Crack: WPA & WPA2 Passwords in 4-10 Hours!

WPA & WPA2 used to be impossible to crack unless you used brute force. Back in Febuary, a Linux program called Reaver came that exploits a flaw in WPS (Wifi Protected Setup). This attack takes anywhere from 4-10 hours (the closer the faster). When I tried it took 8 hours. Other people have had it happen in 2!

Requirements

Backtrack 5 Live CD
Reaver
Almost any Computer

Instructions

1. First off you will need to create a Backtrack 5 Live CD.

NOTE: A live CD is a bootable operating system that can run on any computer. Don’t worry, it won’t delete your current operating system and NOTHING will be changed. The Live CD will temporarily store the things you download to your RAM (Random Access Memory). Once you shut down the computer, everything you installed (on the live CD OS) will be deleted. And you current OS (Operating System) will be back with everything unchaged.

Head over to the Backtrack Download Page and select Bacaktrack 5 R1 > GNOME > 32 > ISO > DIRECT

Once its downloaded you need to burn the ISO to a CD.

NOTE: I will show you how to do this on a MAC but its pretty easy to do on a windows.

Open up Disk Utility. Its in the folder /Applications/Utilities/

Drag Backtrack 5 into Disk Utility, select it, and click on burn

Insert your blank CD or DVD and  burn it (If it fails try burning at a lower speed).

2. Once you have Backtrack on a CD/DVD insert it in your computer and shut it down. If you are on a mac start up your computer while holding down “C” without the quotes.

If you are on a Windows you need to change your BIOS settings to start up from a CD.

3. It will take a little time to boot into Backtrack. Once you’ve reached the prompt, type startx

4. Right now, Reaver is not incorporated into the live CD. So you will have to install it. So you have to have access to a wifi network to download reaver, then you can crack any network!

Click Applications > Internet > Wicd Network Manager

Click on the network you want to connect to download reaver (not the one you want to crack).

Now that your connected to the internet, its time to install Reaver!

Open up terminal Applications > Accessories > Terminal

At the Prompt, type:

apt-get update

After the update type:

apt-get install reaver

Reaver should be installed now!

5. You need to find out your wireless card, in terminal type:

iwconfig

Your card most likely will be named wlan0. But it could be called something else, you will need to determine this on your own.

Now we will put your card into monitor mode! Type:

airmon-ng start wlan0

NOTE: I am assuming that your wireless card is wlan0, if it is not replace wlan0 with your wireless card!

Now you need to get the BSSID of the router you want to crack. To do this type:

airodump-ng wlan0

If wlan0 doesn’t work try mon0

You will start to see wireless networks show up. Once the one you want to crack is on your screen, click Ctrl+C
Copy the BSSID down on notepad or a piece of papper.

6. Now you are going to start using reaver! Replace moniterface and BSSID with the BSSID and the monitor interface you copied above!

reaver -i moninterface -b bssid -vv

Reaver will start preforming its creepy magic! It will try a bunch of different WPS pins (Wifi Protected Setup) to determine your password!

How to Protect Yourself against Reaver?

You can protect yourself by turning off WPS in your routers settings. This doesn’t always work though. Or you can install DD-WRT which is a new firmware for you router that gives it TONS of new features, and…it doesn’t support WPS. So you will be protected xD