HD 1080DPI 2 WiFi IoT Hacking Demo Guide

Security Centric
18 Nov 201608:26

Summary

TLDRThis tutorial video demonstrates the use of the aircrack-ng suite on the Kali Linux platform for auditing wireless networks. It guides viewers through the process of finding a network's password using aircrack-ng tools, from creating a monitoring interface with airmon-ng to capturing traffic with airodump-ng, and ultimately cracking the WPA key with a wordlist. The video concludes with connecting to the secured network using the discovered passphrase, showcasing the importance of secure wireless implementation.

Takeaways

  • πŸ“Ή This video demonstrates the use of the aircrack-ng suite for auditing wireless networks on the Kali Linux platform.
  • πŸ—‚οΈ Viewers are advised to take notes for future reference while completing the lab after watching the video.
  • πŸ“ A directory is created in the root directory to store capture files for the wireless attack.
  • πŸ”’ The airmon-ng tool is used to start a monitor mode interface for capturing wireless traffic and conducting attacks without prior network authentication.
  • πŸ”Ž The ifconfig command is used to verify the creation of the mon0 interface, which is essential for monitoring.
  • πŸš€ Airplay-ng is utilized to inject frames and generate traffic for cracking WEP and WPA PSK keys by deauthenticating clients and capturing their authentication information.
  • πŸ“‘ Airodump-ng monitors a specific channel and access point, capturing all traffic into a file for later analysis.
  • ⏹️ The airodump-ng process is stopped using Ctrl+C, and then aircrack-ng is used with a wordlist to attempt to crack the network password.
  • πŸ”‘ Aircrack-ng presents a list of detected networks for selection, and it uses a dictionary attack to find possible passphrases.
  • πŸ” Good wordlists can significantly reduce the time required to crack a network password, often within 10 minutes.
  • πŸ“‘ After cracking the password, the airmon-ng stop command is used to stop the monitor mode interface.
  • πŸ”— Once the passphrase is obtained, it can be used to connect to the secured wireless network by entering it in the network manager.

Q & A

  • What is the purpose of the aircrack-ng suite of tools demonstrated in the video?

    -The aircrack-ng suite is used for auditing wireless networks to find a wireless network password and log on to the secured wireless network.

  • Which platform is used for the penetration testing demonstration in the video?

    -The Kali penetration testing platform is used for the demonstration.

  • What is the first step after logging into Kali in the demonstration?

    -The first step is to make a directory to store the capture files.

  • What command is used to create a monitor mode interface for wireless traffic monitoring and attacks?

    -The command 'airmon-ng start' is used to create a monitor mode interface.

  • How can you verify that the mon0 interface has been created?

    -You can verify the creation of the mon0 interface by issuing the command 'ifconfig', which will show all interfaces.

  • What is the purpose of the airplay-ng tool in the context of the demonstration?

    -The airplay-ng tool is used to inject frames to generate traffic that aircrack-ng will later use for cracking the WEP and WPA PSK keys.

  • What does the 'deauthentication attack' mentioned in the script do?

    -A deauthentication attack forces clients off a given network, causing a denial of service (DoS) attack, which in turn forces the client to re-authenticate, allowing the capture of their authentication information.

  • How does airodump-ng capture traffic from a specific network?

    -Airodump-ng captures traffic by monitoring a specific channel and using the MAC address of the target access point, then dumping all traffic into a file.

  • What is the command used to stop the airodump-ng process in the demonstration?

    -The process is stopped by pressing 'control-c' in the airodump-ng terminal window.

  • How does aircrack-ng utilize a word list to find possible passphrases for a network?

    -Aircrack-ng uses a word list or passphrase dictionary to search for possible passphrases against the capture files created by airodump-ng.

  • What is the final step to connect to the silent valor network after discovering the passphrase?

    -The final step is to enter the discovered passphrase in the network properties dialog box, select WPA2 encryption, and click connect.

Outlines

00:00

πŸ› οΈ Penetration Testing with Aircrack-ng Suite

This section of the video script provides a step-by-step tutorial on using the aircrack-ng suite of tools on the Kali Linux platform for auditing wireless networks. It covers the process of creating a directory for capturing files, utilizing airmon-ng to create a monitor mode interface, and employing airplay-ng to inject traffic for capturing authentication information. The script details the use of airodump-ng for monitoring and capturing traffic, and concludes with aircrack-ng to crack the network's passphrase using a word list. The aim is to demonstrate how to find a wireless network password and gain access to a secured network.

06:15

πŸ”’ Testing and Applying the Cracked Passphrase

Following the successful cracking of the wireless network passphrase 'dark obsidian', this paragraph describes the process of testing the obtained passphrase. It guides the user through stopping the monitor mode interface, using the network manager to connect to the 'silent valor' network with the cracked passphrase, and verifying the successful connection by checking the IP address assigned by the access point. The section concludes by summarizing the learning outcomes of the video, which include using the aircrack-ng suite to audit a wireless network and understanding the importance of secure wireless network implementation.

