This is a multiple part series for someone new to wireless hacking, with pictures and videos.
Introduction To Kali and WiFi Pen Testing
How to Install Kali Linux
WEP Hacking
Kali Linux and Reaver
Getting a Handshake and a Data Capture, WPA Dictionary Attack
Using Aircrack and a Dictionary to Crack a WPA Data Capture
Cracking a WPA Capture with the GPU using HashCat
Next Creating a Dictionary / Wordlist with Crunch Part 8
Using Aircrack and a Dictionary to Crack a WPA Data Capture
If you have a WPA handshake capture and cannot crack it yourself then there are services online that for a price will crack it for you.
To get started you should already have a WPA handshake file and Kali Linux running.
Getting a good dictionary can be hard but finding good ones, or creating them yourself with Crunch, is necessary to try and use this method. I have setup a download section HERE with a WPA wordlist/Dictionaries that can be used if needed.
Keep in mind the dictionary file is only a simple text file that can be edited with any text editing program, such as notepad. Don’t use Microsoft Word or Open Office as they make changes that render a wordlist unusable.
If you know a person well enough you can try and type as many guesses as you can think of in a text file then use that as your dictionary.
The default storage for a WPA handshake is under /root and will be there under the name it was given when captured. Open a terminal window and type the command “ls” the data capture should be there. The file type we want to use is the .CAP file
The dictionary that we will use for this example is called dict.txt.
We will be using Aircrack to do the cracking and the command to do this is:
aircrack-ng (file name) -w (dictionary location)
Where the file name is the handshake file that was captured and the dictionary location is the path to the dictionary. The location of where these two files are and their names will be up to you.
The usual default location of the handshake file is under /root and is whatever name it was called when captured. We will be using a dictionary called dict.txt for this example that I copied to /root.
So the command for me to do this would be:
“aircrack-ng dlink.cap -w dict.txt”
If done right Aircrack should start and begin to try to crack the WPA handshake capture with the dictionary.
If the dictionary finds it, it will show as above with the “KEY FOUND” if not, then another dictionary will need to be used. For this example, I edited the text dictionary file and put the password in to show what it looks like when it is found.
Next Cracking a WPA Capture with the GPU using HashCat
I want wordlists files which I used directly instead of making wordlists.
i want to specify dictionary file range.
i.e dictionary file have 100 passwords but i want to try only first 50 passwords.
how could i do this??? help needed
it says access is denied
When I try this, it says my dictionary is in the wrong format.
This is the command I put in: aircrack-ng InsideProFull.txt -w . -b 02:18:4A:4B:DB:C0
And this is what it spits out: Unsupported file format (not a pcap or IVs file).
Which attack are you using? The command line is wrong for a aircrack / dictionary to crack a WPA Data Capture.
Im trying to use aircrack with a dictionary to attack a wpa/wpa2 network
A data capture of the password needs to be done first with WPA/WPA2. The old WEP was crack-able in real time, but WPA needs the capture.
A data capture is a the password that is copied when it is transmitted. It is encrypted but will be a in a file on your computer after it is captured.
Once you have the data capture a dictionary is used to try and brute force the password.
Im very new to this, how do I do this or is there a video or forum that explains how to do this
Im very new to this, how do I do this or is there a video or forum that explains how to do this
I wrote a post here on getting a data capture along with a video. https://www.wirelesshack.org/wireless-hacking-basics-wpa-dictionary-attack-handshake-data-capture-part-5.html
Aircrack-ng capture-01.cap -w dictionary -b BSSID
Your context should be aircrack-ng -w InsideProFull.txt [capture file]
given InsideProFull.txt is your dicttionary file….
Supposed to be -w InsideProFull.txt and that isn’t a .cap file looks like a mac address…