Cracking WPA/WPA2 Passwords are always hard with bruteforcing or Dictionary Attacks
Imagine you are penetrating wireless networks and you have managed to get the Handshake by using Airmon-ng Tool. Want to learn how to capture handshake file with Airmon-ng click here
If the Wireless network has a complex password which is more than 8 characters with upperphrase,lowerphrase and special characters included. it could take ages to crack the password by brute forcing each and every character.
See how long will it take to an hacker to crack your password.
In a nutshell hacking a wireless network is not complicated. There are so many ways to successfully hack a Wireless Network. Wireless Network are not much secured as an wired connection. but if the password is more than 8 characters it takes huge time to crack the password.
Fluxion is a Ultimate wifi Tool which is used to get the wifi password without brute forcing. HOw?
heard of Evil Twin Attacks? Yes Fluxion is an Automate tool to setup Evil twin attack by using the captured handshake file. Fluxion tool sets up a fake access point to capture the password in plain text using Handshake file. Fluxion is a remake of linset by vk496 with less bugs and more functionality. It’s compatible with the latest release of Kali (rolling). If you’re new, or just don’t understand much about the project, have a look at the wiki. The attack is mostly manual.
So in this post I’ll show you how I used Fluxion, and how you can too.
Disclaimer : Fluxion is intended to be used for legal security purposes only, and you should only use it to protect networks/hosts you own or have permission to test. Any other use is not the responsibility of the developer(s). In other words, don’t be stupid, don’t be an asshole, and use this tool responsibly and legally.
Fluxion is an open source Software which can be downloaded free via Github.
A Linux-based operating system. Recommended Kali Linux 2 or Kali 2016.1 rolling. Kali 2 & 2016 support the latest aircrack-ng versions. An external wifi card is recommended.
How it works
- Scan the networks.
- Capture a handshake (can’t be used without a valid handshake, it’s necessary to verify the password)
- Use WEB Interface *
- Launch a FakeAP instance to imitate the original access point
- Spawns a MDK3 process, which deauthenticates all users connected to the target network, so they can be lured to connect to the FakeAP and enter the WPA password.
- A fake DNS server is launched in order to capture all DNS requests and redirect them to the host running the script
- A captive portal is launched in order to serve a page, which prompts the user to enter their WPA password
- Each submitted password is verified by the handshake captured earlier
- The attack will automatically terminate, as soon as a correct password is submitted
The easiest way to Install Fluxion is to via Git clone.
Host@root# :- git clone https://github.com/deltaxflux/fluxion
Wait till the Downloading is finished. After downloading the Fluxion. change the directory to the Downloaded Fluxion directory.
Host@root# :- cd fluxion/
Now Fluxion Tool is downloaded Next step is to Install the Tool. Before that you need to add the “deb http://http.kali.org/kali kali-rolling main contrib non-free” into the /etc/apt/sources.list file. Run add.py.
Host@root~fluxion/# :- ./Installer.sh
wait till the Tool install all the Dependencies. few windows may pop up to install all the Dependencies have patience all the dependencies must be installed without error if the tools are not installed check your /etc/apt/sources.list file.
Now Installer.sh Script has downloaded all the Dependencies and tools. All the Tools are indication OK!. Successfully Installed.
Now the Tool has been installed successfully. Run the Fluxion script to Start the Tool.
Host@root~fluxion/# :- ./fluxion
Select your Language.
Select the Channels. Choosing the best Wi-Fi channel on your router helps to reduce interference and improve your WI-Fi signal. These tools will help you identify the least congested Wi-Fi channel in your area. Wi-Fi channels overlap with nearby channels. Channels 1, 6, and 11 are the most frequently used for 2.4 GHz Wi-Fi. My wireless Network is in channel 10. you can choose 1 for now.
A window will pop with white screen the script is Dumping all the rouge traffic to the external wireless adapter if you have one. or to the internal Adapter in the Monitor mode. Same as the Airmon-ng tool does here
hit ctlr+c to stop the dumping process of packets to the wifi adapter.
Type the ID of the wireless Network you want to crack the password.Now you have 4 types of attack FAKEAP,FakeAP using airbase-ng ,WPS Slaughter which tries each pin on the router,Bruteforce which takes time and you need to have an external wifi Adapter to Bruteforce.
we will use 1. FakeAP – Hostpad which is Already Recommended by Fluxion Tool.
if you already have the handshake file provide the path of the handshake file or capture the handshake file. hit Enter to skip and capture the handshake file if you don’t have one.
Choose the Tool you want to capture the handshake file.Aircrack-ng is recommended. You can manually capture the handshake file using Airmon-ng Click here to know how to capture handshake file manually.
Select the Type of Attack that is Deauth All, Deauth Targets. I choose 3 it works most of the time within seconds if you wifi adapter has the power to send the deauth packets to the target.
Capturing an handshake file requires patience. it depends on how strong is your external wifi adapter transmitting rage. is the victim connected to the access point. does the deauth packets reach the victim device without any signal interuption? Capturing a handshake file might be difficult for some others reasons.
wait untill the WPA handshake file is caught it indicates at the top right of the terminal. when done you can stop the deauth process by hitting ctrl+c.
now you have the handshake file you can crack the handshake file by many ways. each and different ways has special advantages and disadvantages. Select 1 to start evil twin attack and get the passwords within seconds. Instead of bruteforcing which takes long time than usual.
Select the type of router your Victim is using if you don’t know which router just hit 1.
Now all you have to do is wait till the Victim connects to our Fake Access Point he would connect soon because our fake access point does not have password. all he has to do is click on the connect. Later he will be presented with his Router login page he enters the password. As soon as the password is caught we will get the password.
Congratulation now you can hack any wireless network within minutes. Did not get the password feel free to comment. we would love to help you. 🙂