Kali-Linux Hacking WPA2 Passwords in Easy 5 Step

Requirements:

1. Wireless card (support promiscuous mode)

2. Access point with WPA2 and WPS enables

1. Open our terminal (CTRL+ALT+T) and type airmon-ng

2. The next step we need to stop our wireless monitor mode by runningairmon-ng stop wlan0

3. Now we ready to capture the wireless traffic around us. By running airodump-ng wlan0 our wireless interface will start capturing the data.

Information:

BSSID (Basic Service Set Identification): the MAC address of access point

PWR: Signal level reported by the card.

Beacons: Number of announcements packets sent by the AP

#Data: Number of captured data packets (if WEP, unique IV count), including data broadcast packets.

#/s: Number of data packets per second measure over the last 10 seconds.

CH: Channel number (taken from beacon packets).

MB: Maximum speed supported by the AP. If MB = 11, it’s 802.11b, if MB = 22 it’s 802.11b+ and higher rates are 802.11g.

ENC: Encryption algorithm in use.

CIPHER: The cipher detected. TKIP is typically used with WPA and CCMP is typically used with WPA2.

AUTH: The authentication protocol used.

ESSID: Shows the wireless network name. The so-called “SSID”, which can be empty if SSID hiding is activated.

4. From the step 3 above, we can find access point with encryption algorithm WPA2 and note the AP channel number. Now we will find out whether target AP has WPS enabled or not.

• wash -i wlan0 -c 8 -C -s

if the WPS Locked status is No, then we ready to crack and move to step 5.

5. The last step is cracking the WPA2 password using reaver.

• reaver -i -b –fail-wait=360

Because we already get the information from step 3 above, so my command look like this:

• reaver -i wlan0 -b E0:05:C5:5A:26:94 –fail-wait=360

it took about 2 hours to crack 13 characters WPA2 password (learn2hack.net) from my live usb Kali, but it depend with our hardware and wireless card.