Category Archives: (H) Hacking Tips

123456 Still The Most Common Password For 2016

So sadly, but also unsurprisingly ‘123456’ is still the most common password for 2016 (based on leaked password lists)

123456 Still The Most Common Password For 2015

Way back in 2006, it clocked in at number 5 in a rather UK centric look at passwords. Interestingly, back in 2006 a weaker version of the same password was number 1, I think 6 digit password requirements hadn’t become commonplace yet.

The top 10 most commonly used passwords for 2015:

1. 123456
2. password
3. 12345678
4. qwerty
5. 12345
6. 123456789
7. football
8. 1234
9. 1234567
10. baseball

And as you can see this year, 8 characters minimums must have become a thing with 12345678 clocking in at 6th place.

You’d think with all the massive, extremely messy, public hacks that have taken place – people would have wised up a little. But then I always forgot the number of stupid people is a constant, so the more people come on-line or use computers, the greater the absolute number of idiots there are.

The only thing I’m glad about is that football is more popular than baseball.

As for preventing this, use a password generator (preferably the one inside your password manager, because you are using a password manager right?), use separate passwords per site (easier with a password manager), don’t use predictable passwords (yourname, yourname1 etc for each different site).

Share ZIP, PDF, EXE, APK, RAR and Big Files: Whatsapp

This given whatsapp trick will help you to share zip, pdf, exe, apk, rar and big files from your whatsapp. As we all know whatsapp came with the limitation that you can only send audio, video and images with it. But with the help of this trick, You will be able to send or share ZIP, PDF, EXE, APK, RAR and even big files with your friends on whatsapp

 

Follow below steps to send big files on your whatsapp:

1. First of all install DropBox and CloudSend Application in your mobile

2. Open CloudSend, you will be prompted to link with Dropbox, Click Allow

3. Share the file on CloudSend which you want to share with your friends on whatsapp.

4. File be automatically uploaded to your DropBox server and link will be provided to that file

5. Copy the given link and share it to with your friends on WhatsApp. You friend will simply open that link and can able to download the file in their mobile

The above given whatsapp trick to send big files is very easy to use. If you have any doubts or find any difficulties to use this tricks then you can contact us or comment below. We will solve it as soon as possible.

.

Oracle Auditing Tools For Database Security

Oracle Auditing Tools is a tool kit that could be used to audit security within Oracle database servers.

OAT uses CREATE LIBRARY to be able to access the WinExec function in the kernel32.dll in Windows or the system call in libc on Un*x. Having access to this function makes it possible to execute anything on the server with the same security context as the user who started the Oracle Service. So basically all accounts with default passwords, or easy guessable password, having this privilege can do this.

Oracle Database Security

OAT has a builtin TFTP server for making file transfers easy. The Tools are Java based and were tested on both Windows and Linux. They should hopefully also run on any other Java platform.

We don’t write about many Oracle tools as they tend to be a bit ‘Enterprise’ but we did cover ODAT and way before that OAPScan:

– ODAT (Oracle Database Attacking Tool) – Test Oracle Database Security
– OAPScan – Oracle Application Server Scanner

Contains

  • OraclePWGuess – A dictionary attack tool that can be used with user supplied dictionaries or with the builtin support for finding default accounts.
  • OracleQuery– A minimalistic command line based sql query tool.
  • OracleSamDump – Connects to the Oracle server and executes TFTP get, to fetch the pwdump2 binary. The server is then pwdump2:ed and the result is returned to the SAM folder of the TFTP server.
  • OracleSysExec – Can be run in interactive mode, letting the user specify commands to be executed by the server or in automatic mode. In automatic mode, netcat is tftpd over to the server and binds a shell to the tcp port 31337.
  • OracleTNSCtrl – is used to query the TNS listener for various information, like the Oracle lsnrctl utility. It is somewhat limited though. Use the help command to see commands curently implemented.

Requirements

– Java Runtime Environment
– Oracle JDBC Driver (classes111.zip or classes12.zip)

You can download OAT here:

Version 1.3.1 source oat-source-1.3.1.zip
Version 1.3.1 binary oat-binary-1.3.1.zip

How To Use Blocked Torrent Sites – AGAIN – (INDIA)

Shocking New For Torrent Users That Torrents Are Not Working In India

Well We Have Found Solutions For Them To Get Back In Pace

Step 1. If You Are Using Chrome Then Download Extension Named BETTERNET.

