airodump-ng -c2 -w capture -d DE:EF:CA:CA65AF wlan0mon Now that we know the channel to the access point we are interested in we can just filter everything else out. As we can see from above, the BSSID is being broadcast for devices to detect their presence and underneath, the Stations (clients) are associated with the access points. Now that we have our target router, let’s see what devices are trying to connect to it. Now let’s say we want to target this AmIRootYet channel then we can stop the packet capture. It’s trying to find the devices that are trying to connect to all access points in the vicinity no matter what channel they are on. This process is knows as Channel Hopping and you will see the monitor change channels on the top left hand corner. Once you have that set up we can now grab packets from the airwaves on this interface. That seemed to work, no errors, so let’s check to see that the interface is in monitor mode.
Airmon allows us to start monitor mode on this interface. It does this by packet capture over the airwaves. We want to change that to Monitor Mode to scan for local devices trying to connect to local routers. We can see that our interface wlan0 is our listening interface, at the moment it’s in Managed Mode. This will tell you the interfaces that are connected to the internet over a wireless connection.
Once you are logged into Kali Linux, open a command shell. Once we do that we will try to crack the password to that WiFi router to gain access. Then we will need to de-authenticate a user from the WiFi connection, this will give us time to capture the re-authentication (the 4 way handshake). So let’s get started, first we need to fire up our Kali Linux machine and get our WiFi card into monitor mode so we can monitor local connections to local routers.
The goal is to gain access to the router.Īs always guys, these posts are for Penetration Testing purposes and not to be used on real networks without permission.
Today’s tutorial will be looking into how you can crack the password of the 4 way handshake of someone that is re-authenticating themselves to a wireless router.