speed it up? and is there any real world trac
on the ap?
Reply
I
February 26, 2016
Same here
Reply
SH
January 12, 2016
15 of 24 01/08/17 14:04
Step By Step Kali Linux and Wireless Hacking Bas... http://www.wirelesshack.org/step-by-step-kali-linu...
Reply
SH
January 12, 2016
Reply
hex
January 17, 2016
Hello WirelessHack,
Ive been testing your tutorial on my wireless network and after all procedure you
mentioned here, I got HEX of my password but it is wrong. I tried it couple of times,
same result. Any ideas?
Reply
NoobGUY
February 1, 2016
NEED HELP with 7th Picture from the starting in this post.
can anyone tell what does the word frames in 7th pic refer to?
Reply
16 of 24 01/08/17 14:04
Step By Step Kali Linux and Wireless Hacking Bas... http://www.wirelesshack.org/step-by-step-kali-linu...
Dale T
February 17, 2016
Hi, I ran aircrack (v1.2 rc3) on a .cap le [WEP network] and it says key found
[xx:xx:xx:xx:xx], but this is all I get. Now how do convert this information into the
password?
Any help with this would be greatly appreciated!
Reply
COOL
February 25, 2016
Reply
Devashish
March 25, 2016
I am having a problem in the very begining . As i just installed kali linux , every time i
type airmon-ng it shows your kernel supports rfkill but you donot have rfkill installed .
When i type
Apt-get install rfkill
It says unable to locate pacage rfkill . I have tried update and upgrade as well .. please
help . !!!
Reply
matt
March 30, 2016
Reply
Silent Killer
17 of 24 01/08/17 14:04
Step By Step Kali Linux and Wireless Hacking Bas... http://www.wirelesshack.org/step-by-step-kali-linu...
Reply
Tharindu
April 28, 2016
Hi every one is this method not working for me any one else i think impossible to hack
wi wep2 ,wep password ?am i right
Pls admin you have to correct post for your readers
Thank you
Reply
bobee
April 28, 2016
Reply
Predator
May 17, 2016
Opening pre-01.cap
18 of 24 01/08/17 14:04
Step By Step Kali Linux and Wireless Hacking Bas... http://www.wirelesshack.org/step-by-step-kali-linu...
Reply
jainy
July 20, 2016
root@lovebirds:~# airmon-ng
root@lovebirds:~#
Reply
john
August 27, 2016
i have a problem with wlan0, when i open terminal then i go type airmon-ng then i will
see interface, drive, chip and phy but no wlan0, so what can i do from here?
Reply
khali
October 31, 2016
Reply
Manu
November 22, 2016
19 of 24 01/08/17 14:04
Step By Step Kali Linux and Wireless Hacking Bas... http://www.wirelesshack.org/step-by-step-kali-linu...
Reply
Who am I
December 17, 2016
My #data still takes a lot of time to grow. I used the speed up suggestion, it just reads
the packets
Reply
Leave a Reply
Your email address will not be published. Required elds are marked *
Comment
Name *
Email *
Website
20 of 24 01/08/17 14:04
Step By Step Kali Linux and Wireless Hacking Bas... http://www.wirelesshack.org/step-by-step-kali-linu...
Post Comment
Our Picks for Best Hardware Boxes To Run KODI Media Center
Our Picks for Best Android TV Box Remote Controls and Keyboards
21 of 24 01/08/17 14:04
Step By Step Kali Linux and Wireless Hacking Bas... http://www.wirelesshack.org/step-by-step-kali-linu...
Recent Posts
Our Picks for Best Echo DOT Alexa Smart Light Switches
22 of 24 01/08/17 14:04
Step By Step Kali Linux and Wireless Hacking Bas... http://www.wirelesshack.org/step-by-step-kali-linu...
Our Picks for Best Echo DOT Alexa WiFi Smart Plug Outlets
Our Picks For Best Amazon Echo Dot Alexa Smart Light Bulbs
Our Picks for the Best Amazon Echo DOT Bluetooth Speakers
23 of 24 01/08/17 14:04
Step By Step Kali Linux and Wireless Hacking Bas... http://www.wirelesshack.org/step-by-step-kali-linu...
Our Picks for Best WiFi USB Adapters with High Gain Antennas
How To Install Kodi On a Android Phone and Stream TV Shows and Movies
All information on this site is for testing and educational purposes only; for use by network secu-
rity administrators, penetration testing professionals, hobbyist and wireless enthusiast. Kodi is a
free Open Source media player which we are not aliated with. Any Kodi add-on should only be
used to stream public domain content.
Wirelesshack.org is a source of news for electronic projects including Kali Linux, Wireless Security,
Network Security, Raspberry Pi, How-To- information, Guides and Tutorials.
Privacy Policy
provide a means for sites to earn advertising fees by advertising and linking
www.wireleshack.org to Amazon properties including, but not limited to,
amazon.com, endless.com, myhabit.com, smallparts.com, or amazonwireless.com
24 of 24 01/08/17 14:04