Hack Wpa2 Wifi Password Mac

/ Comments off

Yesterday, my friend Victor wanted to crack a wifi network (his, of course) using his MacBook Pro.

  1. Hack Wpa2 Wifi Password Mac Download
  2. Crack Wifi Wpa2 Password Mac
  3. Hack Wpa2 Wifi Password Mac Computer
  4. How To Hack Wpa2 Wifi Password Mac

The problem is most of the wifi hotspots are secured by the password key usually by WPA2 encryption. In order to get connected, you need to have password key. In this step by step tutorial, I will show how to hack wifi wpa and wpa2 encrypted password to connect to these secured networks. This article describes how to use KisMAC to hack a WiFi password and cautions users to increase their password lengths.

I told him to use the excellent VirtualBox images of Kali Linux from Offensive Security and aircrack-ng.

We can see that all the wifi networks are configured with WPA2 or WPA. We are going to hack the network “shunya”. We will collect the shunya’s network traffic into a file. Open a terminal and type command “airodump-ng –bssid Mac address of wifi access point -c 13 –write wpacrack mon0″. A) the wifi had worked previously. B) the access point was working with other devices, e.g. My Android tablet and phone. C) the password was correct, as I could view the access point through my MacMini's wired ethernet connection. There's a lot of advice on this problem and it's been persistent. I tried all of the usual suggestions without any. Hack Wpa2 Wifi Password Mac Canon Hv20 Transfer Mac App Utorrent Speed Hack Mac Hack Pldt Wifi Using Mac Address Mac Address Hack Apk Mac Mini 2007 Mavericks Hack How To Find Out If Your Mac Webcam Is Hacked Remote Desktop Hack Mac Can Mac Get Hacked Pulsar Lost Colony Mac.

I had just forgotten that:

  • Using advanced wireless features is impossible from a virtual machine
  • Even if he used Kali Linux with a dual boot, installing the wireless drivers to make it work with the airport card is tiresome.
  • Most (not airmon-ng) aircrack-ng tools can be installed on macOS with MacPorts, but airodump-ng and aireplay-ng crash.

So PLEASE, if you want to do other advanced networking things than network sniffing or what is described in this article, do yourself a favour and buy an USB adapter to use with the virtual machine.

There is a list on the website of aircrack-ng, and I think the Alfa AWUS051NH v2 is great.Some people say it is expensive, but last time I checked on Google Shopping, it cost less than half an Apple mouse.

There are 3 steps:

  • Identify the target acces point: name (= BSSID), MAC address (= SSID) and channel (~ radio frequency)
  • Sniff the channel in monitor mode to retrieve:
    • a beacon (easy)
    • a handshake (= four-way handshake), or some frames of it (hard)
  • Crack the password using the dump

What makes the retrieval of the handshake hard is that it appears only when somebody connects to the access point.

The good news is that you can deauthentificate people from the wifi network - it’s called wifi jamming and it’s useful to impress a girl and piss off people at Starbucks.When they reconnect, they re-send the handshake. That adds a Deauth step.

“Install”

Scan

It saves the .cap capture file and displays the path.

If you don’t have the beacon or the handshake, it will fail accordingly.

For wordlists, see below.

As I said, aireplay-ng doesn’t work on a MacBook Pro.The catch is that aireplay-ng can do a lot of other things besides deauth attacks.

You might read that airport cards do not support packet injection, but packet injections are for WEP attacks and nobody uses WEP anymore. We only want to send some deauthentification frames.

Use JamWiFi. A ready-to-use application is provided there.

In fact, you can indentify the target with it too, and it has a really nice GUI.

Once you have selected the access point, you can deauth one or multiple users. Stop after about 50 “Deauths”, or else the persons might have trouble to reconnect during several minutes.

It might not work it you are too far from the target as your airport card is far less powerful than the router.

Using airport presents some issues. You cannot know if you got the beacon and the handshake until you stop the capture and try with aircrack-ng.

You capture a lot of unuseful packets too.

