There are many ways to hack a wifi router, some people use to bruteforce password directly some use WPS pin cracking with reaver etc. Most of the times WPS pin cracking succeed because the router is in its default pin and easy to crack. Here we are going to hack a WPS disabled router. We have most effective and simple toolkit for this purpose: Aircrack-ng.
The whole process is not too hard but not too easy. This is a little bit complicated process but don’t worry i will explain. consider a router and a client device connected to it is constantly communicating with wpa encryption. If an attacker tries to capture the packets and try to read it , it won’t make any sense because its fully encrypted. We have a method to crack it. First a wifi adapter should be in monitor mode constantly capturing all the packets. Then we have to break the connection between the client and router so that whan the device tries to reconnect it send a packet to the router which has authentication details. Our adapter in monitor mode will capture this packet. This is called 4 way handshake packet capturing. This packet is encrypted too but we can crack it by bruteforcing this hash. This method is faster than bruteforcing a router password directly.
Aircrack suite has specific tools for this process. Airodump-ng is used to capture the packets and saves as a .cap file. Aireplay-ng will deauthenticate the client from router by sending deauth packets. aircrack-ng is used to crack wpa hash from the .cap file. we can also crack it with hashcat for much faster cracking. Follow the steps.
The above command will send 50 deauth packets you can increase the number or use 0 for infinite packets. Depending up on the strength of signal you have to increase the packets. better send infinite packet until the device is kicked off from the network. When the device tries to reconnect, airodump will capture and will show the message “wpa handshake <mac address>”. once you have got the handshake, terminate the process. All we need now is the .cap file in the desktop.
You can also use various other tools for cracking wpa hash. Using a good wordlist will help you. Any doubts or questions? post it on the comment section below. If you like this blog give me a like on facebook and add me on google plus. Subscribe my youtube channel for video tutorials.