Step 2. Mostly Users Were Using Torrentz.eu . Well They Have Released New Version https://torrentz2.eu/

Step 3. After Installing BETTERNET Connect It and Start Opening Your Loving Torrent Site.

 

Peoples Who Were Using Kickass Torrent Their New Version IS http://kickass.cd/ 

Another Ways To Open Torrents Sites Is To Use Our Lovely TOR BROWSER

 

HOW TO JAILBREAK YOUR KINDLE PAPERWHITE 5.6.5

it’s finally possible to jailbreak the Kindle Paperwhite 5.6.5! Some awesome person on mobileread.com who goes by the handle ‘Branch Delay’ figured it out a few months ago, but waited until Amazon had a chance to update and patch the firmware against the hack before releasing it.

Amazon just released Kindle firmware version 5.7.2, so BD, true to their word, released instructions on how to jailbreak the Kindle Paperwhite (versions 2 and 3) running firmware 5.6.5.

Your Kindle should probably be in airplane mode at the moment, if you currently have firmware 5.6.5. If you just got your Kindle, put it in airplane mode immediately before the firmware updates itself automatically.

TO Jailbreak your Kindle:

  1. Download the jailbreak file. It should be called jb.zip.
  2. Unzip the jb.zip file and open the jb folder. Find the file inside called ‘jb’.
  3. Connect your Kindle to your computer and open it (just like a USB).
  4. Copy the jb file you found in step 2 onto your Kindle. Make sure not to put it inside a folder or anything.
  5. Eject your Kindle from your computer, turn off airplane mode and connect to Wi-Fi.
  6. Open the Kindle experimental browser and go to ‘kindlefere.com/jb/’.
  7. Follow the instructions there. They should involve clicking a couple of links on the page.
  8. When the jailbreak tells you to run ;fc-cache, open up the Kindle search function, type in ;fc-cache and then the return/enter button.
  9. When the jailbreak completes (you should see a message saying it was successful), turn airplane mode back on.
  10. Download the jailbreak bridge file. Unzip it and find the file called ‘Update_jailbreak_bridge_1.14.N_install.bin’.
  11. Connect to your computer again and put the Update_jailbreak_bridge_1.14.N_install.bin file onto your Kindle.
  12. Eject the Kindle from your computer, then go to [HOME] -> [MENU] > Settings -> [MENU] -> Update Your Kindle.

TO install KUAL (Kindle Unified Application Launcher):

  1. Connect your Kindle to the computer, download the KUAL-v2.6.zip file, unzip it and put the KUAL-KDK-2.0.azw2 file into the documents folder on the Kindle.
  2. Eject the Kindle and check for the KUAL application in the list of books.

TO install the KUAL MRpackage installer:

  1. Connect your Kindle to the computer, download the kual-mrinstaller-1.6.N.zip file, unzip it and put all the contents onto the Kindle. There should already be a folder called ‘extensions’ on your Kindle; make sure not to delete or overwrite anything already inside it.
  2. Eject the Kindle, run KUAL and check there is a menu item called ‘Helper’.

From here you can install the screensaver hack, and all sorts of other wonderful things (KOReader, anyone?)
The original instructions explain how to install the screensaver hack, so I suggest you follow them if that’s what you want.

If you have any comments or questions, please let me know below!

Top 10 Facebook profile hacking techniques!

There are many ways someone can hack Facebook Profile’s, and here are the 10 most usual:

1. Phishing

Phishing is still the most popular attack vector used for hacking Facebook accounts. There are variety methods to carry out phishing attack. In a simple phishing attacks a hacker creates a fake log in page which exactly looks like the real Facebook page and then asks the victim to log in. Once the victim log in through the fake page the, the victims “Email Address” and “Password” is stored in to a text file, and the hacker then downloads the text file and gets his hands on the victims credentials.

2. Keylogging

Keylogging is the easiest way to hack a Facebook password. Keylogging sometimes can be so dangerous that even a person with good knowledge of computers can fall for it. A Keylogger is basically a small program which, once is installed on victim’s computer, will record every thing victim types on his/her computer. The logs are then send back to the attacker by either FTP or directly to hackers email address.