Hack Wpa2 Wifi Password Mac

Using tcpdump is more efficient.

When you launch those lines, the first tcpdump easily captures a beacon and the second waits for the handshake.

Use JamWiFi to deauth some users, and when tcpdump shows you it got 4 frames or more, Ctrl-C. It appears you can use less that 4 frames, but it depends on the frames you got (for instance 1,2 or 2,3 are sufficient). Anyway you should normally get at least 4. If nothing shows, try to deauth another user.

Now you have everything in capture.cap. You can also run aircrack-ng on it.

Like aireplay-ng, aircrack-ng offers so many features that it cannot be the best in everything.

We can really speed up the process by using hashcat.

Install with brew

Convert with cap2hccapx

hashcat doesn’t take cap files, only hccapx files.

Just install hashcat-utils and use cap2hccapx

Alternatively, use this online tool.

Crack

This page provides some examples.

To use with a dictionnary:

You have a lot of other options, like brute force:

Refer to the documentation fot more patterns.

Speed

hashcat works on the GPU.

On my MacBook Pro, it yields a performance of 5kH/s: it tests 5000 passwords in a second.

On a Tesla K20m, the speed is 75kH/s. I managed to crack the 5 last lowercase letters of a wifi password in about 1 minute (26**5 // 75000 = 158 seconds to test them all).

We can see here that a GTX 1080 breaks 400kH/s.

I recommend:

For more efficiency, target the networks with silly names (good examples are “mozart”, “I love cats”, “Harry and Sally”), and avoid the ones called “National Security Agency”, “sysadmin” and “sup3r h4x0r”.

To find a password, you have to be lucky and have a good idea of its shape.

A lot of default wifi passwords are composed of 8 or 10 hexadecimal digits.

In average (worst case divided by 2) and according to the above benchmark, with a GTX 1080:

  • 8 hexadecimal characters take 90 minutes.
  • 10 hexadecimal characters take 16 days.
  • 12 hexadecimal characters take 11 years.

Hack Wpa2 Wifi Password Mac Download

If you only want free wifi, just do MAC spoofing on a hotspot that uses web login.

Crack Wifi Wpa2 Password Mac

WPS represents WiFi protected setup. WPS makes a connection between wireless devices and router quicker and simpler. WPS works with WPA / WPA2 encryption. It allows the clients to connect to the network without the password. In WPS, authentication is done using 8 digits pin which is very small. WPS pin can be used to find the actual password / key of the wireless network.

Steps to Hack WiFi Network using WPS Feature

Hack Wpa2 Wifi Password Mac Computer

  1. Enable Monitor Mode of Wireless Interface Card
  2. Find the networks that has WPS feature enabled

    wherewashis a software, which display all the networks which has WPS feature enabled and wlan1 is the wireless adapter in monitor mode.

    • ESSIDis the target network, which i am going to hack
    • Vendoris the name of the hardware used in this network
    • Lcktelling us that whether WPS is locked or not. If Lck is locked then WiFi cannot be hacked using WPS
    • WPSshows the version of WPS
    • dBmis the signal strength
    • CHis the channel on which the network is working on
    • BSSIDis the MAC address of the target network


  3. Associate with the target network using the Fake Authentication Attack. I am telling the router that i want to communicate with you, so don’t reject my requests.
  4. Use reaver, which will brute force WPS PIN and WPS PIN will be able to find the password of target network

    where

    • –bssid E4:6F:13:66:E7:C0is the MAC address of my target network
    • –channel 1is the channel of target network
    • –interface wlan1is wireless interface card in monitor mode
    • -vvvshows different messages, which tells us that whats going on during brute forcing. If there is any problem, we can fix the problem by reading those messages
    • –no-associatetells the reaver, don’t associate with the target network. I will do it manually

    So, revaer successfully find WPS PIN and WPA password key.

How To Hack Wpa2 Wifi Password Mac

Note:This method only works if the router is configured with normal PIN authentication not with the Push Button Authentication. If Push Button Authentication is used then router will reject any PIN which we are trying to brute force.