This video comes from our Wireless Security Attacks online course. In this challenge, we will recover the WPA2 key using airmon-ng, airodump-ng, aircrack-ng, and Crackq. Judging by how many questions we get about this topic on a daily basis, we think this one's going to help out a lot of you. Dive in! 

We will disconnect a connected client, during the reassociation we will capture the four-way handshake between the access point and station. This attack works exactly like the WPA challenge from last week and those steps can be replicated.

Start by placing the wireless interface in monitor mode and placing it on the correct channel. Next start airodump-ng and write the captured packets to a file.

To slightly change the disconnect attack, instead of targeting all devices on the access point, we will send disconnect packets only to the victim. This is often more effective than attempting to disconnect all clients and should be added to your bag of tricks for wireless attacks.

About the course:

What will you learn about:

Wireless Protocol Basics; Hardware and Channel Basics; Security Protocols (OPN, WEP, WPA, WPA2); WEP Attacks; WPA/WPA2 attacks; Non-broadcasting SSID attacks; Brute Force Attacks on WEP; Brute Force Attacks on WPA/WPA2; Automated Attack Tools

What will you practice:

Each week during the course you will face challenges that will test your knowledge and teach you skills needed to become an expert on wireless security attacks.

The tasks we have planned for you include:

  • PCAP challenge for finding cloaked SSID;
  • Active decloak attack using BTK3;
  • WEP IV attack;
  • WPA cracking using dictionary and brute force techniques (John or oclHashcat);
  • WPA2 cracking;

Similar content:

February 17, 2020
Notify of
The comment form collects your name, email and content to allow us keep track of the comments placed on the website. Please read and accept our website Terms and Privacy Policy to post a comment.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2013

Privacy Preference Center


Cookies that are necessary for the site to function properly. This includes, storing the user's cookie consent state for the current domain, managing users carts to using the content network, Cloudflare, to identify trusted web traffic. See full Cookies declaration

gdpr, PYPF, woocommerce_cart_hash, woocommerce_items_in_cart, _wp_wocommerce_session, __cfduid [x2]


These are used to track user interaction and detect potential problems. These help us improve our services by providing analytical data on how users use this site.

_global_lucky_opt_out, _lo_np_, _lo_cid, _lo_uid, _lo_rid, _lo_v, __lotr
_ga, _gid, _gat, __utma, __utmt, __utmb, __utmc, __utmz


tr, fr