Hack your Wifi connection, under WEP, WPA, WPA2 or WPS protocols, discover Pixie-Dust, PMKID, PIN-Attack and all other attacks used by hackers and computer security pentesters, with the tools and software we will share, you will be able to test the security of your network yourself !
How to Hack a Wifi Connection ?
How toHack a Wifi network ? You are interested in the operating modes of hackers, who hack and introduce Wifi networks ?
Have you lost your Wifi security code ? In this case our Article is written for you !
Refer to the laws of your country, do not do anything illegal, this tutorial is written as an educational and preventive, the methods used should only be used on your own equipment.
We will now get to the heart of the matter and explain the methods to introduce a wifi network that uses any security protocol, WEP, WPA / WPA2 and WPS !
We recommend that you read the security protocols used by the routers and boxes currently in use before continuing, it is not necessary but it is always better to have more knowledge about the connection protocols and algorithms of wifi.
Hack a Wifi connection automatically with a script
Is it really possible to automatically hack a Wifi connection without doing anything?
Yes indeed, it’s possible with Wifite, this wonderful script will do the job for you and automatically test your wifi router from every angle, in order to find a security flaw and automatically hack the password of the wifi network.
Instructions for use ? Simply run the script and type this in :
⇒ Wifite -e NameofyourRouter
And that’s it, nothing very complicated in itself, here is a screenshot of the script in full action, if you want the download link is a little lower !
Several types of attacks will be carried out automatically :
- Pixie-Dust attacks on the WPS protocol.
- PIN attack second method for the WPS algorithm.
- Multiple attacks for WPA, WPA2 and WEP.
- Next generation flaw, the PMKID !
Once the attack is over, it will automatically display the wifi password of your connection.
The script also supports the 5 GHZ on the new internet routers !
Download link of Wifite 2
Hack a Wifi network with WEP protection
WEP (Wired Equivalent Privacy) is a protocol used to secure WI-FI networks, it is part of the IEEE 802.11 standard and was first introduced in September 1999.
The encryption algorithm used for WEP systems is RC4, it’s a stream encryption algorithm, that’s why an initialization vector (IV) is present, this same vector is transmitted raw, so without any protection, it’s thanks to this method that we will recover packets and to finally recover initialization vectors which contain fragments of the password of the wifi connection in question, enough talk about WEP, let’s go to our method!
The second simplest solution in order to hack a Wifi network with a WEP encryption key, is to use, a rather known linux distribution which is, Kali Linux !
It is a GNU / Linux distribution, which took over the succession of Backtrack, the objective of this distribution is to gather a large set of tools necessary to test computer penetration.
This distribution integrates a lot of very interesting software, we highly recommend you to use it to see what comes out of it, knowing that this distribution is used by a very large majority of white hat and black hat hackers.
If you wish to download Kali Linux, here is our download link
We have written a video tutorial that details the hacking of a WEP key under Kalix linux, watch the video by going down a little further, this video concerns only the part for the WEP security algorithm.
Concerning the method used, you will first scan the Wifi connections around with the tool, airodump-ng, then you will simulate a false association with your router or your box with aireplay-ng.
Then you will capture the packets (data passing between the targeted connection and you), again with airodump-ng, so that the manipulation is much faster, you will be able to perform what is called packet injection, basically you will simulate fake traffic between the access point and you, so that you can get many more packets to decrypt the WEP key !
Once the 120’000 packets have been captured (minimum necessary for a 128 bits WEP key), you will finally launch aircrack-ng with your capture file and let it work, once finished, it will show you your WEP key in full, this process usually takes between 5 and 30 minutes.
For more details see this video which shows you the steps (WEP only)
Hack a Wifi router with WPA or WPA2 protection
First method for hack a WPA / WPA 2 network
WPA and WPA2 (Wi-Fi Protected Access) are creations that allow to secure Wi-Fi networks. WPA was created in the 2000s, and its sole purpose is to replace WEP in the face of the weaknesses and security loopholes present in the latter.
The WPA protocol (initial version) uses a more advanced encryption called TKIP encryption, the WPA2 its successor is actually born in 2006, it replaces the TKIP encryption (128-bit key used for each packet) by the CCMP (a much more powerful encryption) which provides greater security.
Now let’s move on to the most commonly used method for WPA and WPA2 key hacking.
Still using the Kali Linux distribution and using the same process !
However the key cannot be cracked automatically with aircrack-ng, it is necessary to use an attack with a dictionary file, it is a text file containing millions of passwords, aircrack-ng will use this dictionary file and it will try the passwords one by one to find the right one.
Huge dictionaries can be found everywhere on the internet, is not hard to find one big files with the most used passwords.
The brute-force method can also be used for a WPA key, however, it requires quite a lot of hardware, multiple graphics cards of a fairly high value that will allow you to try thousands of combinations per second.
Second method for hacking wifi, the PMKID method
A new attack method has recently emerged, it concerns networks under the WPA and WPA algorithm, it is the PMKID method.
Some packets transiting between the router and your connection, have a signature called the PMKID, with this PMKID no need to capture, packets for a good while, the capture is almost instantaneous !
Once the packets are captured (with the PMKID of course), you can launch an attack, brute-force (as explained above) or a dictionary attack.
The PMKID can be retrieved automatically thanks to the script given at the top, or on Windows with the Wireshark software (a bit more complicated), or on Kali Linux thanks to the Reaver script.
Hack a box or router using the WPS protocol
The WPS is a recent connection method used on the routers currently, by simply pressing a button on your box you activate the WPS mode, it will suffice thereafter to connect to your wifi network.
But how to penetrate a wifi connection that uses WPS mode ?
There is nothing simpler to do this, it is for us the least secure connection method !
The best way to bypass this protocol? Use the script presented in the first place !
The WPS protocol being active on a lot of internet boxes (Free, SFR, Orange and many others…), this one is unfortunately one of the easy targets, as you have read the wikipedia link that explains what Wifi-Protected-Setup is, you should understand what will follow.
Using Airgeddon or Reaver the distribution like Kali Linux, this one will brute-force the connection, using a Pixie-Dust attack, in order to find the corresponding PIN to associate you with the router or the box!
But still under Windows, you can use the same process with the Waircut software which is not so reliable and has a huge tendency to crash, you don’t need to ask a lot from it.
Moreover, Waircut has had the good idea to list all the generic PINs that Internet access providers have been using for a while without modifying them…
Conclusion on the Hacking of Wifi Routers
In the face of danger, we recommend you use the WPA2 protocol with AES encryption, choosing a very complex password with special characters, this will make the task much more complicated for the person who wishes to harm you.
There is also the possibility to use a white list on your router, to add all the MAC addresses for which you wish to authorize the connection, however, this method can be easily circumvented, because of MAC Spoofing, the MAC address of a device can be very easily spoofed.
A lot of automated scripts that can be used on Kali Linux are on the internet, so you don’t need to worry about all the commands, for example there is Auto-Reaver and many others !
But they will never be as reliable as your hand and the use of your brain, because when you use these scripts, it’s not really reliable and you don’t know what you’re doing …
Nothing better than learning even step by step the exact commands, what they are for, etc…
Only use these methods on YOUR connection, comply with the laws of your country.
If you want to support us to write more articles, please share our article !