This video comes from our Wireless Security Attacks online course. In this challenge, we will recover the WPA2 key using airmon-ng, airodump-ng, aircrack-ng, and Crackq. Judging by how many questions we get about this topic on a daily basis, we think this one's going to help out a lot of you. Dive in!
We will disconnect a connected client, during the reassociation we will capture the four-way handshake between the access point and station. This attack works exactly like the WPA challenge from last week and those steps can be replicated.
Start by placing the wireless interface in monitor mode and placing it on the correct channel. Next start airodump-ng and write the captured packets to a file.
To slightly change the disconnect attack, instead of targeting all devices on the access point, we will send disconnect packets only to the victim. This is often more effective than attempting to disconnect all clients and should be added to your bag of tricks for wireless attacks.
About the course:
What will you learn about:
Wireless Protocol Basics; Hardware and Channel Basics; Security Protocols (OPN, WEP, WPA, WPA2); WEP Attacks; WPA/WPA2 attacks; Non-broadcasting SSID attacks; Brute Force Attacks on WEP; Brute Force Attacks on WPA/WPA2; Automated Attack Tools
What will you practice:
Each week during the course you will face challenges that will test your knowledge and teach you skills needed to become an expert on wireless security attacks.
The tasks we have planned for you include:
- PCAP challenge for finding cloaked SSID;
- Active decloak attack using BTK3;
- WEP IV attack;
- WPA cracking using dictionary and brute force techniques (John or oclHashcat);
- WPA2 cracking;