In today’s world, everyone wants portability, thus Wi-Fi routers have become enormous in terms of portability for the users, where in the user can access internet within the range of the router without any clumsy wires or so.
Whether it may be a phone or laptop or even TV devices now comes with Wi-Fi. So having Wi-Fi router at home, offices, hotelshave become popular these days.
Now since in case of wired internet, you need to have the physical reachability with the Cat5 cable to connect to internet. In case of Wi-Fi you just need to be in the range of the air interface of the router. On one hand it has eased the life while on other hand it has raised a serious security concern for the user.
Since this is an air interface the user just need to be in the range of the given Wi-Fi router and then can use the internet as well as various other resources or sensitive data available within the network of the router thus resulting in a serious security concern and breach of information security.


In order to protect un-authorized usage of the router resources, router comes with various types of password protection methods such as WEP, WPA and WPA-PSK.
Using such security protections the router access is protected using any one of the encryption method and the key is shared only with the authorized users.
What is WEP, WPA and WPA-PSK encryption methods?
WEP: - Wired Equivalent Privacy (WEP) is a security algorithm for IEEE 802.11 wireless networks. WEP, recognizable by the key of 10 or 26 hexadecimal digits, is widely in use and is often the first security choice presented to users by router configuration tools.
WPA/WPA2: – Wi-Fi Protected Access (WPA) and Wi-Fi Protected Access II (WPA2) are two security protocols and security certification programs developed by the Wi-Fi Alliance to secure wireless computer networks. The Alliance defined these in response to serious weaknesses researchers had found in the previous system, WEP (Wired Equivalent Privacy).
WPA-PSK: - WPA-PSK is common on most units, and allows a Pre Shared Key to be used to authenticate users coming in to the wireless network. The key’s hex equivalent changes every so often, so any war drivers heads can’t hack into your network.
Every home user looking for wireless, which is in an area where they may be open to an attack from a war driver or a script kiddie, should use WPA-PSK method to secure the network. This will keep your wireless secure, as long as you don’t forget to set it up as other two methods WEP and WPA/WPA2 can be easily hacked.
Now let us see how to break WPA/WPA2 using Reaver tool in Backtrack or any Linux distros.
What is Reaver?
Reaver is a very powerful brute force application which randomly tries all the possible combination to get access points WIFI protected setup pin number which is of 8 digits only.
Since the PIN no is just 8 digit, out of which last digit is the checksum digit, so the tool has to Brute-force only 7 digits to hack in to the setup of the WIFI router. Reaver tries all the possible combination to get the setup pin to break in to the security of the router.
How to download and install Reaver tool?
You can download the Reaver tool from here.
Open the terminal windows and follow the following commands.
1.ifconfig wlan0 up
This command will enable your wireless adapter. In case your system has more than one wireless device, then using “ifconfig” find out the relevant device name. In my case it is “wlan0”.
2. airmon-ng start (your interface)
E.g.:- airmon-ng start wlan0
In order to hack the network, first the device has to be put in to monitor mode. Monitor mode enables your network device to listen and capture each and every network packet from air interface.
3. Now a new interface mon0 will be created, you can see the new interface is in monitor mode by entering “iwconfig mon0” as shown below.
4. Now we need to find out the BSSID of the network of which you have to hack the key. To find the BSSID, in terminal, enter the following command.
airodump-ng mon0

This command will give you the entire Wi-Fi network available in the range of your system. You have to identify which one is the router for which you need to hack. Once traced, copy the BSSID as show
below and also note down the ESSID and also the channel.
5. Now once you have everything we can start using Reaver.
# reaver –i mon0 –f –c “channel No” –a –b BSSID –v –d 0
E.g.:- # reaver -i mon0 -f -c 11 -a -b 00:25:5E:95:01:EE -v -d 0
6. Once this command is executed, reaver starts the brute force attack and tries all the possible combination of pin to get the WPA/WPA2 key once WPS is cracked. It may take time depending upon the router signal, the router as well.
7. First the starting 4 digit key is cracked, once the starting 4 digit key is cracked, the rest 4 digit is scanned upon and finally the checksum.

8. Once reaver is able to crack the WPS pin, it will display the information as below.
=====================================================================
9. In my case it took almost 2 hours to crack the WPS Pin and the Pre shared key (PSK). Once you get the above information, you can easily logon into the router with the PSK and can use the internet as well the network resources within the router will be available to the hacker.
Happy hacking Wi-Fi Routers!

1 comments Blogger 1 Facebook

  1. Do this hack to drop 2 lbs of fat in 8 hours

    At least 160k men and women are losing weight with a easy and SECRET "water hack" to lose 1-2 lbs each night as they sleep.

    It is effective and works all the time.

    Just follow these easy step:

    1) Take a drinking glass and fill it up with water half glass

    2) Then do this weight loss hack

    you'll be 1-2 lbs thinner when you wake up!

    ReplyDelete

 
LEARN HACKING TIPS AND TRICKS © 2013. All Rights Reserved.
Top