3. Stealer’s

Almost 80% percent people use stored passwords in their browser to access the Facebook. This is quite convenient, but can sometimes be extremely dangerous. Stealer’s are software’s specially designed to capture the saved passwords stored in the victims Internet browser.

4. Session Hijacking

Session Hijacking can be often very dangerous if you are accessing Facebook on a http (non secure) connection. In Session Hijacking attack, a hacker steals the victims browser cookie which is used to authenticate the user on a website, and use it to access the victims account. Session hijacking is widely used on LAN, and WiFi connections.

5. Sidejacking With Firesheep

Sidejacking attack went common in late 2010, however it’s still popular now a days. Firesheep is widely used to carry out sidejacking attacks. Firesheep only works when the attacker and victim is on the same WiFi network. A sidejacking attack is basically another name for http session hijacking, but it’s more targeted towards WiFi users.

6. Mobile Phone Hacking

Millions of Facebook users access Facebook through their mobile phones. In case the hacker can gain access to the victims mobile phone then he can probably gain access to his/her Facebook account. Their are a lots of Mobile Spying software’s used to monitor a Cellphone. The most popular Mobile Phone Spying software’s are: Mobile Spy, and Spy Phone Gold.

7. DNS Spoofing

If both the victim and attacker are on the same network, an attacker can use a DNS spoofing attack and change the original Facebook page to his own fake page and hence can get access to victims Facebook account.

8. USB Hacking

If an attacker has physical access to your computer, he could just insert a USB programmed with a function to automatically extract saved passwords in the Internet browser.

9. Man In the Middle Attacks

If the victim and attacker are on the same LAN and on a switch based network, a hacker can place himself between the client and the server, or he could act as a default gateway and hence capturing all the traffic in between.

10. Botnets

Botnets are not commonly used for hacking Facebook accounts, because of it’s high setup costs. They are used to carry more advanced attacks. A Botnet is basically a collection of compromised computer. The infection process is same as the key logging, however a Botnet gives you additional options for carrying out attacks with the compromised computer. Some of the most popular Botnets include Spyeye and Zeus.

Pixie Dust Attack WPS with Reaver

In this tutorial we are going to do a pixie dust attack using Reaver 1.5.2, Aircrack-NG and Pixiewps. Pixie Dust attack is an offline attack which exploits a WPS vulnerability. The tool, Pixiewps, is written in C and works with a modified version of Reaver. When a wireless router is vulnerable for this attack retrieving the passphrase can be done in seconds. A link to the list of pixie dust vulnerable routers is included at the bottom of this tutorial.

Pixie Dust Attack

Let’s put the wifi interface in monitoring mode using:
airmon-ng start wlan0

If necessary kill the processes Kali is complaining about:

Pixie dust attack Reaver

For anyone getting the following error in Kali Linux 2.0 Sana:

[X] ERROR: Failed to open ‘wlan0mon’ for capturing

Try the following as a solution:

1. Put the device in Monitor mode Airmon-ng start wlan0
2. A monitoring interface will be started on wlan0mon
3. Use iwconfig to check if the interface MODE is in managed mode, if so then change it to monitor instead of managed with the following commands:
ifconfig wlan0mon down
iwconfig wlan0mon mode monitor
ifconfig wlan0mon up
4. iwconfig check if the mode is monitoring mode now
5. airodump-ng wlan0mon

Start airodump-ng to get the BSSID, MAC address and channel of our target.

airodump-ng -i wlan0mon

Now pick the target and use the BSSID and the channel for Reaver:

Reaver -i wlan0mon -b [BSSID] -vv -S -c [AP channel]

We need the PKE, PKR, e-hash 1 & e-hash 2, E-nonce / R-nonce and the authkey from Reaver to use for pixiewps.

