Friday 3 April 2015

Hack Wi-fi Password using BACKTRACK

Requirements :-

             1 ) backtrack
             2 ) Wifi adapter capable of injecting packets , For this tutorial I will use Alfa            AWUS036H which is a very popular card and it performs well with Backtrack.


Procedure :-

First Login to your Backtrack / Linux distro and plug in your Wifi adpter , Open a new konsole and type in the following commands

ifconfig wlan0 up

where wlan0 is the name of the wireless card ,it can be different .To see all wireless cards connected to your system simply type in ” iwconfig “.

Putting your WiFi Adapter on Monitor Mode
To begin, you’ll need to first put your wireless adapter into monitor mode , Monitor mode is the mode whereby your card can listen to every packet in the air , You can put your card into monitor mode by typing in the following commands

airmon-ng start (your interface)
Example :- airmon-ng start wlan0
Now a new interface mon0 will be created , You can see the new interface is in monitor mode by entering “iwconfig mon0” as shown
Finding a suitable Target

After putting your card into monitor mode ,we need to find a network that is protected by WEP. You can discover the surrounding networks by entering the following command

airodump-ng mon0
Bssid shows the mac address of the AP, CH shows the channel in which AP is broadcasted and Essid shows the name broadcasted by the AP, Cipher shows the encryption type.

Now look out for a wep protected network In my case i’ll take “linksys “ as my target for rest of the tutorial

Attacking The Target

Now to crack the WEP key you’ll have to capture the targets data into a file, To do this we use airodump tool again, but with some additional switches to target a specific AP and channel. Most importantly, you should restrict monitoring to a single channel to speed up data collection, otherwise the wireless card has to alternate between all channels .You can restrict the capture by giving in the following commands

airodump-ng mon0 –bssid -c (channel ) -w (file name to save )

As my target is broadcasted in channel 6 and has a bssid “98:fc:11:c9:14:22″ ,I give in the following commands and save the captured data as “RHAWEP”

airodump-ng mon0 –bssid 98:fc:11:c9:14:22 -c 6 -w RHAWEP

Using Aireplay to Speed up the cracking


Now you’ll have to capture at least 20,000 data packets to crack WEP .This can be done in two ways, The first one would be a (passive attack ) wait for a client to connect to the AP and then start capturing the data packets but this method is very slow, it can take days or even weeks to capture that many data packets
The second method would be an (active attack )this method is fast and only takes minutes to generate and inject that many packets .
In an active attack you’ll have do a Fake authentication (connect) with the AP ,then you’ll have to generate and inject packets. This can be done very easily by entering the following commands

aireplay-ng – 1 3 -a (bssid of the target ) (interface)
In my case i enter the following commands

aireplay-ng -1 3 -a 98:fc:11:c9:14:22 mon0

After doing a fake authentication ,now its time to generate and inject Arp packets . To this you’ll have to open a new Konsole simultaneously and type in the following commands


aireplay-ng 3 -b (bssid of target) -h ( Mac address of mon0) (interface)

In my case i enter
aireplay-ng 3 -b 98:fc:11:c9:14:22 -h 00:c0:ca:50:f8:32 mon0


If this step was successful you’ll see Lot of data packets in the airodump capture as shown

Wait till it reaches 20000 packets , best would be to wait till it reaches around 80,000 to 90,000 packets .Its simple more the packets less the time to crack .Once you’ve captured enough number of packets, close all the process’s by clicking the into mark which is there on the terminal


Cracking WEP key using Aircrack



Now its time crack the WEP key from the captured data, Enter the following commands in a new konsole to crack the WEP key

aircrack-ng (name of the file )

In my case i enter
aircrack-ng RHAWEP-0.1-cap

With in a few minutes Aircrak will crack the WEP key as shown



Once the crack is successful you will be left with the KEY! Remove the colons from the output and you’ll have your WEP Key.

RAR PASSWORD CRACKER

RAR  PASSWORD  CRACKER



This blog is intended to recover lost passwords for RAR/WinRAR archives of versions 2.90-5.xx.

Methods To Crack/find Password:

1 )  Exhaustive search all possible combinations of characters ("bruteforce" method).
2 )  Using passwords from lists ("wordlist" or "dictionary" method).

1 ) BRUTEFORCE :

step 1  :  Open Rar Password Cracker wizard

             select rar file as shown in fig.


click on " Add to project" and click "Next"




 step 2: select "Bruteforce" and click "next".


Step 3: add " Digits " and " lowercase and uppercase" letters


Set "minimum length" and "maximum length" and click "next"


step 4 : browse and save file  and  then click on "finish"








DOWNLOAD RAR PASSWORD CRACKER




WiFi Password Hack Using Windows 8


WiFi Password Hack Using

 Windows 8 :


Step 1 : Install CommView for WiFi . It doesnt matter whether you install it in VoIP mode or Standard mode . I used VoIP . It automatically installs the necessary drivers . Allow it to install .

Note :- You will not be able to connect to any Network using WiFi when using CommView .

Step 2 : Click on the PLAY ICON in the Left First .





Step 3 (Choosing the Network (a) ) : A new window should pop up now. Click on the START SCANNING button




Step 4 : (Choosing the Network (b) ) : Click on the WiFi network you want to hack in the Right Coulumn and Click on CAPTURE.


Note :- This tutorial is only for WEP protected networks .





 Step 5 : (Capturing the Packets) : The windows should close now and you should see that CommView has started Capturing Packets .





 Step 6 : (Saving the Packets ) : Now that the Packets are getting captured you need to Save them. Click on Settings->Options->Memory Usage Change Maximum Packets in buffer to 20000.



Click on the LOGGING Tab .
Check AUTO-SAVING
In the Maximum Directory Size : 5000
Average Log File Size : 50





Now CommView will automatically Start Saving packets in the .ncp format at a size of 20MB each in the specified directory .

Step 7 : ( Concatenating the Logs ) : Since you are capturing a lot of logs you will need to concatenate them into once file . To do this go to Logging and click on CONCATENATE LOGS Choose all the files that have been saved in your specified folder and Concatenate them .

Now you will have one .ncf file .

Step 8 : (Converting .ncf to .cap ) : Now that you have one file with all the packets you need to Convert it into .cap file for AIRCRACK to crack .

Click on File->Log Viewer->Load Commview Logs-> Choose the .ncf file. Now File->Export->Wireshark/TCP dump format .


Aircrack Part :

Now for the Second Part Cracking this is very simple . Just open the Aircrack Folder->Bin->Aircrack-ng GUI.exe Choose the .cap file and you should be able to do the others .
 Also select the encryption(WEP or others) and Key size (64). Press launch and the key will be revealed.
or try other settings if not working.


0