How to Hack WiFi (Wireless) Network

Wireless networks are accessible within the router’s transmission radius. This makes them vulnerable to attacks. Hotspots are available in public places such as airports, restaurants, parks, etc.

What is a wireless network?

A wireless network is a network that uses radio waves to link computers and other devices together.

How to access a wireless network?

You will need a wireless network enabled device such as a laptop, tablet, smartphones, etc. You will also need to be within the transmission radius of a wireless network access point. Most devices (if the wireless network option is turned on) will provide you with a list of available networks. If the network is not password protected, then you just have to click on connect. If it is password protected, then you will need the password to gain access.

Wireless Network Authentication

Since the network is easily accessible to everyone with a wireless network enabled device, most networks are password protected. Let’s look at some of the most commonly used authentication techniques.

WEP

WEP is the acronym for Wired Equivalent Privacy. It was developed for IEEE 802.11 WLAN standards. Its goal was to provide the privacy equivalent to that provided by wired networks. WEP works by encrypting the data been transmitted over the network to keep it safe from eavesdropping. 

WEP Authentication

Open System Authentication (OSA) – this methods grants access to station authentication requested based on the configured access policy.

Shared Key Authentication (SKA) – This method sends to an encrypted challenge to the station requesting access. The station encrypts the challenge with its key then responds. If the encrypted challenge matches the AP value, then access is granted.

WEP Weakness

WEP has significant design flaws and vulnerabilities.

• The integrity of the packets is checked using Cyclic Redundancy Check (CRC32). 
• WEP uses the RC4 encryption algorithm to create stream ciphers. .
• Weak Initial values combinations do not encrypt sufficiently. .
• WEP is based on passwords;.
• Keys management is poorly implemented.
• The Initial values can be reused

Because of these security flaws, WEP has been deprecated in favor of WPA

WPA

WPA is the acronym for Wi-Fi Protected Access. It is a security protocol developed by the Wi-Fi Alliance in response to the weaknesses found in WEP. It is used to encrypt data on 802.11 WLANs. It uses higher Initial Values 48 bits instead of the 24 bits that WEP uses.  It uses temporal keys to encrypt packets.

WPA Weaknesses

• The collision avoidance implementation can be broken
• It is vulnerable to denial of service attacks
• Pre-shares keys use passphrases.  Weak passphrases are vulnerable to dictionary attacks.

 How to do Wifi Password Hack?

Before knowing this, you need to know how many types of wifi security there is mainly in wifi.

WEP Security
WPA Security OR WPA2 Security
WPA2 (WPS available)
MAC ADDRESS Filtering
HIDDEN Network

How to Crack Wireless Networks

WEP cracking

Cracking is the process of exploiting security weaknesses in wireless networks and gaining unauthorized access. WEP cracking refers to exploits on networks that use WEP to implement security controls. There are basically two types of cracks namely;

• Passive cracking– this type of cracking has no effect on the network traffic until the WEP security has been cracked. It is difficult to detect.
• Active cracking– this type of attack has an increased load effect on the network traffic. It is easy to detect compared to passive cracking. It is more effective compared to passive cracking.

WEP Cracking Tools

• Aircrack–  http://www.aircrack-ng.org/
• WEPCrack– http://wepcrack.sourceforge.net/
• Kismet- https://www.kismetwireless.net/
• WebDecrypt–http://wepdecrypt.sourceforge.net/

WPA Cracking

WPA uses a 256 pre-shared key or passphrase for authentications. Short passphrases are vulnerable to dictionary attacks and other attacks that can be used to crack passwords. The following tools can be used to crack WPA keys.

• CowPatty– http://wirelessdefence.org/Contents/coWPAttyMain.htm
• Cain & Abel– https://www.softpedia.com/get/Security/Decrypting-Decoding/Cain-and-Abel.shtml

Cracking Wireless network WEP/WPA keys

It is possible to crack the WEP/WPA keys used to gain access to a wireless network. Doing so requires software and hardware resources, and patience. The success of such attacks can also depend on how active and inactive the users of the target network are.

We will provide you with basic information that can help you get started. Backtrack is a Linux-based security operating system. It is developed on top of Ubuntu. Backtrack comes with a number of security tools. Backtrack can be used to gather information, assess vulnerabilities and perform exploits among other things.

Some of the popular tools that backtrack has includes;

• Metasploit
• Wireshark
• Aircrack-ng
• NMap
• Ophcrack

Cracking wireless network keys requires patience and resources mentioned above. At a minimum, you will need the following tools

A wireless network adapter with the capability to inject packets (Hardware)

• Kali Operating System.https://www.kali.org/downloads/
• Be within the target network’s radius.
• Sufficient knowledge of Linux based operating systems and working knowledge of Aircrack and its various scripts

How to Secure wireless networks

In minimizing wireless network attacks; an organization can adopt the following policies

• Changing default passwords that come with the hardware
• Enabling the authentication mechanism
• Access to the network can be restricted by allowing only registered MAC addresses.
• Use of strong WEP and WPA-PSK keys, a combination of symbols, number and characters reduce the chance of the keys been cracking using dictionary and brute force attacks.
• Firewall Software can also help reduce unauthorized access.

Hacking Activity: Crack Wireless Password

In this practical scenario, we are going touse Cain and Abel to decode the stored wireless network passwords in Windows. We will also provide useful information that can be used to crack the WEP and WPA keys of wireless networks.

Decoding Wireless network passwords stored in Windows

• Download Cain & Abel from the link provided above.
• Open Cain and Abel
• Ensure that the Decoders tab is selected then click on Wireless Passwords from the navigation menu on the left-hand side
• Click on the button with a plus sign
• Assuming you have connected to a secured wireless network before, you will get results.
• The decoder will show you the encryption type, SSID and the password that was used.