Pixie dust attack Reaver

Now start pixiewps with the following arguments:

Pixie dust attack Reaver

Components:
E-Hash1 is a hash in which we brute force the first half of the WPS PIN.
E-Hash2 is a hash in which we brute force the second half of the WPS PIN.
HMAC is a function that hashes all the data in parenthesis. The function is HMAC-SHA-256.
PSK1 is the first half of the router’s WPS PIN (10,000 possibilities)
PSK2 is the second half of the router’s WPS PIN (1,000 or 10,000 possibilities depending if we want to compute the checksum. We just do 10,000 because it makes no time difference and it’s just easier.)
PKE is the Public Key of the Enrollee (used to verify the legitimacy of a WPS exchange and prevent replays.)
PKR is the Public Key of the Registrar (used to verify the legitimacy of a WPS exchange and prevent replays.)

This router does not seem to be vulnerable to pixie dust attack.

Avoiding Reaver router lock-out with Pixiedust loop

When using the -P (Pixiedust loop) option, Reaver goes into a loop mode that breaks the WPS protocol by not using M4 message to avoid lockouts. This option can only be used for PixieHash collecting to use with pixiewps.

4 Steps to Prevent Man in the Middle Attack ARP Poisoning in LAN

 

What is man in the middle attack? according to wikipedia:

In cryptography and computer security is a form of active eavesdropping in which the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker. The attacker must be able to intercept all messages going between the two victims and inject new ones, which is straightforward in many circumstances (for example, an attacker within reception range of an unencrypted Wi-Fi wireless access point, can insert himself as a man-in-the-middle).

And what is ARP poisoning or ARP spoofing? according to wikipedia:

a technique whereby an attacker sends fake (“spoofed”) Address Resolution Protocol (ARP) messages onto a Local Area Network. Generally, the aim is to associate the attacker’s MAC address with the IP address of another host (such as the default gateway), causing any traffic meant for that IP address to be sent to the attacker instead.

The man in the middle attack can happen because the attacker modified the ARP table(ARP spoofing) and change the ARP mapping to malicious attacker computer. Here I try to describe using picture(courtesy of: irongeek.com).

4 Steps to Prevent Man in the Middle Attack ARP Poisoning in LAN

If we as a human absolutely we will know who is Alan and who is Brian by recognizing them from their face, but for our computer they depend on the ARP table network mapping (OSI layer 2 and layer 3).

<table border=”1″ cellpadding=”1″ cellspacing=”1″ style=”width: 500px;”>

Name IP Address MAC Address Alan 192.168.1.2 00-00-00-00-00-00-00-01 Brian 192.168.1.3 00-00-00-00-00-00-00-02 Cracker 192.168.1.88 00-00-00-00-00-00-00-03

table>

So if Alan want to connect to Brian, the computer will translate Brian IP address(192.168.1.3) to its MAC address 00-00-00-00-00-00-00-02. The correct way is should be like that, but because the attacker doing an ARP spoofing or ARP poisoning they will change the ARP mapping. If the network already poisoned, when Alan want to send packet to Brian, Alan will translate Brian(192.168.1.3) with MAC 00-00-00-00-00-00-00-03 and vice versa.

In this tutorial I will show you how the ARP spoofing can be happen and how to prevent it in your own computer so you will not be the victim.

The scenario for today tutorial I will use Windows 7 as victim and Kali Linux as attacker.

4 Steps to Prevent Man in the Middle Attack ARP Poisoning in LAN:

Before start, you can download the Static ARP changer tools to change the ARP routing automatically (128% virus free guaranteed)

Download Static ARP Changer

1. First I will show you my Windows 7 ARP table before poisoned by the attacker

arp -a

4 Steps to Prevent Man in the Middle Attack ARP Poisoning in LAN

the red box in the picture above is victim router address and router MAC address is xx-xx-xx-5a-26-94. Victim IP address is 192.168.8.100.

Here is the attacker IP and MAC info:

4 Steps to Prevent Man in the Middle Attack ARP Poisoning in LAN

2. When attacker doing ARP spoofing by using arpspoof and attacking the victim:

arpspoof -i eth0 -t 192.168.8.100 -r 192.168.8.8

4 Steps to Prevent Man in the Middle Attack ARP Poisoning in LAN

Description:

-i eth0 –> attacker use the eth0 interface to perform the attack.

-t 192.168.8.100 –> attacker targeting the IP address 192.168.8.100.

