Time for action – cracking WPA-PSK weak passphrase
Follow the given instructions to get started:
- Let's first connect to our access point
Wireless Lab
and set the access point to use WPA-PSK. We will set the WPA-PSK passphrase toabcdefgh
so that it is vulnerable to a dictionary attack: - We start
airodump-ng
with the following command so that it starts capturing and storing all packets for our network:airodump-ng --bssid 00:21:91:D2:8E:25 --channel 11 --write WPACrackingDemo wlan0mon
The following screenshot shows the output:
- Now, we can wait for a new client to connect to the access point so that we can capture the four-way WPA handshake, or we can send a broadcast deauthentication packet to force clients to reconnect. We do the latter to speed things up. The same thing can happen again with the unknown channel error. Again, use
--ignore-negative-one
. This can also require more than one attempt: - As soon as we capture a WPA handshake, the
airodump-ng
tool will indicate it in the top...