Most wireless access points now use Wi-Fi Protected Access 2 or WPA2 with pre-shared key for wireless security. This is commonly known as WPA2-PSK. WPA2 is a successor of WPA with better encryption methods and hard to crack (well that’s a joke!).
So there are some requirements that needs to be fulfilled before we move forward. First and foremost you need an adapter that support wifi monitoring. In India its very hard to find one so I would suggest buying a TP-LINK TL-WN722N version 1 wireless adapter.
Note- Only buy the version 1 adapter as version 2 of this model does not support wifi monitoring mode.
Secondly, you should have a good knowledge about Linux Terminal Environment. If you are new to Linux Operating System, you might need to learn few basic commands in Linux.
Third and the last one, we will be using Kali Linux. You can download one from the Official Kali Linux Download page.
Now after fulfilling those, lets get started.
Step 1- Put the wireless adapter in monitoring mode by typing
Note- wlan0 might change according to the number of adapters connected to your system, so check the interface name by typing ifconfig in the terminal.
Step 2- Capture the traffic.
Type airodump-ng to capture traffic of all the wireless traffic going near you. Our wireless adapter is on the monitor mode, so it can see grab and display all the critical information including BSSID, power, number of beacon frames, encryption etc.
Step 3- Use airodump-ng to capture traffic of one AP.
This can be done by typing
airodump-ng –bssid 08:86:30:74:22:76 -c 6 –write first mon0
Step 4- Now disconnect all the devices connected to the AP.
This can be done simply done by de-authenticating all the connected devices by typing
airreplay-ng –deauth 100 -a 08:86:30:74:22:76 mon0
This can be done by airodump-ng which is already being run in the background. This will save the handshake in the file named first as shown in the code in step 3.
Step 6- Crack the code.
Once you got the handshake, its time to crack the code. We can run the saved file against aircrack-ng. But for that we need a password list which are easily available on the internet. But in this example we are gonna use the one available in the backtrack named darkc0de. Download this file from the Internet and save it.
So to crack the password you simply need to type
aircrack-ng first.cap -w /Desktop/darkc0de
This might take some time. You are advised to be patient. If the password isn’t found try another password list.