Mindmap

Keywords

πŸ’‘aircrack-ng

Aircrack-ng is a suite of tools used for assessing the security of wireless networks. It is integral to the video's theme as it is the primary tool demonstrated for auditing and cracking wireless network passwords. In the script, aircrack-ng is used to analyze captured traffic and attempt to find the passphrase for a secured wireless network.

πŸ’‘Kali

Kali Linux is a penetration testing platform that is frequently used by security professionals for ethical hacking and security assessments. In the context of the video, it is the operating system on which the aircrack-ng suite is run to perform the wireless network audit.

πŸ’‘wireless network password

A wireless network password is the key used to secure a wireless network, preventing unauthorized access. The script focuses on demonstrating the process of finding this password using the aircrack-ng tools, which is central to the video's educational purpose.

πŸ’‘airmon-ng

Airmon-ng is a utility within the aircrack-ng suite that is used to start a monitor mode interface on a wireless network card. In the script, airmon-ng is used to create a 'mon0' interface, which is essential for monitoring wireless traffic and carrying out attacks.

πŸ’‘airplay-ng

Airplay-ng is a tool within the aircrack-ng suite that is used for injecting frames into a network to generate traffic. In the script, it is used to perform deauthentication attacks, forcing clients off the network to capture their authentication information.

πŸ’‘airodump-ng

Airodump-ng is a tool used for capturing wireless network traffic. It is used in the script to monitor a specific channel and capture traffic from a target access point, which is later used by aircrack-ng to attempt to crack the network's password.

πŸ’‘MAC address

A MAC address is a unique identifier assigned to network interfaces for communications on the physical network segment. In the script, MAC addresses are used to specify target systems and access points when performing wireless attacks with airplay-ng and airodump-ng.

πŸ’‘WEP and WPA PSK keys

WEP and WPA PSK are encryption protocols used to secure wireless networks. The script mentions that aircrack-ng can be used to crack these keys, which is a key concept in understanding the security vulnerabilities of wireless networks.

πŸ’‘word list

A word list, in the context of the video, refers to a dictionary of possible passphrases used by aircrack-ng to attempt to crack a network's password. The script describes using a word list against captured files to find the correct passphrase for a secured network.

πŸ’‘deauthentication attack

A deauthentication attack, as mentioned in the script, is a type of attack where a client is forced off a network, causing a denial of service. This is part of the process to capture authentication information, which is essential for cracking the network's password.

πŸ’‘IP address

An IP address is a numerical label assigned to devices connected to a computer network that uses the Internet Protocol for communication. In the script, verifying an IP address is used as a confirmation that the device has successfully connected to the wireless network after cracking the password.

Highlights

Demonstration of using the aircrack-ng suite on Kali for wireless network auditing.

Explanation of how to create a directory for storing capture files in Kali.

Use of airmon-ng to start a monitor mode interface for wireless traffic monitoring.

Verification of the mon0 interface creation with ifconfig.

Introduction of airplay-ng for injecting frames to generate traffic for cracking.

Command explanation for deauthenticating clients to capture authentication information.

Use of airodump-ng to monitor a specific channel and access point.

Capturing traffic into a file for later analysis with airodump-ng.

Increasing the number of injected packets to enhance the cracking process.

Stopping the airodump-ng process with control-c for further analysis.

Utilizing aircrack-ng with a word list to crack the network's passphrase.

Selection of the target access point from a list of detected networks.

Efficiency of aircrack-ng in cracking passwords with a good word list.

Discovery of the passphrase 'dark obsidian' in under 10 minutes.

Stopping the monitor mode interface with airmon-ng after cracking the password.

Connecting to the secured wireless network using the discovered passphrase.

Verification of a successful network connection with ipconfig.

Conclusion of the video walkthrough on auditing wireless networks with Kali tools.