-r 192.168.8.8 –> attacker will intercept the traffic between -t and -r where -r is the remote host or the router

3. When victim run the arp -a command again in his computer, the router MAC address was changed into the attacker computer.

4 Steps to Prevent Man in the Middle Attack ARP Poisoning in LAN

that’s mean every transaction the victim made will go through attacker computer first and then go to the real router. We need to protect the ARP mapping table to make the attacker cannot do this to us.

4. We need to run this command in our Windows PC

arp -s 192.168.8.8 xx-xx-xx-5a-26-94

Description:

-s –> add a static ARP table

192.168.8.8 –> your router IP address

xx-xx-xx-5a-26-94 –> your router MAC address

Note: If you get this error “The ARP entry addition failed: Access is denied.

try to run this command to know your interface name:

netsh interface show interface

4 Steps to Prevent Man in the Middle Attack ARP Poisoning in LAN

and then run this command to add static ARP:

netsh interface ip add neighbors “Wireless Network Connection” “192.168.8.8” “xx-xx-xx-5a-26-94”

now when we run again the arp -a command, our ARP table changed to static

4 Steps to Prevent Man in the Middle Attack ARP Poisoning in LAN

and when attacker run ARP spoofing again, our ARP table won’t changed because we already make it static :-)

Conclusions:

1. To prevent ARP spoofing and man in the middle attack in your local area network you need to add a static ARP.

2. This trick become troublesome if your router changed frequently, so if you use this prevention method you need to delete the old one and add the new one if it changed

3. You can download and use my Static ARP routing changer to change your ARP static routing automatically

Download Static ARP Changer

 

5 Ways to Protect Your Computer Against NetCut’s ARP Spoofing Attack

NetCut  is a Denial of Service type of tool that runs on Windows and is capable of cutting off a person’s internet connectivity when both are connected in the same local area network. Basically the ARP protocol is used to translate IP addresses to MAC addresses and NetCut exploits the weakness in the stateless ARP protocol due to the lack of authentication.

NetCut is very easy to use and can be used by anyone. Simply run the tool and it will detect all the connected devices in the same local area network. You can then select any target from the list followed by clicking the “Cut off” button, and within seconds the target will lose its internet connection. The affected target will have no idea what’s happened even if he/she has a firewall program installed.

netcut

Due to the way NetCut works, no firewall is able to prevent nor even detect the attack. In fact setting up static ARP entries like most other websites suggested will not protect you against NetCut attacks because NetCut directly attacks the gateway and not the user. Here is an investigation on how NetCut works and also the method to protect against the DoS attack. As we’ve mentioned earlier, none of the firewall software such as ZoneAlarm, Comodo, Outpost, GlassWire, SpyShelter, Privatefirewall, and etc is able to detect NetCut attack. However you can use XArp, which is a freeware tool that can detect ARP spoofing. By installing XArp and running it, you will be instantly notified when it detects an ARP spoofing attack including the attack from NetCut. The screenshot below shows a running XArp without attacks. Take note of the MAC address 00-21-5d-41-16-5a circled in red which is associated with the IP 192.168.2.8.

xarp no arp attacks

When NetCut starts attacking the IP 192.168.2.8 in an attempt to cut off the Internet connection, XArp immediately detects it and shows an alert popup with a few different messages. The most important message would be the one that reports that the MAC address for the IP 192.168.2.8 has been changed from 00-21-5d-41-16-5a to 03-27-75-49-18-73.

xarp alert

If you launch the XArp program from the notification tray icon, you will see that the MAC address for the IP 192.168.2.8 has been changed to 03-27-75-49-18-73 which is obviously wrong.

xarp arp attacks detected

This means that NetCut sends a spoofed packet to inform the gateway that the IP 192.168.2.8 is associated with an incorrect MAC address. Since the IP 192.168.2.8 isn’t mapped to the correct MAC address, the Internet connection breaks as well. Even a packet sniffer such as Wireshark confirms that spoofed packets are sent to the gateway with a wrong MAC address mapped to the IP 192.168.2.8.

wireshark netcut attack

When NetCut is actively attacking a target on the network, it will continuously send spoofed packets to the gateway so that there is no chance for the gateway to obtain the correct dynamic ARP table. Here we have 5 possible ways of protecting against NetCut attacks.

