Wednesday, February 15, 2017

Creating WordList for Password Cracking


1. Using tool crunch



2. Cracking the password




Reference
https://www.udemy.com/learn-ethical-hacking-from-scratch/learn/v4/t/lecture/6355664

WPA Cracking


1. Crack WPS Pin and then crack WPA PSK






Reference
https://www.udemy.com/learn-ethical-hacking-from-scratch/learn/v4/t/lecture/5306338

Fake Authentication the Wificard with Access Point


1. Fake authentication
airplay-ng --fakeauth 0 -a MAC-AP -h MAC-my-wificard mon0


2. Packet injection
- wait for an ARP packet, then capture this packet and inject it into the traffic, this will force AP to generate a new ARP packet with a new IV, we capture this packet and inject into the traffic again, this process is repeated until the number of IV's captured is sufficient enough to crack the key.

> aireplay-ng --arpreplay -b [target MAC] -h [your MAC] [interface]









Reference
https://www.udemy.com/learn-ethical-hacking-from-scratch/learn/v4/t/lecture/5306332

Creating a Fake Access Point (Honeypot)

1.  apt-get install mana-toolkit

2. use a wireless card (through USB) to broadcast the signals

3. leafpad /etc/mana-toolkit/hostpad-mana.conf

- set the configurations of the fake access point


4. leafpad /usr/share/mana-toolkit/run-mana/start-nat-simple.sh

- upstream=eth0

5. bash  /usr/share/mana-toolkit/run-mana/start-nat-simple.sh


6. crack WAP encryption approaches, by collecting enough packets to find packets with same IV


Reference
https://www.udemy.com/learn-ethical-hacking-from-scratch/learn/v4/t/lecture/5306328

Deauthentication attack on any device

Objective:

Disassociate the device from the network





Benefits
- once the target is deauthenticated, the client will try to connect with the AP again, so that the attackers can capture these connection packets for password cracking