The wireless NIC and used kernel driver is depicted on the Picture 2.ġ.
Note: Here is captured traffic with 4-way handshake file - output_file-01.7z. Example of captured handshake between AP (94:44:52:4a:d1:54) and client (00:b5:d0:f0:c7:81) is depicted on the Picture 1. PTK is unique between client and AP ( 1). During handshake, PTK ( Pairwise Transit Keys) is generated and it is used to encrypt traffic between station and AP. The passphrase is in a notorious well known dictionary - rockyyout.txt.Ĥ-way handshake is the process of exchanging 4 messages between AP (authenticator) and client (supplicant) to generate encryption keys that are used to encrypt data sent over wireless medium. For the purpose of demonstration, we are going to brute force a passphrase with 9 characters. Finding a key with random 20 characters by the brute force method is impossible at a convenient time unless the passphrase is in the dictionary. The length of pre-shared key is from 8 to 63 characters. However, this method is loud and it may get unwilling attention, in case of many deauthentication attempts. As a result, clients must re-authenticate. The active way speed up the whole process as an attacker deauthenticate an existing wireless client (all all clients) in order to obtain handshake. The passive way can be time consuming as an attacker waits for client to authenticate to WPA/WPA2 network. Handshake can be captured either in passive way, or active way. Our goal is to to capture WPA/WPA2 authentication handshake and use aircrack-ng suite to crack pre-shared key. Therefore, I highly recommend that you use your own devices. Please, be aware that cracking into a network that is not your is illegal. Note: Tutorial is written for demonstration purpose only.
However, I strongly recommend getting a background to this topic by studying online resources before experimenting to understand what's going on under the hood.
Instead of explaining the theory behind the attack, I focus on providing commands that you can easily copy and paste and penetrate the network. This tutorial illustrates cracking of pre-shared key which is needed to gain an access to a WPA/WPA2 network.
0 kommentar(er)
