wifi network

If you have come to read this article, then I guess you probably have researched a lot on how to hack a wifi network. If you haven’t done yet, then go to youtube or any other website that provides tutorials on how to hack a wifi network and come back here. Just search for true wifi tricks, or if you want to hack wifi with an Android the search for best wifi hacking Android apps, you will come across a lot of tutorials, tools, and apps.You will find that all the thumbnails and titles claim that this trick works 100%. But when you try the same method you will not be able to hack. Why is this so?

Ask yourself a logical question, if it was that easy to get into somebody’s wifi network then don’t you think that the companies would take the initiative to patch the vulnerability. Now you must be thinking that how the pro hackers are hacking? To quench your thirst of hacking, I would like to take you deeper into “wifi hacking.”

Understanding Encryption:

The first towards wifi hacking should be understanding encryption and different types of wifi encryption available.So encryption is the process of encoding information or data in a way that only the user (or computer) with the secret key can decode it. It uses mathematical functions to encode the information.  It is the most efficient way to manage data security. To read an encrypted file, you must have access to the secret key or password that will allow you to decrypt it.

Note: If you are a complete newbie and don’t have any idea about encryption or wifi networks I would highly recommend you to take this course “WiFi Hacking: Your Guide to Wireless Penetration Testing

Different Types Of Wifi Encryption and how to crack it:

There are various types of wifi encryptions available. The most commonly used encryption nowadays is WPA and WPA2. The first encryption to be used was WEP or Wired Equivalent Privacy. We will only these two types of encryption.Let’s start our discussion with WEP encryption.

1.WEP

WEP or Wired Equivalent Privacy was used as a Wi-Fi security standard in September 1999. When the first versions of WEP were released, it wasn’t strong as it was against the law to use above 64-bit of encryption.When the restraints were released, then the encryption was increased to 128 bit. Despite improvements to the algorithm and an increase in key size(64-bit to 128-bit and then 256-bit), serious flaws were discovered in the encryption. The Wi-Fi Alliance officially retired WEP in 2004. FBI gave public demonstration showing how easy it is to exploit a WEP encryption in 2005.If you want to read more about the flaws in the WEP encryption you can read it here.

As you can see that these types of encryptions are straightforward to crack. But unfortunately this encryption you will find nowhere. If you find one around your home and crack the password, then you are fortunate, and the neighbors are too stupid. You can call a WEP encrypted wifi network as an open network.

Also Read: How To Find Out Who Is Stealing Your Wi-Fi (WiFi) And Block Them

How to crack WEP encryption?f

There are a lot of free tools available on the internet. If you want to crack WEP, then I would suggest you to use airodump-ng to collect data packets and aircrack-ng to crack the password. Both these tools are pre-installed in Kali Linux

2. WPA/WPA2

WPA (Wi-Fi Protected Access) was the replacement for the WEP encryption. It was adopted in the year 2003, a year before when WEP was officially retired. The typical configurations available for WPA was WPA-PSK( Pre-Shared Key). Another configuration available for WPA is TKIP(Temporal Key Integrity Protocol) The keys used by WPA are 256-bit, a significant improvement over the 64-bit and 128-bit keys used in the WEP system.
There was a marked improvement from WEP to WPA, but it was not completely secure.TKIP, a core element of WPA was designed to be quickly rolled out via firmware upgrades in WEP-enabled devices. And then again it could easily be exploited.

WPA2

As the vulnerability was found in WPA so it was officially retired in 2006. The most significant change between WPA and WPA2 was the compulsory use of AES algorithms and the introduction of CCMP(Counter Cipher Mode with Block Chaining Message Authentication Code Protocol). These two were the replacement for TKIP.

Also Read::Is It Better To Use Wi-Fi (WiFi) Channel With A High Frequency?

 

How to crack WPA/WPA2 encrypted wifi network?

Since there is no known vulnerability in WPA2  that could be exploited easily and most of the time WPA comes with AES configuration so it becomes very hard to crack the password. If you want to crack WPA or WPA2 password then you need to get the encrypted password and then use brute force techniques. You can get the encrypted password easily with the help of aireplay-ng to de-authenticate the connected device and when the again connect to the wifi network you will get the encrypted password.

Another technique that could be used to crack WPA password is through WPS pin attack. Reaver is a great tool for this purpose. You will get a lot of tutorial on youtube on how to use these tools. Let’s come to the final question, Can any wifi network be hacked?

It’s a big “NO”. I have explained about the common encryption that is used and now you know the techniques to crack. Only vulnerable wifi routers can be hacked. And now every router comes with better-preconfigured settings. But my point here is to explain to you how those YouTubers make fool out of you. We will not consider weak encryptions like WEP or configuration WPS since these types are rarely available in our locality. The very common encryption is WPA2.

There are two methods to crack WPA2 password. First is brute force method and the other is by creating a fake access point. Let’s discuss the first method by brute forcing method. In this method, a wordlist is used to crack the encrypted password. The tools such as

In this method, a wordlist is used to crack the encrypted password. The tools such as aircrak-ng first convert every word in the wordlist to the encrypted form and then compare the encrypted password with the encrypted word generated from the word list. I will explain this with md5 encryption. Suppose the password is “techxerl” , so will have encrypted form of techxerl that will look like this “a61c188e297a2b79e88b81ac081c405f”. To decrypt this every word in the dictionary is converted to encrypted form similar to the long string that you see for techxerl and then both are compared. If the encrypted key string match then you come to know about the wifi password. You can try it yourself. Just go to the website http://www.md5online.org/md5-encrypt.html# and put in any word from the dictionary like apple and then go to the md5 decryptor  http://www.md5online.org/.You will find that it will be able to decrypt it. But once you put something very complex you will find that it will not be able to decrypt. This is because the word that you put in is not in the database so it can’t be cracked.

So now you know that this method will not work unless the exact word is in your wordlist. And most of the time the passwords are kept like “Name and then some number” so there is a high chance that you will not be able to crack the password.

Now let’s take a look at the other method by creating a fake access point. In this method, you replicate the wifi network and create your own access point with the same name and mac address. Then you disconnect the connected device with that wifi network. And if they will connect to your fake access point then they will be redirected to a page that will ask for their wi-fi password to improve security. The theory looks simple but again, the device connects to the wifi network with more signal strength. Since the wifi user will be at his house and your fake access point will be away from the connected device. Even if you disconnect the device it will connect back to the original wifi network.

[This type of attack can be done using an application called "fluxion”]

I hope now you know behind the scene of wifi hacking and you will not download any software that claims to hack a wifi network with a single click. I tried to explain everything in very layman term. If you have any query feel free to ask me in the comment section. If you want to learn everything at ease, I would highly recommend you this course WiFi Hacking: Your Guide to Wireless Penetration Testing