A new, free, open-source tool called Reaver exploits a security hole in wireless routers and can crack most routers' current passwords with relative ease. Here's how to crack a WPA or WPA2 password, step by step, with Reaver—and how to protect your network against Reaver attacks.
There are a number of ways you could set up Reaver, but here are the specific requirements for this guide:
To boot into BackTrack, just put the DVD in your drive and boot your machine from the disc. (Google around if you don't know anything about live CDs/DVDs and need help with this part.) During the boot process, BackTrack will prompt you to to choose the boot mode. Select "BackTrack Text - Default Boot Text Mode" and press Enter.P
Eventually BackTrack will boot to a command line prompt. When you've reached the prompt, type startx and press Enter. BackTrack will boot into its graphical interface.
Step 2: Install Reaver
Reaver has been added to the latest version of BackTrack, but if you are using the older version, you need to install Reaver before proceeding. To install Reaver, you'll first need to connect to the internet. Once you are connected to internet.
Click the Terminal button in the menu bar (or click Applications > Accessories > Terminal). At the prompt, type:
Find your wireless card: Inside Terminal, type
Put your wireless card into monitor mode: Assuming your wireless card's interface name is wlan0, execute the following command to put your wireless card into monitor mode:
This command will output the name of monitor mode interface, which you'll also want to make note of. Most likely, it'll be mon0, like in the screenshot below. Make note of that.
Find the BSSID of the router you want to crack: Lastly, you need to get the unique identifier of the router you're attempting to crack so that you can point Reaver in the right direction. To do this, execute the following command:
You'll see a list of the wireless networks in range—it'll look something like the screenshot below:
You'll see a list of the wireless networks in range—it'll look something like the screenshot below:
When you see the network you want, press Ctrl+C to stop the list from refreshing, then copy that network's BSSID (it's the series of letters, numbers, and colons on the far left). The network should have WPA or WPA2 listed under the ENC column.
Step 4: Crack a Network's WPA Password with Reaver
Now execute the following command in the Terminal, replacing bssid and moninterface with the BSSID and monitor interface and you copied down above
There are a number of ways you could set up Reaver, but here are the specific requirements for this guide:
- The BackTrack 5 Live DVD
- A computer with Wi-Fi and a DVD drive
- A nearby WPA-secured Wi-Fi network
To boot into BackTrack, just put the DVD in your drive and boot your machine from the disc. (Google around if you don't know anything about live CDs/DVDs and need help with this part.) During the boot process, BackTrack will prompt you to to choose the boot mode. Select "BackTrack Text - Default Boot Text Mode" and press Enter.P
Eventually BackTrack will boot to a command line prompt. When you've reached the prompt, type startx and press Enter. BackTrack will boot into its graphical interface.
Step 2: Install Reaver
Reaver has been added to the latest version of BackTrack, but if you are using the older version, you need to install Reaver before proceeding. To install Reaver, you'll first need to connect to the internet. Once you are connected to internet.
Click the Terminal button in the menu bar (or click Applications > Accessories > Terminal). At the prompt, type:
apt-get updateAnd then, after the update completes
apt-get install reaverStep 3: Execute command
Find your wireless card: Inside Terminal, type
iwconfigPress Enter. You should see a wireless device in the subsequent list. Most likely, it'll be named wlan0, but if you have more than one wireless card, or a more unusual networking setup, it may be named something different:
Put your wireless card into monitor mode: Assuming your wireless card's interface name is wlan0, execute the following command to put your wireless card into monitor mode:
airmon-ng start wlan0
This command will output the name of monitor mode interface, which you'll also want to make note of. Most likely, it'll be mon0, like in the screenshot below. Make note of that.
Find the BSSID of the router you want to crack: Lastly, you need to get the unique identifier of the router you're attempting to crack so that you can point Reaver in the right direction. To do this, execute the following command:
airodump-ng mon0
You'll see a list of the wireless networks in range—it'll look something like the screenshot below:
When you see the network you want, press Ctrl+C to stop the list from refreshing, then copy that network's BSSID (it's the series of letters, numbers, and colons on the far left). The network should have WPA or WPA2 listed under the ENC column.
Step 4: Crack a Network's WPA Password with Reaver
Now execute the following command in the Terminal, replacing bssid and moninterface with the BSSID and monitor interface and you copied down above
reaver -i moninterface -b bssid -vvFor example, if your monitor interface was mon0 like mine, and your BSSID was 11:3E:7A:B4:5D:3C (a BSSID I just made up), your command would look like
reaver -i mon0 -b 11:3E:7A:B4:5D:3C -vvPress Enter, sit back, and let Reaver work its workc. Reaver will now try a series of PINs on the router in a brute force attack, one after another. This will take a while.
Posts
0 comments:
Post a Comment