As you all knows in Wireless Networks, there are so many encryption protocols are there i.e. WEP, WPA and WPA2 and out of that WEP is one of the most weakest protocol which uses 24-bit IV packets and other side, we have WPA2 protocol uses stronger encryption algorithm which is very difficult to crack.
Some Important Terms –
- WEP – Wired Equivalent Privacy
- WPS – Wi-Fi Protected Setup
- WAP – Wireless Application Protocol
- WPA – Wi-Fi Protected Access (From June 2004)
- WPA2 – Wi-Fi Protected Access v2
- SSID – Service Set Identifier (ESSID and BSSID)
- PSK – Pre Shared Key
The following discussion is for informational & educational purpose only. Hacking into private wireless network without written permission from the owner is illegal and strictly forbidden. Misused could result in breaking the law, so use it at your own risk.
“We try to break into stuff before the bad guys do”
What Penetration Testing is –
A penetration test, or pen test, or pen testing is an attempt to evaluate the security of an IT infrastructure by safely trying to exploit vulnerabilities. These vulnerabilities may exist in operating systems, service and application flaws, improper configurations, or risky end-user behavior. Basically there are two types of Penetration Testing are i.e. Black Box PT and White Box PT.
a) Black Box Penetration Testing – Ethical Hacker is provided no information except company name. E.g. Cyber Warfare
b) White Box Penetration Testing – Ethical Hacker is provided with background and system information.
There are so many methods are there to crack Wi-Fi Password like Fragmentation Attack, Chop Chop Attack, Caffe Latte Attack, Evil Twin Attack, Brute force Attack, PEAP Authentication Attack, FMS Attack, Hirte Attack etc.
About Kali Linux OS –
Kali Linux is one of the best operating system based on UNIX having more than 1000s of pre-installed tools based on network/forensics/webapp etc. Kali Linux is an open source OS having monolithic type kernel and available in both 32-bit and 64-bit architecture.
There are so many automated cracking tools are there to crack into wi-fi networks like Gerix Wi-Fi Cracker and Fern Wi-Fi Cracker but all are limited to only WEP and WPA based networks but the tool which we’ll discuss is FLUXION is developed in python and usually used to crack WPA2-PSK based networks. DentaFlux is the developer who developed this awesome wi-fi cracking tool.
Steps to install Fluxion in Kali Linux –
- Download the flux-master.zip (From Github)
Install via git clone
Command: git clone https://github.com/wi-fi-analyzer/fluxion
- Go to the Fluxion folder by typing this command:
Command: cd fluxion
- Run the Fluxion script as
How it really works ?
- Scan the networks. (Airodump-ng)
- Capture handshake (can be used without handshake)
- Use WEB Interface (Wi-Fi Phishing)
- Mounts one FakeAP imitating the original (Airbase-ng)
- A DHCP server is created on FakeAP
- It creates a DNS server to redirect all requests to the Host
- The web server with the selected interface is launched
- The mechanism is launched to check the validity of the passwords that will be introduced
- It deauthenticate all users of the network, hoping to connect to FakeAP and enter the password.
- The attack will stop after the correct password checking
Fluxion is intended to be used for legal security purposes only, and you should only use it to protect networks/hosts you own or have permission to test. Any other use is not the responsibility of the developer(s). Be sure that you understand and are complying with the Fluxion licenses and laws in your area.
Step 1 – To install Fluxion, use GIT method as per following screenshot:
Command: gitclone https://github.com/wi-fi-analyzer/fluxion
Step 2 – After installation, it will automatically create a new directory in same location where you’ve installed Fluxion named as “fluxion” and enter into that directory by typing “cd fluxion“.
Step 3 – To run Fluxion, just type “./fluxion“. The latest version of fluxion is 0.23.
Step 4 – After complete installation, it might shows some dependencies but don’t worry about that dependencies. You can easily install that missing packages by running the Installer “./Installer.sh“.
Step 5 –After running installer, it will popup some screens which shows you the installation of missing packages.
Step 6 – After complete installation of all missing packages, you can easily use Fluxion by typing this command “sudo ./fluxion”