Tutorial Wifi hack for Kali Linux NetHunter Sported Devices Name Nexus 5, Oneplus One, Nexus 6

by - February 23, 2017

Hacking WEP network

If you've followed my previous posts on Hacking Wifi (WEP), you know there's a lot of homework you have to do before you even start hacking. But not here. With Wifite, its as easy and simple as a single command.
wifite -wep
You might even have used the command
wifite
If you see any error at this stage move to the bottom of the page for troubleshooting tips. If your issue is not listed please comment. We reply within a day.
The -wep makes it clear to wifite that you want to hack WEP wifis only. It'll scan the networks for you, and when you think it has scanned enough, you can tell it to stop by typing ctrl+c. It'll then ask you which wifi to hack. In my case, I didn't specify -wep so it shows all the wifis in range.
 You can also select all and then go take a nap (or maybe go to sleep). When you wake up, you might be hacking all the wifi passwords in front of you. I typed one and it had gathered 7000 IVs (data packets) within 5 mins. Basically you can except it to hack the wifi in 10 mins approx. Notice how it automatically did the fake auth and ARP replay.
Here are a few more screenshots of the working of Wifite, from their official website (./wifite.py is not something that should bother you. You can stick with the simple wifite. Also, specifying the channel is optional so even the -c 6 was unnecessary. Notice that instead of ARP replay, the fragmentation attack was used, using -frag) -

 Hacking WPS wasn't fast (it took hours), but it was easy and didn't require you to do anything but wait.
 Note, the limitation that many reader on my blog are beginners forbid me from introducing too many attacks. I made a tutorial about ARP replay attack, and that too was detailed as hell. However, Wifite makes it possible for you to use any method that you want to use, by just naming it. As you saw in the screenshot above, the fragmentation attack was carried out just by typing -frag. Similarly, many other attacks can be played with. A good idea would be to execute the following-
wifite -help
This will tell you about the common usage commands, which will be very useful. Here is the list of WEP commands for different attacks-
    WEP
-wep         only target WEP networks [off]
-pps <num>   set the number of packets per second to inject [600]
-wept <sec>  sec to wait for each attack, 0 implies endless [600]
-chopchop    use chopchop attack      [on]
-arpreplay   use arpreplay attack     [on]
-fragment    use fragmentation attack [on]
-caffelatte  use caffe-latte attack   [on]
-p0841       use -p0841 attack        [on]
-hirte       use hirte (cfrag) attack [on]
-nofakeauth  stop attack if fake authentication fails    [off]
-wepca <n>   start cracking when number of ivs surpass n [10000]
-wepsave     save a copy of .cap files to this directory [off]
As you can see, its the same thing as is there on the help screenshot. Play around with the attacks and see what you can do. Hacking WPA without WPS wouldn't be that easy, and while I don't usually do this, I'm providing a link to an external website for the tutorial . This is the best WPA cracking tutorial I've seen, and I can't write a better one. It's highly detailed, and I'm just hoping I don't lose my audience to that website. Here is the tutorial - Cracking Wifi WPA/WPA2 passwords using pyrit cowpatty in Kali Linux

Troubleshooting

Wifite quits unexpectedly, sating "Scanning for wireless devices. No wireless interfaces were found. You need to plug in a wifi device or install drivers. Quitting."
You are using Kali inside a virtual machine most probably. Virtual machine does not support internal wireless card. Either buy an external wireless card, or do a live boot / side boot with Windows. Anything other than Virtual machine in general.

Another attack automating script : Fluxion

Wifite is cool and all, but doesn't do much against the invincible WPA-2 networks. Using a combination of evil-twin and man in the middle sort of attacks, fluxion tries to fool a client into giving you the key to the WPA-2 protected access point. Sounds interesting? Take a look.

You May Also Like

0 comments

Search This Blog