FOLLOW ARTICLE BELOW (Step by Step with Commands)
AD : Watch “Kali Linux For Ethical Hacking” Video Tutorial in Youtube Here > https://www.youtube.com/playlist?list=PLEG4CvuvNZdfWvG8lVEBSHJJ8O3cbtWCu
– Before starting, make sure you have eth0, lo, wlan0 in action. (Go to terminal and run ifconfig)
– Let’s start to monitor on the wireless interface, run:
airmon-ng start wlan0
– After executing above command, we must get a new interface mon0 (monitor mode enabled)
– Verify that both interfaces are up and running, run:
– Watch for wlan0 and mon0, run :
– For monitoring all the APs that Kali Linux OS can find out.
– In this next step, notice ESSID, BSSID & ENCRYPTION (ENC) of Wireless
(in this case, let’s assume ESSID in nhc-bj, ENC is WPA2 & BSSID is 00:A1:B2:11:20:13:5T)
– CTRL+C (press)
airodump-ng -w FILE -c 1 –bssid 00:A1:B2:11:20:13:5T mon0
(-c is for channel. Channel is 1 for the BSSID we are trying to connect to, -w is for creating new file with name FILE). With each step done by the tools, we’ll store them in the FILE we just created.
– Once you execute the above command, it starts collecting information and writes it to our file named “FILE”.
– You can leave it open, so it collects information. OR, as we discussed in earlier part of this post, you can carry out de-auth attack.
– For that, open new window and clone a session. Then execute the de-auth attack process.
aireplay-ng -0 0 -a 00:A1:B2:11:20:13:5T mon0
(Let it run for 60sec)
– Check it out in the other window that we left open.
(you will get files as FILE-01.cap FILE-01.csv and others)
– Now, we use a dictionary attack. Run:
aircrack-ng FILE-01.cap -w /pentest/passwords/wordlists/darkc0de.lst
– The process starts for discovering a Pre-Shared Key (Password).
Conclusion: We can find hidden SSIDs, bypass MAC filters and even can crack WP2. Now, how to secure is our WiFi? Well, use really strong passwords, with mixed up contents, so that dictionary attacks would fail to locate it in itslist.