1. Static ARP Table in Router

Since NetCut sends spoofed packets to the router to mess with the dynamic ARP table, you can solve this problem by setting up a static ARP table in the router. Implementing static ARP routing will protect everyone that is connected to the network. However this is not really a solution for everyone because a lot of basic home based routers don’t support static ARP table and it doesn’t make sense to implement this on a public WiFi. Doing this on a large corporate network also requires a lot of manpower maintaining the IP to MAC address mappings.


2. NetCut

Ironically, the NetCut program that is used to cut off a person’s Internet connection has an option to protect against the attack. Simply make sure that the “Protect My Computer” checkbox is ticked and this will ensure that your IP address is mapped to the correct MAC address.

netcut protect my computer

Basically NetCut protects against its own attack by constantly sending packets to the gateway informing the router the correct mapping of the IP to MAC address. The router will be easily flooded with packets when NetCut is being used to attack and protect.

Download NetCut


3. NetCut Defender

If you’re not comfortable in having an attack program such as NetCut installed and running on your computer due to legal concerns, the author of NetCut also created a protection program called NetCut Defender. Basically it does the same thing as the “Protect My Computer” option found in NetCut except without the ability to cut off a person’s connection.

netcut defender

Nowhere on the official NetCut Defender’s website does it mention that it costs $9.99. You will start getting nagging popups to purchase the program after a couple of hours of usage. We cannot confirm the trial usage of NetCut Defender as we have not tested it extensively but what we can confirm is that it can surely keep you safe against NetCut attacks.

Download NetCut Defender


4. Outpost Firewall Pro

When NetCut is launched, it will automatically run an ARP broadcast sweep to detect all connected devices on the network. For example, if the computer running NetCut is connected to a network 192.168.2.1 gateway, it will perform an ARP sweep from 192.168.2.1 to 192.168.2.255. Unlike ICMP ping that can be easily blocked, ARP requests are normally responded and not blocked. When a device responds to the ARP request made by NetCut, the device is added to the list that can be attacked. Outpost Firewall Pro has an option to block ARP scan.

outpost attack detection report

Go to Settings > Advanced settings > Attack Detection > click the Customize button > select “Block host when it enumerates other computers on LAN” and click OK to close the Attack Detection window followed by clicking OK to save the Settings.

block host when it enumerates other computers on lan

Enabling this option will prevent your computer from being listed in NetCut. The attacker will most likely attack another computer instead of yours. Outpost Firewall Pro is a shareware that cost $29.95 for a 1 year subscription on a single license.

Download Outpost Firewall Pro


5. ESET Smart Security

ESET Smart Security is one of the few internet security applications that can be configured to disallow responses to an ARP request. By doing this, NetCut won’t be able to find your computer during an ARP sweep when the program is launched or when the “Refresh Net” button is clicked. To configure ESET Smart Security to block an ARP scan, open the program, go to Setup and click onNetwork. Click Advanced Personal firewall setup that is located at the bottom.

eset advanced personal firewall setup

Expand Network > Personal firewall and select IDS and advanced options. Uncheck “Allow response to ARP requests from outside the Trusted zone” and click OK.

eset allow response to arp request from outside the trusted zone

For this setting to take effect, you need to select the “Public network” as the desired protection mode of your computer in the network. Normally this option would show up when you are connected to a new network. To check the settings, at the Network protection setup, click on “Change the protection mode of your computer in the network“.

Select Public network option and click OK.

eset computer protection mode

The NetCut program won’t be able to find your computer on the network, thus keeping you safe from being attacked.
Read More:https://www.raymond.cc/blog/protect-your-computer-against-arp-poison-attack-netcut/

Hack Wi-Fi Network- Two Simple Working Methods and Their Fix

Wi-Fi SECURITY: METHODS OF ENCRYPTION

Before cracking a Wi- Fi network, you must be aware of basic encryption techniques that protect a Wi-Fi network. These three methods of encryption are the major sources of vulnerability associated with wireless networks. The different types of Wireless Encryption Security techniques include the following:

WEP: WEP is Wired Equivalent Privacy that can be cracked easily when configured appropriately. This method of encryption can be cracked within few minutes.

