Nicolandia15
Eternal Poster
- Joined
- Jan 12, 2016
- Posts
- 581
- Reaction
- 506
- Points
- 265
First Tutorial here. Since halos lahat naman ngayon ng router or mobile wifi is gumagamit ng WPA/WPA2 security, gusto ko lang i share pano mag häçk nito using Kali Linux 2 and Air*****.
Before tayo mag start:
Q: Para ba sakin to?
A: Kung interesado ka po gawing secure yung connection mo (pfft!) or kunin yung password ng kapitbahay mo (yeah!) para sa libreng internet. Then follow mo lang step by step!
Q: îllégâl ba to?
A: Nagtanong ka pa!
Q: Why sharing this?
A: Gusto lang makatulong and I know marami nakakaalam nito. Ayaw lang I share.
Q: Complicated?
A: Walang mahirap pag gusto mo matuto.
REQUIREMENTS:
*Laptop / PC or USB Drive
*Compatible wireless card
*Kali Linux 2
Disclaimer: Lahat ng information sa tutorial na to is for educational purposes only *wink*. I am no way responsible for any misuse of the information.
Let's assume na install mo na yung Kali Linux 2.
*Pwede ka mag install ng Kali Linux as Live USB , Dual Boot or using VMs.
Step 1:
Login to Kali as root.
Step 2:
Plugin mo yung wireless card mo sa PC or Laptop
Step 3:
Open new terminal tapos type mo airmon-ng
Lalabas dito yung external wireless card na ginamit mo. Sakin is yung RaLink Tech. Pag blank naman po yung nakuha mo then hindi po supported yung external wireless card mo. In my case yung card ko is supported and listed as wlan0
Step 4:
Type airmon-ng start then yung interface ng external wireless card mo. Again yung sakin is wlan0.
Should be: airmon-ng start wlan0
This means yung external card mo is naka monitor mode na. Then yung bagon pangalan nya is wlan0mon
Step 5:
Type airodump-ng and yung bagong name ng interface mo. Again yung sakin wlan0mon
Should be: airodump-ng wlan0mon
Step 6:
Ang mangyayari next is your card will list lahat ng wireless network na makikita nya sa area nyo. Kasama dito mga mobile wifi and router. Then hanapin mo yung target mo na gusto mong i-*****.
"Do this at your own risk"
Kung makikita nyo po sa screenshot, halos lahat sila WPA2 Encryption. Focus tayo sa taas na part. Btw yung sa baba na part na mga nakalsta is mga devices yun like phone and computers. Sa taas yun yung wireless network.
LinkSys AC 1900 - For this test. Pinalitan ko lang name ng mobile wifi ko. It's Huawei Mobile Wifi E5330
Try natin sa sarili kong device para kunyari wala ako nilalabag. Hehe.
Next is take note mo yung BSSID and yung Channel. BSSID and CH respectively.
Copy BSSID
Then type this:
airodump-ng -c [channel] --bssid [bssid] -w /root/Desktop/ (yung interface ng card mo) again yung sakin is wlan0mon
Channel - replace mo na lang kung ano man channel ng target mo.
bssid - yung BSSID na copy mo kanina
-w /root/Desktop/ - command to para sa directory kung saan issave yung handshake na gagawin natin later. I know nakaka confuse.
Should be:
airodump-ng -c 3 --bssid 8C:34:FD:68:F3:2A -w /root/Desktop/ wlan0mon
Press ENTER syempre.
Step 7:
Mangyayari next is mag ffocus yung airodump sa bssid na spinecify natin. So makikinig lang niya ngayon sa LinkSys AC 1900 na device. Makikita mo rin dito yung device na naka connect. Yung idea is mag aantay tayo na may mag connect na device. Then iccapture natin yung data "handshake" na may laman na password at ic***** natin later. Or pwede din nating i force disconnect yung device naka connect na then mag aauto connect sila sa router or mobile wifi, same pa din. May "handshake" pa din na nangyari. May files din na malalagay sa desktop mo. Dito issave yung handshake kaya please wag I delete. Kailangan natin yan later.
Keep this!
Step 8:
Eto pano mag disconnect ng device na naka connect sa router or mobile wifi.
Yung naka highlight is yung phone ko naka connect.
Open ka ng bagong terminal. Yaan mo lang nakabukas yung isa.
Type this:
aireplay-ng –0 2 –a [router bssid] –c [client bssid] wlan0mon
Di ko na eexplain lahat ng code basta paki insert na lang yung router/mobile wifi bssid mo and sa -c yung bssid ng device na nakaconnect. wlan0mon - depende sa interface mo.
Should be:
aireplay-ng –0 2 –a 8C:34:FD:68:F3:2A –c 90:B9:31:0E:8C0 wlan0mon
Press ENTER syempre.
Step 9:
After nyan mag ssend yung wireless card mo ng deauth signal/packets para ma disconnect yung device. Yun yung -0. Yung 2 next dun is kung ilang packets ang gusto mo I send. Pwede mo din I modify yan.
At ang pinakahihintay natin. Di ko sure kung may nagbabasa pa sa step na to or na confuse na sa mga pinagsasbi ko.
Once mag appear na yung "handshake" ibig sabihin nakuha na natin yung password. Which is naka save dun sa file na ginawa natin kanina sa Desktop. May mga pagkakataon na di agad makukuha ang handshake at di ko din minsan alam bakit pag tintry ko sa ibang router. Pero sabi nila pinaka reason daw is malayo ka sa router. Or try mo mag deauth ng ibang device na nakaconnect dun if more than 1 ang nakalista.
Step 10:
That's it! Gagawin naman natin next is to ***** yung password na nacapture natin. So depende to kung gano ka complicated yung password na nilagay ng may-ari. Pag mejo techy si owner then expect na mejo mahirap din I ***** yung password. Pero pag mga simpleng user lang, trust me. May naka ***** ako using wordlist under a minute. Password niya "zamboanga".
Moving on,
air*****-ng -a2 -b [router bssid] -w [path to wordlist] /root/Desktop/*.cap
I assume mejo familiar kana sa mga bracket na yan. Default path ng wordlist is /usr/share/wordlist/rockyou.txt
Note: By default, rockyou.txt is still compressed. Paki unzip na lang po.
Eto sakin:
Press ENTER ulit. Again depende ito kung gano ka complicated yung password ni owner. Pag complicated matagal ma ***** at naka depende ito sa wordlist na gagamitin natin. If yung password ni owner is nasa wordlists then mahuhulaan natin. If wala, move on.
Seems na hindi secure yung password ng Huawei ko. Lol.
Kung nagbabasa ka pa dito? Kaw na. If there's any confusion feel free try to ask try ko sagutin lahat.
Kahit sino pwede matuto nito basta may time ka lang. Peace!
Attachments
-
You do not have permission to view the full content of this post. Log in or register now.
Last edited: