00:00.3
00:08.0
Hello guys welcome to my video on hacking a wireless system and in this case it is a router
00:08.1
00:23.4
so one of the first things we are going to do is to show all the devices that are availabe, the cards that are available that can enter into monitor mode
00:23.4
00:36.5
so we use "airmon-ng", so there is just one interface and that is the wlan0mon
00:36.5
00:46.6
okay, so now that we have seen the number of wireless cards available and which can enter into the monitor mode, lets just start the interface
00:46.6
01:02.4
and that is done by typing "airmon-ng start wlan0mon" and that is gotten from here
01:02.4
01:19.2
so we run that. Okay, that's done. Now that that's done, to confirm or to check that the monitor interface has started, we can type "ifconfig"
01:19.3
01:34.9
Okay, so initially, this wouldn't have been there, sorry, this wouldn't have been there, so seeing this shows, it's running. Okay so now, we can move on
01:35.0
01:46.8
what we need to do now is to find all the wifi networks in this location or in my location. All the wifi networks around
01:46.9
02:10.0
and that's done by using the command "airodump-ng wlan0mon" and that's the name of the interface so
02:10.1
02:28.9
okay, so after running the command, two wireless systems have been found. These are the wireless or the routers that have been found
02:28.9
02:51.5
so we can move on and then try to get a handshake and basically the handshake will show that the key has successfully been intercepted
02:51.5
03:15.6
and to do that we use "airodump" so "airodump-ng" and reading from this, we will be needing '-w'
03:15.6
03:36.4
which will write whatever is captured into a file. We will be needing this. That will be specifying whatever bssid we would want to hack so in this case it will be this and then '-c'
03:36.5
03:47.8
'-c' will basically talk about the frequency or the channel that we will be listening on, okay, so lets go on
03:47.8
04:14.9
so airodump-ng -c and in this case, c is 1 because it's on channel 1. so c 1 --bssid which is the mac address for the particular gadget
04:14.9
04:43.5
in this case, this, so lets just copy and then paste. And then we will be writing it to the Desktop.
04:43.5
05:08.3
hmmm. Ow yeah, we would have to specify the interface and in this case it is 'wlan0mon'. Okay
05:15.9
05:25.4
[BACKGROUND NOISE]
so we would have to wait for somebody to connect in order for the handshake to be established
05:25.5
05:44.5
but since it is taking much time, i guess we would have to use "aireplay". so, lets just leave this to run and then use a new terminal for "aireplay"
05:44.5
06:10.3
so, "aireplay-ng". So in aireplay we will be using '-0'. it represents the deauthentication counts. So, it can be 1, it can be 100, it can be 20
06:10.3
06:29.9
and we will be using '-a' which, where is it, will be the bssid and then you type the monitor interface or wlan0mon, in my case
06:29.9
06:59.5
so "aireplay-ng -0" i will be using two, naah, let me use a hundred. yeah, -a, copy and paste the bssid of the router you are trying to hack
06:59.5
07:38.2
or crack and followed by "wlan0mon". Lets see what happens. Okay, so here it begins.
07:38.2
08:06.8
huh, so immediately we see this, it means the handshake has been complete and therefore we will be able to hack the WiFi system or crack the wifi system.
08:06.8
08:14.3
and in order to do that we will be using "aircrack". so now, i think we can stop this now
08:14.3
08:31.9
in order to do that, we will be using "aircrack" and the "dictionary". So in this case, lets go to where the dictionary is usually located.
08:31.9
08:51.6
First, lets see what "aircrack" has to offer. In using "aircrack" we will be using, we will be specifying the force attack mode which in this case, it's two
08:51.6
09:09.2
errrmm, we will be using '-b' for the bssid of the router. We will also be using '-w'. That's the wordlist
09:09.2
09:25.7
okay, so, there are several wordlists online but Kali comes with one particular wordlists. That's "rockyou.txt"
09:25.8
09:39.2
so, lets go here and list. This is it but because it is compressed, we would need to decompress it
09:39.2
10:02.7
and to do that we use "gzip -d" and then specify 'rockyou.txt.gz'. Okay, let me take of the backslash
10:02.8
10:31.2
okay, so, now it has been unzipped. We can take a look at it using 'nano', 'leafpad' or 'vi'. yeah, any of those apps. but i personally prefare 'nano'
10:31.2
10:53.9
It will take a little bit of time but it is worth it. So, these are some of the passwords we will be running with
10:53.9
11:28.5
so, you can add some common passwords or the persons name. You can add his previous passwords and what you think might be the password
11:28.5
11:32.0
but in this case let me provide the password
[UNKNOWN WORD]
11:32.0
11:42.7
and then save, Ctrl+Z. Press yes, press y and then save
11:42.7
12:21.1
okay, so we can now move on now that we are done extracting. So we can use "aircrack-ng -a 2 -b" just located right here. eerrmmm, and then specify where the wordlist is found
12:21.1
12:35.9
and in this case it is /usr/share/wordlists/rockyou.txt
12:35.9
12:52.5
and then you will specify where the ".cap" file can be found and in this case we saved it to the Desktop
12:52.5
13:25.9
and this is the name. You can just copy and then specify where it is found. It is found in '/root/desktop/' the name '.cap
13:25.9
13:42.5
and then press "Enter". So after some few searches, it has found the password.
13:42.5
14:00.1
yours might take a little bit of time than this but depending on where the password is found is found in the 'rockyou.txt', it might take much more time than this or much less time than this
14:00.1
14:07.0
Okay, Thank you guys for watching
See ya.