I'll open by saying, I stole the screen shots from LifeHacker because I couldn't be bothered to mess about installing shizzle...
On with the show!
I'm not joking when I say dummies guide, I know several ways of cracking WiFi, none so simple as this however, I reckon a well trained monkey could do it (again, credits; LifeHacker). It focuses on WPA and WPA2 passwords not WEP (i.e, it cracks the harder ones, which most networks have nowadays). You don't really need to know much about computers, just follow the guide below!
What you'll need:
* A working laptop with the ability to connect to WiFi
* A memory stick with at least 2GB of space
--- Where I have put: 'some text' - DO NOT INCLUDE THE APOSTROPHES! Same goes for " ---
1) Click this it downloads the Universal USB Installer which you'll need, once it's downloaded, make sure you know where it is (usually your 'Downloads' folder in My Documents)
2) This can get a bit confusing, so, first go here. When there you should see like a form, fill it out so that you have the same fields selected as the ones in the picture below:
If that confused you, try the worded way:
- Click the drop down box, select "Backtrack 5 R1"
- Now click the thing that says "GNOME"
- Then click the thing that says "32"
- Then click "ISO"
- Finally, select "Direct" and click "Download"
This download can take a while, as does most of this process.
3) Once it's downloaded, open the "Universal USB Installer" what you downloaded earlier, click "Agree" and then you'll see something like this:
Here's what I want you to do
First, shove your memory stick into the computer (don't just shove it straight in, be gentle, take your time...).
Second, Click the little drop down box, scroll down (or press "B" a few times) to "Backtrack" and then click "Backtrack 5 or 5 R1".
Third, click 'Browse' and then find your Backtrack 5 download, when you get to it, select it.
Fourth, it is imperative that you get this right, find out what drive letter your USB stick is, this can be done by going into My Computer and finding it (The letter will be next to the name!) you must get the right one. Once you've found this out, go back to the USB installer and click the drop down box, and select your USB's drive letter, if it isn't there, click the little checkbox that says, 'Show all drives' and then go back to the drop down and click it. DO NOT CLICK C:!!!!!!!
Finally, click 'Create' and sit back, for a few minutes, maybe more, you'll see something like this:
4) When it's done, exit everything and restart your computer and when it loads back up, press whatever key it says will take you to "Setup" or "BIOS" (it flashes up in the bottom of the screen, usually F1, F2 F10 or F12). Once you're there, use the left and right arrow keys to find the "Boot order" or "Boot priority", when you find it, use whatever keys it says (it'll be at the bottom) to move "USB Drive" to the top. If it doesn't say USB drive, go to "HDD", press enter to open it, and move the USB/Removable Disk Drive to the top. Finally, press F10 to save and exit. Your system will restart, the USB drive must still be in the PC!
5)When it loads, you'll see something like this, when you do, hit enter:
Then, when prompted (things will stop moving) type 'startx' and hit enter.
6) Funnily enough you need WiFi to hack WiFI, you'll need to connect, this is done by navigating like so: Click Applications > Internet > Wicd Network Manager and then select your network and connect to it (it may prompt you for your password, put it in and click connect again).
7) This may take a bit of time too, you see whilst there are numerous WiFi cracking tools already loaded into BT5, we need another, Reaver, so, let's install it (when you turn your system off, it will be deleted):
- Click Applications > Accessories > Terminal
- When it opens, type 'apt-get updates' and hit enter.
- When the updates finish type 'apt-get install reaver' and again, hit enter. (This shouldn't take that long.)
Finally, disconnect from the WiFi network you're on by navigating: Applications > Internet > Wicd Network Manager and clicking disconnect.
8) Time to gather information you need for the attack, you'll need the interface name of your wireless card, the BSSID of the router your attacking (note you'll need to be near it as you need a strong signal) and you'll need to set your wireless card to monitor mode, don't worry, tis easier than you think, just go get a pen and a piece of paper!
First, Open terminal and type 'iwconfig' and press enter. You'll see a list of your network devices appear, the one you're looking for will most likely be 'wlan0' (zero not o) write this down!
Second, in terminal type, 'airmon-ng start wlan0' (Note, if the name you found in the step before wasn't wlan0, change where it says wlan0 here to whatever you found!). This puts it in monitor mode, the new name for your wireless card will likely be, 'mon0' (Write this one down, YOU NEED IT!)
Third, you'll need to find the BSSID of the router you're going after, in terminal type, 'airodump-ng wlan0' and press enter. Now a list of devices will load, when you see the one you want, (identify it by the name on the left, under ESSID) press CTRL+C to stop it loading more. Then write down the corresponding BSSID (The one that's in line with the ESSID you just picked!)
9) Nearly done! Put the following command in the terminal, replacing bssid and moninterface with the BSSID and monitor interface and you copied down above: 'reaver -i moninterface -b bssid -vv' for example, if your monitor interface was mon0, and your BSSID was 8D:AE:9D:65:1F:B2, your command would look like: 'reaver -i mon0 -b 8D:AE:9D:65:1F:B2 -vv' when you've put this in, hit enter, and relax whilst it does it's work.
It can take up to ten hours to complete this process, but can take much less, it helps if you're close to the router!
Eventually, it'll get it, and you'll see something like this:
And, you've got it!
A brief look at how it works, most routers come with WPS (WiFi Protected Setup) which is designed to ease the setup, the thing is it comes with a pin that is built into the device, which can Reaver takes advantage of to reveal your password!
Hope you enjoyed, and remember, don't do anything illegal! I'm not gonna be responsible!