How to hack wifi wpa/wpa2 with backtrack 5

Click on the Send Now option to send the packet for 4-way authentication. Wait some time - it will capture the packet. Your capture work is done. Now open Elcomsoft Wireless Security Auditor to crack your wifi password: 1. It will show you information about AP and Multiple Handshake selection information.

Click on Ok. Click on the Start attack option and select the Dictionary Attack option. However, your other attack's options are also available. You should see a wireless device in the subsequent list.

Most likely, it'll be named wlan0 , but if you have more than one wireless card, or a more unusual networking setup, it may be named something different. Put your wireless card into monitor mode: Assuming your wireless card's interface name is wlan0 , execute the following command to put your wireless card into monitor mode:. This command will output the name of monitor mode interface, which you'll also want to make note of.

Most likely, it'll be mon0 , like in the screenshot below. Make note of that. Find the BSSID of the router you want to crack: Lastly, you need to get the unique identifier of the router you're attempting to crack so that you can point Reaver in the right direction.

To do this, execute the following command:. Note: If airodump-ng wlan0 doesn't work for you, you may want to try the monitor interface instead—e. You'll see a list of the wireless networks in range—it'll look something like the screenshot below:.

Now execute the following command in the Terminal, replacing bssid and moninterface with the BSSID and monitor interface and you copied down above:. Press Enter, sit back, and let Reaver work its disturbing magic. Reaver will now try a series of PINs on the router in a brute force attack, one after another. This will take a while. In my successful test, Reaver took 2 hours and 30 minutes to crack the network and deliver me with the correct password.

As mentioned above, the Reaver documentation says it can take between 4 and 10 hours, so it could take more or less time than I experienced, depending. When Reaver's cracking has completed, it'll look like this:. A few important factors to consider: Reaver worked exactly as advertised in my test, but it won't necessarily work on all routers see more below. Also, the router you're cracking needs to have a relatively strong signal, so if you're hardly in range of a router, you'll likely experience problems, and Reaver may not work.

Throughout the process, Reaver would sometimes experience a timeout, sometimes get locked in a loop trying the same PIN repeatedly, and so on. I just let it keep on running, and kept it close to the router, and eventually it worked its way through. This will quit the process, but Reaver will save any progress so that next time you run the command, you can pick up where you left off-as long as you don't shut down your computer which, if you're running off a live DVD, will reset everything.

Now that you've seen how to use Reaver, let's take a quick overview of how Reaver works. It's a feature that exists on many routers, intended to provide an easy setup process, and it's tied to a PIN that's hard-coded into the device. Read more details about the vulnerability at Sean Gallagher's excellent post on Ars Technica.

Using the above methods, you should have known the encryption-type of targeted WiFi network which you want to hack. My methods require KALI Linux which is especially designed Linux distrbution for penetration testing and ethical hacking.

You can download it for free from its official site. You will also need Aircrack-ng which is a security suite to assess WiFi network security. It focuses on different area of WiFi security: monitoring, attacking, testing and cracking. Another important requirement is to check if your wireless card is compatible with Aircrack-ng or not. You can either scroll down to read each and every WiFi hacking method or can directly jump to the required section below using these links:.

Now follow these below steps:. And, allowed size of password is 64 characters. I hate to tell you this but yes, doing it on your own can take forever. The tool is fluxion. Instead of doing this, it performs a little bit of phishing where the already connected user is asked to enter password of WiFi network again for security reason and when the user enter the password, first the handshake is checked with the earlier captured handshake of the device, if handshake is correct that means the password entered by user is correct.

Once it is successful, Fluxion returns the key required to authenticate the network. Anyone in the WiFi range can connect his device to the network without any password in enjoy free internet.

However, these networks are rarely available and also risky. It will show you what network interface are you using. In my system, I have only one network interface card wlan0 , which is my wireless interface card.