Transcripts

play00:00

this short video will provide you with a

play00:03

demonstration of the process of using

play00:05

the aircrack-ng suite of auditing tools

play00:07

on the Kali penetration testing platform

play00:09

to find a wireless network password and

play00:12

log on to the secured wireless network

play00:14

you can pause rewind and fast-forward

play00:16

this video with necessary you are

play00:19

encouraged to keep paper and pen handy

play00:21

to take notes if you wish after you have

play00:23

viewed the entire video you may want to

play00:25

refer to portions of it while you

play00:26

complete the lab itself

play00:30

after logging into Kali you will need to

play00:33

make a directory to store the capture

play00:35

files in this instance we have created a

play00:37

while and folder in the core root

play00:39

directory structure throughout this

play00:42

demonstration we will open several new

play00:44

terminal windows and issue all commands

play00:46

from this directory when performing the

play00:48

wireless attack in a terminal window you

play00:51

will issue the command airmon-ng start

play00:54

and this command will create a Monsey

play00:57

row interface that can be used to

play00:59

monitor all wireless traffic and to

play01:02

carry out the attacks the airmon-ng tool

play01:05

does this without first being

play01:06

authenticated on the network we will

play01:09

verify the mon0 interface has been

play01:11

created by issuing the command if config

play01:14

which will show all interfaces as you

play01:17

can see the mod 0 interface has been

play01:19

created but there is no IP address

play01:21

listed open a new terminal window and

play01:23

issue the command airplay ng - 0 5 - a

play01:28

then the target MAC address - H then

play01:32

your host MAC address on mon 0 or while

play01:34

and 0 and - - ignore - negative - on mon

play01:40

0

play01:42

the airplay ng tool is used to inject

play01:45

frames to generate traffic that

play01:47

aircrack-ng will use later for cracking

play01:49

the WEP and WPA PSK keys in this case

play01:54

the command issued will inject 5 D

play01:56

authorization attacks to the target MAC

play01:58

address from your host a deauthorize

play02:01

ation attack will force clients off a

play02:03

given network causing a denial of

play02:05

service do s attack that in turn forces

play02:08

that client Rhianna Kate at which time

play02:10

you can capture their authentication

play02:12

information it will also reveal the

play02:15

network name

play02:17

open a new terminal window and type

play02:19

airodump-ng - - channel 11 - - bssid

play02:26

then the MAC address of the target and -

play02:29

- right

play02:31

capture Mon zero this command will tell

play02:35

arrow dump ng to monitor channel 11 and

play02:38

use the MAC address of the target system

play02:40

for the bssid or the MAC address of the

play02:43

access point to the network and then

play02:44

dump all traffic from mon0 into a new

play02:47

file called capture back in the airplay

play02:50

ng window you can see five D

play02:52

authentication packets have been sent to

play02:55

the targeted access point to inject more

play02:58

packets we can repeat the airplay ng

play03:00

command but increase the number of

play03:02

packets sent from five to ten very

play03:04

easily we have now injected fifteen the

play03:07

authentication packets to the silent

play03:09

valor wireless network please watch

play03:11

while packets are injected

play03:40

return to the airodump-ng terminal

play03:43

window and press control-c to stop the

play03:45

dump process the next command we will

play03:48

issue is aircrack-ng - w word list

play03:53

capture 0 1 . CA p in this command

play03:59

aircrack-ng will use the word list or

play04:02

passphrase dictionary called word list

play04:04

against the capture files created by

play04:06

airodump-ng to search for possible pass

play04:09

phrases for this network because more

play04:12

than one wireless network was detected

play04:14

aircrack-ng will present them in a list

play04:16

so that you can choose which access

play04:18

point to crack in this case we are

play04:21

selecting silent valor 18

play04:24

type 18 when prompted and the capture

play04:27

file will start to process all the keys

play04:29

against the dictionary word list word

play04:32

lists can be found on the Internet the

play04:35

aircrack-ng website has a list of word

play04:38

list resources you can use to update

play04:40

your own dictionary list if you uncover

play04:43

passwords through social techniques you

play04:45

may want to add them to your existing

play04:47

word lists with a good word list

play04:49

aircrack-ng usually can crack a network

play04:52

password in less than 10 minutes please

play04:55

continue to watch this scan complete

play06:15

aircrack-ng found the passphrase dark

play06:18

obsidian in 1 minute 49 seconds

play06:25

now that we have a passphrase we can

play06:28

stop them on 0 interface by issuing the

play06:30

command airmon-ng stop Mon zero

play06:36

to test the passphrase you will need to

play06:39

open the network manager

play06:44

in the lower portion of the window you

play06:47

can see the silent valor Network has a

play06:49

68% signal strength it is running wpa2

play06:53

encryption on channel 11 clicking the

play06:55

connect button now will result in a

play06:57

failed connection because you haven't

play06:59

entered a passphrase

play07:01

in the silent valor properties dialog

play07:05

box select WPA

play07:08

1/2 pass phrase from the encryption

play07:11

drop-down list click the pre shared key

play07:14

checkbox and type in the passphrase

play07:16

discovered by aircrack-ng dark obsidian

play07:22

click OK to save the information

play07:25

click connect to connect to the silent

play07:28

valor Network

play07:46

with the network-connected type ipconfig

play07:50

into one of the open terminal windows to

play07:52

verify that while and zero now has an IP

play07:55

address from the access point one seven

play07:58

2.10

play08:00

0.4 0.1 one one that concludes this

play08:04

video walkthrough of the material in

play08:06

this lab auditing a wireless network and

play08:09

planning for a secure while and

play08:11

implementation in this video you learned

play08:14

how to use the aircrack-ng suite of

play08:16

auditing tools on the Kali penetration

play08:18

testing platform to find a wireless

play08:20

network password and log on to the

play08:22

secured wireless network

Browse More Related Video

Perform Wireless Attacks | CEHv12 Practical ILabs Walkthrough

The All About Wifi Hacking Techniques, Tips and Tricks in 2024.

Top 10 Hacking Tools In Kali Linux You Must Know.

WiFi Password Cracking in 6 Minutes and 4 Seconds

Aktivitas Belajar 2.2

Wi-Fi Configuration Windows 10

Rate This
β˜…
β˜…
β˜…
β˜…
β˜…

5.0 / 5 (0 votes)

Summary
Outlines
Mindmap
Keywords
Highlights
Transcripts
Related Tags
Kali LinuxWireless HackingAircrack-ngNetwork SecurityPassword CrackingPenetration TestingWEP/WPACybersecurityHacking TutorialSecurity Audit