Wifi Hacking, Simplified! Maybe…

DISCLAIMER: Only do this to networks you own!

For the last few months, my friends in the Unofficial DeVry IT group have been wanting me to make a few videos, while I am not the best at making them. This is one I did showing how to hack a WiFi network and how fast it can be done.

DISCLAIMER: Only do this to networks you own!

With that being said, you see the network called “HackMePlease” it’s a small Gli-Net travel router (Link to the model I used) running OpenWRT. While it’s running a popular firmware for routers, it doesn’t make it any less vulnerable to attacks. I did this by flooding the SSID with de-authentication messages, causing the clients to drop off, and capturing the handshakes when they reconnect. Those handshakes were then run against a list of known passwords in the rockyou.txt file. With the commands below they can be run against any password list.

The DOS attack is simple and can be executed on any 2.4Ghz network, unfortunately, 5Ghz networks are as easily susceptible to this type of attack. Below is the link to David’s video explaining and links to his GitHub where you can download the scripts and test them yourself. I can’t take credit for it, I just use it!

While my drug of choice is Parrot Linux, as seen in the videos Wifite and applications used are included on both Parrot Linux OS and Kali Linux. I find Parrot easier to use every day, tending to only use Kali as a backup.

DISCLAIMER: Only do this to networks you own!

https://youtu.be/NLG1huPgIHc

Some of the commands used in the videos and links to resources are listed and explained below.

“sudo wifite –kill –bully –reaver –dict /usr/share/wordlists/rockyou.txt”

sudo – Give you root privilege

wifite – An application which automates the air crack suite into a simple use application.

–kill – stops any processes running in the background which may interfere with the scans

–bully – Enables the use bully program for WPS PIN & Pixie-Dust attacks (default: reaver)

–reaver – Enables the use reaver program for WPS PIN & Pixie-Dust attacks (default: reaver)

-5 – enables scanning of 5Ghz networks, default is 2.4Ghz only

–dict (filelocation/textfile.txt) – specifies the file containing passwords used to possibly cracking. (default file: /usr/share/dict/wordlist-probable.txt)

Location of word list on Kali and Parrot Linux, these are there on most installs. You will need to open the directory and extract the list from the zip files. Here is a link with directions on locating the password list and extracting them. (Default location: usr/share/dict/wordlist/)

Additional Wifite commands can be found here

To give credit where it’s due, most of my knowledge on this came from watching David’s videos. I have compiled a list of the ones relating to today’s subject here. (Since posting his list is now offline or has been changed)

Davids GitHub with the red-python-scripts for DOS attacks

Link to the wifi adapter I use, it supports both 2.4Ghz and 5Ghz

David Bombal’s recommendations on WiFi cards and links to purchase some of them.

Parrot Linux site, documentation and download links

Kali org site for documentation, downloads and other links