Presentation is loading. Please wait.

Presentation is loading. Please wait.

Crack WPA Lab Last Update 2014.06.11 1.0.0 1Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com.

Published byIgnacio Belmont Modified over 9 years ago

Similar presentations

Presentation on theme: "Crack WPA Lab Last Update 2014.06.11 1.0.0 1Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com."— Presentation transcript:

1 Crack WPA Lab Last Update 2014.06.11 1.0.0 1Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

2 Objective In this lab we will see how to recover the WPA and WPA2 PSK using the tools included with Kali Linux Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 2

3 Source This lab is based on the article –Tutorial: How to Crack WPA/WPA2 from the aircrack-ng.org website Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 3

4 Equipment Used In this example the wireless network will be created using a Linksys WAP610N access point To recover the key, tools included with Kali Linux will be run from a Virtual Box virtual machine The wireless NIC attached to the computer running the virtual machine is an Alfa AWUS036H Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 4

5 Equipment Used This NIC was selected as it is supported natively by both Windows and Linux It also works well for this purpose with the Kali Linux tools A computer with a wireless NIC will be needed to connect to the access point in order to generate the authentication handshake Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 5

6 Configure the Access Point For this example the access point needs to be set to –WPA PSK or WPA2 PSK as the security mode –AES as the encryption method –password as the preshared key –Channel 6 –802.11b Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 6

7 Configure the Access Point Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 7

8 Configure the Access Point Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 8

9 Install the NIC Plug the Alfa NIC into the computer with just the base operating system running Let the operating system install the driver and activate the NIC Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 9

10 Create the Virtual Machine Start Virtual Box Using the normal procedures create a virtual machine using these settings –Operating System Ubuntu 32 bit –Memory 1024 –Hard Drive Size 16 Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 10

11 Install Kali Linux Copy Kali Linux to a location on the computer where you can find it Start the virtual machine created above When it asks for the location of the operating system file, click on the small file folder and select the location of the Kali Linux iso file Wait for Kali Linux to load and run Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 11

12 Attach NIC to Kali Linux As the wireless NIC is a USB device it must be attached to this virtual machine To do this in Virtual Box from the Kali Linux virtual machine menu bar select –Devices USB Devices –The name of the wireless NIC The device driver for the virtual machine will be loaded Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 12

13 Attach NIC to Kali Linux The wireless NIC will appear in Kali Linux Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 13

14 Key Recovery Method WPA and WPA2 PSK are perfectly acceptable methods to use to restrict access to an 802.11 based wireless network in the appropriate environment if you use a strong enough passphrase Any common phrase will be included in a dictionary that can be used to mount a brute force attack as we will do here Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 14

15 Key Recovery Method Mounting such an attack can take from minutes to days depending on how strong the passphrase is The method used here is to utilize aireplay-ng to capture the four way handshake used when a device wants to connect to the access point Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 15

16 Key Recovery Method The WEP method of deciphering the static key using initialization vectors will not work here since the since the key is not static in WPA and WPA2 Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 16

17 Cracking Steps The steps required to break WPA and WPA2 PSK are –Start the wireless interface in monitor mode on the channel being used by the access point –Start airodump-ng on the channel with a filter based on the access point’s MAC address to collect the authentication handshake –Run aircrack-ng to crack the key using the authentication handshake Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 17

18 Start NIC in Monitor Mode The NIC needs to be in monitor mode so that it can hear all wireless frames instead of just the ones addressed to it To do this start a terminal session Stop the NIC by entering where wlan0 is the name of the NIC you are using as displayed from the Linux command line using the iwconfig program –airmon-ng stop wlan0 Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 18

19 Start NIC in Monitor Mode Run iwconfig again to be sure there are no other wireless NICs running Start the NIC in monitor mode –airmon-ng start wlan0 6 where 6 is the channel number the access point is using The OS should report that the NIC is in monitor mode Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 19

20 Start NIC in Monitor Mode It may take a minute or so Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 20

21 Start NIC in Monitor Mode Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 21

22 Start NIC in Monitor Mode If it also lists some processes that need to be turned off so that they do not interfere with this process turn them off using the kill command For example in my case –kill 2479 –kill 2509 –kill 3381 Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 22

23 Expand the Wordlist The dictionary file that the capture file will be run against must be expanded before aircrack-ng can use it Run these commands –cd /usr/share/wordlists –gzip –d rockyou.txt.gz The result should be a file named –rockyou.txt Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 23