WPA: WPA is Wi-Fi Protected Access that provides strong security. Even then, there is possibility to crack if the Wi-Fi password if short. However, wireless networks can be hacked easily using various tools.

WPA2: WPA2 is Wi-Fi Protected Access 2 that also eventually provides high security. You can hack this method of Wi-Fi encryption at the time of packet generation from Wi-Fi access points.

TECHNIQUES TO HACK Wi-Fi (Encryption-based) NETWORK

If you are much interested in hacking high security encryption based Wi-Fi networks, you need to arrange few things that are required at the time of Hacking process. After arranging all the essential things, you can hack a Wi-Fi network using few tools and techniques that can be seen below:

REQUIREMENTS

  1. Kali Linux OS (includes aircrack-ng suite and wifite tool)
  2. External Wi-Fi Adapter or Inbuilt Wi-Fi Device

Hardware

  • You need to have an external Wi-Fi adapter that is required to hack a Wi-Fi network. If you want to crack a password that has less security, then you can use plug-n-play wireless USB adapter TP-LINK TL-WN722N that is exclusively available at Online E-commerce Websites i.e., at Flipkart and Amazon.
  • If you need a better range with good quality wireless adapter, then it is recommended to use Alfa AWUSO36NH along with a better antenna.
  • If you wish to hack Wi-Fi network for Ultimate range Wi-Fi antenna then, you can use TP-LINK TL-ANT2424B 2.4GHz 24dBi.

METHOD 1: HACK Wi-Fi Network using Wifite

Wifite is a Linux-based platform tool that is available on variant Operating Systems like Kali, Backtrack 5, BlackBuntu, BackBox and Pentoo. Wifite is basically used to attack multiple encrypted networks (WEP, WPA/2 and WPS) in a row that is customized to be automated with only a few arguments. Wifite is a wireless auditing tool that aims to be the “set it and forget it” method of hacking.

How to View Available Access Points?

  • As you are using Linux Operating System, Initially go to Application.
  • Now go to Kali Linux > Wireless Attacks > 802.11 wireless tools > Wifite.

Hack Wifi network-kali Linux

  • If you are unable to view Wifite then simply type ‘wifite’ in Terminal.
  • Here, you can see List of Available Wi-Fi Access Points. (you must be root).
  • Wait for few seconds in order to notice nearby Wi-Fi points like WEP, WPA/WPA2.

Steps to Hack WEP Encryption based Wi-Fi Network

Hacking a Wi-Fi network that uses WEP security encryption is relatively very easy when compared to other encryption methods. While using this Wifite tool, you must follow simple steps as given below:

  • Just choose the appropriate target NUM (1,2,3,..,n) in order to crack it.
  • Hacking a WEP key that ensures 100% possibilities of cracking the WEP WiFi password that currently uses 5 attacks.
  • Make sure that the attack is completed within 10 minutes.
  • You need not worry if one WEP WiFi attack fails, the other will come into action automatically for succeeding 10 minutes.
  • You can choose any attack. For instance, choose NUM 2 attack.
  • Within few minutes the WEP Wi-Fi network gets hacked.

Hack WEP Wi-Fi password - Techniques to hack Wi-Fi Network

  • You can see the WEP key that is present in the above image. It is a Hexadecimal representation of WEP WiFi’s password.
  • That WEP Key can be used as the Wi-Fi password.
  • Later, you can also convert the Wi-Fi password into actual password that is in the form of human readable mode using online Hex-to-ASCII converter.

Steps to Hack WPA Encryption based Wi-Fi Network

Hacking a Wi-Fi network that uses WPA security encryption is little bit tough when compared to WEP as this is highly protected encryption method. This can also be hacked when the password contains less number of characters. It takes less time to hack a Wi-Fi network that uses short passwords. In order to hack this type of Wi-Fi network you need to use Handshake capture.

Handshake Capture:

Handshake is a file that can be captured when Router (Wi-Fi Access Point) and client(s) (Laptop, Mobile or other Wi-Fi enabled devices) communicate to authenticate each other. You may have a doubt that, “What is the purpose of this Handshake file?” The main target is to hack Wi-Fi network i.e., password. This Handshake file comprises of Wi-Fi password but in encrypted form.

