For educational purposes, in this article, we will see how to crack WiFi password using a famous WiFi cracker, Backtrack 5 R3, which can help patient people to hack even WPA and WPA2 security protocols.
Firstly, I want you to be aware of that our solution works only on the WiFi networks that WPS is enabled.
WPS is a common feature in almost all of the wireless router is produced in recent years. This feature allows a computer to connect to a wireless network through PIN entry without having to remember passwords that network.
It takes me actually 4 hours to more than 10 hours dealing with Backtrack 5 R3 to crack successfully WPA2 (WPS enabled).
4 Steps to Crack WiFi password using Backtrack 5
We are going to use Backtrack and Wifite. You need to be patient and some kind of luck.
Step 1: Download WiFi cracker tools
- Download unetbootin.
- An available 4GB USB
- Download Backtrack R3
Step 2: Create Backtrack 5 Bootable USB
- Run unetbootin, select backtrack 5.ISO at diskimage, then click on OK.
It takes a little while to finish the processing.
Step 3: Make the Laptop boot into Backtrack 5
In the rage of this article, we are going to deal with a virtual machine (VMware or Virtual Box). This method leads to better effectiveness to do directly with the Laptop. At for Macbook, keep holding the Option key to go to the boot menu. For Windows Laptop, go to Bios to make USB boot at priority.
Select “backtrack text – default boot text mode” to boot to backtrack OS.
Step 4: Start cracking WiFi password (WEB, WPA, WPA2)
- Type “startx” then hit Enter to get into Backtrack
- Click on Terminal
- Install wifite by the following command line: http://wifite.googlecode.com/svn/trunk/wifite.py
- Use “chmod +x wifite.py” to set authorisation for wifite
- Execute Wifite by “./wifite.py”
- After 10s – 20s loading, you can press Ctrl+C to stop scanning for the WiFi networks around you list.
- Choose the number of the targeted WiFi name (we can only crack the WiFi network which stand with WPS) then wait.
At I mentioned, it takes me actually 4 hours to more than 10 hours dealing with Backtrack 5 R3 to crack successfully WPA2 (WPS enabled).
At the results:
In the case you hacked the WiFi password already, then if the owner change the password, the new Pin can be reveal quickly with reaver.
reaver -i mon0 -b BSSID –pin=xxxxxxxx -vv (xxxxxxxx is the 8 Pin numbers you hacked)
We have just updated a better solution to crack WiFi password (WPA and WPA2) by using Linset. Linset will make all clients be disconnected to the targeted WiFi network first, then motivate them to connect to a protected fake WiFi Network in exactly the same name as the targeted one. The software will record the Entered password by clients