24 Capture the Handshake Let’s capture the four way handshake Start another terminal session Run this command all on one line –airodump-ng –c 6 --bssid 00:23:69:7B:10:10 – w psk wlan0 Boot another computer Have it connect to the access point –This process may take seconds or days Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 24

25 Capture the Handshake Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 25

26 Recover the Key To extract the passphrase open a terminal and run this command –aircrack-ng –w /usr/share/wordlists/rockyou.txt –b 00:23:69:7B:10:10 ~/psk*.cap In this case as the aircrack-ng terminal screen shows the passphrase is –password Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 26

27 Finish the Lab Stop all of the programs running in the terminal windows by using Ctrl C Close all of the terminal windows Logout of Kali Linux Stop the virtual machine Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 27

Download ppt "Crack WPA Lab Last Update 2014.06.11 1.0.0 1Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com."

Similar presentations

Brute Force Attack Against Wi-Fi Protected Setup

Brute Force Attack Against Wi-Fi Protected Setup
Windows 2000 Installation Process. There are three methods available to install the Windows 2000 operating system: Setup boot disks CD – Rom Over-the-network.

Windows 2000 Installation Process. There are three methods available to install the Windows 2000 operating system: Setup boot disks CD – Rom Over-the-network.
Overview How to crack WEP and WPA

Overview How to crack WEP and WPA
LOGGING ON AND SHUTTING DOWN How to do both successfully at school.

LOGGING ON AND SHUTTING DOWN How to do both successfully at school.
CY-SWR1100 Dual Band Wireless N Router

CY-SWR1100 Dual Band Wireless N Router
1 Practical stuff Crack the WPA key of this laptop. SSID: « Philips WiFi » Password list and cowpatty table available on CD (only useful today).

1 Practical stuff Crack the WPA key of this laptop. SSID: « Philips WiFi » Password list and cowpatty table available on CD (only useful today).
Installation of Ubuntu on a Virtual machine. VirtualBox allows you to run an entire operating system inside another operating system. Please be aware.

Installation of Ubuntu on a Virtual machine. VirtualBox allows you to run an entire operating system inside another operating system. Please be aware.
Crack WEP Lab Last Update 2014.08.12 1.1.0 1Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com.

Crack WEP Lab Last Update Copyright 2014 Kenneth M. Chipps Ph.D.
DSL-2730B, DSL-2740B, DSL-2750B.

DSL-2730B, DSL-2740B, DSL-2750B.
ACM Wi-Fi Workshop Presented By: Chris Rawlings Brad Emge.

ACM Wi-Fi Workshop Presented By: Chris Rawlings Brad Emge.
Microsoft Virtualization Last Update 2011.01.01 1.0.0 1Copyright 2011 Kenneth M. Chipps Ph.D. www.chipps.com.

Microsoft Virtualization Last Update Copyright 2011 Kenneth M. Chipps Ph.D.
Wireless Cracking By: Christopher Zacky.

Wireless Cracking By: Christopher Zacky.
WLAN Security: Cracking WEP/WPA

WLAN Security: Cracking WEP/WPA
MIS 5212.001 Week 12 Site:

MIS Week 12 Site:
Hacking WLAN // BRUTE FORCE CRACKER // TCP/IP. WLAN HACK Wired Equivalent Privacy (WEP) encryption was designed to protect against casual snooping, but.

Hacking WLAN // BRUTE FORCE CRACKER // TCP/IP. WLAN HACK Wired Equivalent Privacy (WEP) encryption was designed to protect against casual snooping, but.
Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.

Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.
DVG-N5402SP.

DVG-N5402SP.
 Any unauthorized device that provides wireless access  Implemented using software, hardware, or a combination of both  It can be intentional or unintentionally.

 Any unauthorized device that provides wireless access  Implemented using software, hardware, or a combination of both  It can be intentional or unintentionally.
Copyright 2010-2013 Kenneth M. Chipps Ph.D. www.chipps.com How to Use SNMP to Collect Network Data Last Update 2013.04.18 1.1.0 1.

Copyright Kenneth M. Chipps Ph.D. How to Use SNMP to Collect Network Data Last Update
 Contents 1.Introduction about operating system. 2. What is 32 bit and 64 bit operating system. 3. File systems. 4. Minimum requirement for Windows 7.

 Contents 1.Introduction about operating system. 2. What is 32 bit and 64 bit operating system. 3. File systems. 4. Minimum requirement for Windows 7.

Similar presentations

Ads by Google