Of those, I cracked 5 in less than a day. In my previous apartment, I was in proximity of 8 neighbor's access points that were strong enough to reliably connect to. Think about your target, and design your word list appropriately. This means that for example a word list of e-mail passwords is a bad word list to use for wifi. And people who do change the password often just do something simple, since as mentioned, the mindset is that it really doesn't need to be all that secure. A ton of people also use whatever defaults come with their router. So the password doesn't need to be as secure as your e-mail or other online passwords.Ī ton of people use their phone number, just the digits. Nobody makes good wifi passwords, because a large part of the protection of wifi is that you need to be physically present.
If your wordlist isn't working, you need to figure out how to make better wordlists. If you attempt to social engineer a password from a person, your success rate will be a lot higher. If you don't know the password and attempt to crack it, you will presumably wait a very long time just to fail. Humans are idiots and always assume you can break them before technology. Pick the later before engaging with cracking. I spent roughly about 8 months using cracking tools and about 2-3 months with social engineering-based. So taking my failure, I decided to create my own AP ready to capture credentials and began theĢ0 mins of rage because he couldn't get on COD allowed his anger to surpass his judgement and logic. He was knocked offline but for some reason, the AP wouldn't start properly.
My friend's wifi is 5 GHz, I knew for my attack to be productive I would either need to upgrade my hardware or get closer to his router and blast the absolute shit out of his network with deauth packets.ya know.just to make sure it works. My adapters only run on 2.4 GHz, which I soon learned would be an issue. I also assessed other methods of attack using the tools above but in general, I had no success.so we move on.įluxion the successor to the popular linset was my first obvious choice.įor this, I needed a victim (my next-door neighbour and also my friend) to allow me to access.i joked, telling him I would make him give me his password without actually give me his password.ģ days later, I set up my wifi adapters plugged them in and started fluxion. I also tested crunch and ran it through hashcat,Įffective but slow. Out of the 10 tested 6 returned the correct password. Hashcat was more efficient and quicker(3 days.1 trillion passwords tested). Out of the 10 tested, only 3 returned the correct password. Whilst testing multiple packets within aircrack, I placed the correct password within 10-word list files and ran them one by one.
This might interest people with some of the constant questions regarding the topic.here's what I found.at some point ill do a full write up but for now.
The mods are ban-happy, you have been warned.Ĭhat with us on IRC: or via Tor: gibsongt665llgtlednu73zzo653a3iquzq7mjvqausxikybcmiwtfad.onion +6697įor the last year, I have been researching multiple wifi attack methods as a hobby. If you want to submit a video, no one wants to listen to your cyberpunk music while you copy/paste commands into kali terminals. Please limit your posts (we don't want to read your blog three times a week). If your project is not free / open source it does not belong.
Well thought out and researched questions / answers only. Ideally, the content should be original, we don't care about your crappy ARP poisoner or Kaspersky's latest scam. Proof of concepts of old vulnerabilities or techniques Writeups (not CTF or HTB)/talks detailing new vulnerabilities or techniques (there should be enough information to reproduce the exploit/technique) This is also a place to discuss general blackhat rules, etiquette and culture. We seek to discuss vulnerability and exploitation theory and the countermeasures used to deter exploitation.