Hi my dear hackers, Many of our readers ask us How to hack WiFi. So we are planed to start a series of Hacking WiFi, starting from the terms and technology and ends with the advances hacks.
Every one wants to open the laptop and type something and hack but that is impossible, To be a master hacker first you must clearly understand about the basics. Because always foundation is important.
After the basic guides will cover wardriving, DOS attacks, password hacking (WEP, WPA, WPA2, WPS, and WPA-enterprise), rogue APs, evil twins, Wi-Fi MitM, and Wi-Fi snooping. Lastly, we’ll examine how to hack Bluetooth (yes, I know, technically it’s not Wi-Fi, but I think you’ll find it interesting).
So come on, let us hack hack WiFi
Step 1 : Terminology
To do something we must know about the basic terms and technologies, So let us address some terminologies .
To begin, the access point that sends out the radio frequency (RF) signal is known as the AP. These APs are capable of sending out signals (between 2.4 and 5 Ghz) that comply with a number of different standards. These standards are known as 802.11a, 802.11b, 802.11g, and 802.11n. In the very near future, we’ll see a new standard that’s tentatively named 802.11ac.
The following table shows the key features of the WiFi standards
These standards are generally backwardly compatible, so that a wireless and adapter will also be able to pick up g and b signals. We will focus upon the most widely used of these standards— b, g, and n.
Step 2 : Security Technologies From the view of the hacker, wireless security technologies are among the most important aspect. Multiple security technologies have been deployed in Wi-Fi to make an inherently insecure technology secure. Our attack approach will depend upon which of these security technologies is being deployed.
So let us look a quick view of that
WEP
WEP, which is also called as wired equivalent privacy, was the first wireless security scheme employed. As it name implies, it was designed to provide security to the end-user that was essentially equivalent to the privacy that was enjoyed in a wired environment. Unfortunately, it failed miserably.
For many reasons, WEP is extraordinarily easy to crack because of a flawed implementation of the RC4 encryption algorithm. It’s not unusual to be able to crack WEP in less than 5 minutes.
This is because WEP used a very small (24-bit) initialization vector (IV) that could be captured in the datastream, and this IV could then be used to discover the password using statistical techniques.
But i found that this security system is still used in homes, Small offices. 
WAP
WPA was the response by the industry to the revealed weaknesses of WEP. It’s often referred to as WPA1 to distinguish it from WPA2.
WPA used Temporal Key Integrity Protocol (TKIP) to improve the security of WEP without requiring new hardware. It still uses WEP for encryption, but it makes the statistical attacks used to crack WEP much more difficult and time-consuming.
WAP2-PSK
WPA2-PSK is the implementation of WPA2 for the home or small business user. As the name implies, it’s the WPA2 implementation that uses a pre-shared key (PSK). It’s this security standard that is used by most houses today, and although it’s far more secure, it’s still vulnerable to various attacks.
A feature that was added in 2007 called Wi-Fi Protected Setup, or WPS, allows us to bypass the security in WP2-PSK. We’ll look at a few attacks on WPA2-PSK in coming weeks.WAP2-AESWPA2-AES is the enterprise implementation of WPA2. It uses the Advanced Encryption Standard or AES to encrypt data and is the most secure. It’s often coupled with a RADIUS server that is dedicated for authentication.By comparing to other security encryption cracking this is little difficult.
Step 3 : Channels
Everyone knows about the radio channels, like radio channels WiFi also have multiple channels so that various communication streams don’t interfere with each other. The 802.11 standard allows for channels ranging from 1 through 14.
Each channel has a width of 22 Mhz around its central frequency. To avoid interference, an AP can use any of these channels, but to avoid any overlap, channels 1, 6, and 11 are most often utilized in the U.S. The other channels can be used, but because you need five channels between the working channels to not overlap signals, with three or more channels, only 1, 6, and 11 will work.
Step 4 : Datagrams and Frames
An understanding of the structure of wireless datagrams is critical for successful wireless hacking, but is beyond the scope of this introduction. I will introduce some of this information when necessary in future tutorials, but you may want to take some time to study wireless frames and datagrams from other sources.
Step 5 : Signal strength
The strength of the wireless access point’s signal. Most access points have this limit built-in, but we can change and override this limitation, if the access point is capable of a stronger signal. This may be useful for the hacker in setting up evil twins and rogue access points where strength of signal is critical, among other techniques.
Step 6 : Aircrack-Ng
For nearly all of our Wi-Fi hacking, we will be using aircrack-ng which is included in kali. Even in those hacks where we use other tools such cowpatty or reaver, we will use the aircrack-ng suite of tools for some part of the hack, so we need to become familiar with it.
I will write a article in it very soon.
Step 7 : WiFi adapters
One of the crucial needs to becoming an effective Wi-Fi hacker is the Wi-Fi adapter. Generally, the Wi-Fi adapter on your laptop or desktop is insufficient for our purposes. The key capability we need is the ability to inject packets into the access point and most run-of-the-mill wireless adapters are incapable of packet injection. Aircrack-ng has a list of Wi-Fi adapters that can work with their suite of tools.
That having been said, I highly recommend Alfa AWUS036NH USB wireless adapter. This is what I use. It’s available from several locations for between $30 to $50.
It does everything I need, is fast, has an external antenna, is recognized by kali, and automatically loads its drivers. In addition, it come in 1000mw and 2000mw versions. That can be critical in rogue access point hacks.
That’s It…next step ..
So, this begins our exciting journey into Wi-Fi hacking. Very soon, you will be able to hack nearly anyone’s wireless internet, so keep coming back to expand your knowledge and skills in Wi-Fi hacking.
So, this begins our exciting journey into Wi-Fi hacking. Very soon, you will be able to hack nearly anyone’s wireless internet, so keep coming back to expand your knowledge and skills in Wi-Fi hacking.
Post a Comment