Brute-Forcing:

As the password is in encrypted form, let us try some other password combination on the encrypted password to acquire the original password. This process is known as Brute Forcing that is done offline. By using Brute-Forcing, the password present in the handshake file can be captured easily within few minutes.

Dictionary File:

In the below image, you can see dictionary which is a file that contains all known words from various sources usually phrased as Wi-Fi password.

Hack Wi-Fi network- WPA Security Encryption

  • As soon as you start WPA handshake capture, it displays a message as “Client Found”.
  • It generates a command using handshake capture (that contains password) as (TEST_C0-A0-BB-04-5C-A9.cap).
  • The above command cracks the password file that must be saved at /root/DICTIONARY/.
  • Till now, you have used two WPA attacks that are completed successfully.

Hack Wi-Fi Network-Password key found

  • You can see Key Found [Password 1] in the above image that displays the Master key and Transient key.

A password file usually contains words that are created using combination of different characters, numbers and special symbols. A password requires a lot of computational power if it a strong password including numbers and other special characters. The above WPA Wi-Fi Security Encryption got cracked easily because of easy password. Suppose, if you are but dealing with strong password, it might take more hours to crack the password.

METHOD 2: HACK Wi-Fi Network using WIFIPHISHER

Wifiphisher is a security tool that mounts the fast automated phishing attacks which are against WPA networks so as order to acquire all the secret passphrase of the particular Wi-Fi network. Unlike other methods of hacking, Wifiphisher is a type of social engineering attack that does not include brute forcing. It is very easy way to obtain WPA credentials of the users whom you wish to hack. Wifiphisher works on a platform that supports Kali Linux Operating System and is licensed under the MIT license.

How it Works?

Wifiphisher is a tool that is used to hack a Wi-FI network and this attack makes use of three phases:

PHASE 1:

  • Victim is being deauthenticated from their access point.

Method two to hack wifi network using wifiphisher1

  • Wifiphisher tries to jam all the target access point’s wifi devices continuously that are available within range by sending deauth packets to the client from the access point.
  • It discovers all the networks that are available in the access point range.

Method two to hack wifi network using wifiphisher2

  • This tool alters the access point of all the devices through the main server and broadcasts the address along with the deauth packets.
  • It starts generating fake access points by copying an access point from a set of access points shown below:

Method two to hack wifi network using wifiphisher3

PHASE 2:

  • This is the second phase where the Victim joins a rogue access point.
  • It asks for password authentication and in the backdrop, the tool tries to copy all the credentials of the possible Wi-Fi networks.
  • Wifiphisher sniffs the area and copies the target access point’s settings.
  • Now, this tool creates a rogue wireless access point that is modeled on the target by setting a NAT/DHCP server and forwards the right ports.
  • Consequently, because of the jamming, clients will start connecting to the rogue access point. After this phase, the victim is Mitimed.

Method two to hack wifi network using wifiphisher4

PHASE 3:

  • Victim is being served a realistic router config-looking page where the Wifiphisher tool employs a minimal web server that responds to HTTP & HTTPS requests.
  • As soon as the victim requests a page from the Internet, wifiphisher responds with a realistic fake page that asks for WPA password confirmation due to a router firmware upgrade.

Method two to hack wifi network using wifiphisher5

Method two to hack wifi network using wifiphisher6

Till now you have seen two techniques to hack Wi-Fi WEP, WPA/WPA2 Security using Wifite and WIFIPHISHER. By using these two server attacks, you can easily crack the Wi-Fi network.

How to Protect your Wi-Fi Network from getting Hacked?

From the above techniques, you might clearly understand that hacking a Wi-Fi network is an easy process. Now, it’s time to focus on tightening your Wi-Fi security. Now, you might get complete awareness about the security and Wi-Fi Network Hacking through this article. Follow some tips so as to enhance security of your Wi-Fi network.

  1. As WEP is an easy hacked Wi-Fi security encryption method, it is recommended to change Wi-Fi security from WEP to WPA/WPA2. WEP is now denigrated security protection.
  2. Change the password of your Wi-Fi network periodically so that if in case someone gets chance to hack your Wi-Fi password, they will not be able to use your free Internet for long period of time.
  3. Disable WPS as it has lots of vulnerabilities.