Hcxtools Description. Small set of tools convert packets from captures (h = hash, c = capture, convert and calculate candidates, x = different hashtypes) for the use with latest hashcat or John the Ripper.The tools are 100% compatible to hashcat.
- Get Our Premium Ethical Hacking Bundle (90% Off): to Automate Wi-Fi Hacking with Wifite2 on KaliFull Tutorial: http://bit.ly/Wifi.
- Wifi kali wifi kali linux 2020 kali linux 2020.4 wifite wifite2 wifite2 kali linux wpa wep wps alfa comptia cech oscp. Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
WiFite Description
To attack multiple WEP, WPA, and WPS encrypted networks in a row. This tool is customizable to be automated with only a few arguments. Wifite aims to be the 'set it and forget it' wireless auditing tool.
Features
- sorts targets by signal strength (in dB); cracks closest access points first
- automatically de-authenticates clients of hidden networks to reveal SSIDs
- numerous filters to specify exactly what to attack (wep/wpa/both, above certain signal strengths, channels, etc)
- customizable settings (timeouts, packets/sec, etc)
- 'anonymous' feature; changes MAC to a random address before attacking, then changes back when attacks are complete
- all captured WPA handshakes are backed up to wifite.py's current directory
- smart WPA de-authentication; cycles between all clients and broadcast deauths
- stop any attack with Ctrl+C, with options to continue, move onto next target, skip to cracking, or exit
- displays session summary at exit; shows any cracked keys
- all passwords saved to cracked.txt
- built-in updater: ./wifite.py -upgrade
Homepage: https://github.com/derv82/wifite2
Author: derv merkler
License: GPLv2
WiFite Help
WiFite Usage Example
Attack access points with over 50 dB of power (-pow 50) using the WPS attack (-wps):
How to install WiFite
The program is pre-installed on Kali Linux.
Installation on Linux (Debian, Mint, Ubuntu)
Required Programs
Please see the installation guide on the wiki for help installing any of the tools below.
- Python 2.7.x. Wifite is a Python script and requires Python to run.
- aircrack-ng suite. This is absolutely required. The specific programs used in the suite are:
Kali Wifite Handshake Location List
airodump-ng
packetforge-ng
Standard linux programs.
Kali Wifite Handshake Location
- iwconfig, ifconfig, which, iw
Suggested Programs
- reaver, a Wifi-Protected Setup (WPS) attack tool. Reaver includes a scanner 'walsh' (or 'wash') for detecting WPS-enabled access points. Wifite uses Reaver to scan for and attack WPS-enabled routers.
- pyrit, a GPU cracker for WPA PSK keys. Wifite uses pyrit (if found) to detect handshakes. In the future, Wifite may include an option to crack WPA handshakes via pyrit.
- tshark. Comes bundled with Wireshark, packet sniffing software.
- cowpatty, a WPA PSK key cracker. Wifite uses cowpatty (if found) to detect handshakes.
WiFite Screenshots
WiFite Tutorials
Related tools
- Penetrator-WPS (76.8%)
- Router Scan (75%)
- OneShot (74.2%)
- Fern Wifi Cracker (73.2%)
- airgeddon (70.6%)
- Crunch (RANDOM - 2%)
Recommended for you:
So you’re interested in Hacking and Cracking? Or just want some free WiFi! Either way you have found the right place to begin.
Today we are going to walk through the steps needed to crack WiFi access points using a combination of wifite and Aircrack-ng. In this guide we will go through how to capture and crack the handshakes to reveal the WiFi Password.
Firstly, you will need a Kali machine! For the purpose of this guide I am using a vanilla install of Kali and am running all of my sessions and commands as a Root user, if you are using a standard account then ‘Sudo’ will be required before most, if not all commands being executed.
The installation of Kali is on a Laptop with a compatible WiFi adapter which allows for monitor mode, this is necessary to capture packets ‘in the air’.
Boot up Kali and either navigate to ‘wifte‘ in the applications tab or open up a terminal and type in ‘wifite‘.
Immediately you will see a list of WiFi SSID’s begin to populate in the terminal window. The key thing to look out for is the amount of connected clients (as we are trying to capture a handshake between the client and the AP).
After choosing the Access Point in wifite in this case ‘EternalWIFI’, it will attempt to deauth the clients connected (disconnect the Clients). Those clients will then try to re-establish a connection and in doing so, wifite will capture the initial handshake packets which contain the password hashes. The more clients that are connected to the AP the better the chance and more quicker wifite will capture the handshake packets.
When a Handshake packet is captured, Wifite will try a default/simple password list. Its not bad and has worked for me a few times on individuals that tether there phones and change their passwords to something very simple, you can of course edit this list to include more passwords.
As you can see from the above, wifite has managed to crack the simple password which is ‘password’.
This however, will not always work and so we will need to crack the hash against a password list. We are going to do this by using aircrack-ng and feeding a password list against the capture handshake hash.
So, we are going to need passwords, a list of passwords to run against the hash.
If you need some password files I have zipped a few up HERE, I have found these on the Internet and take no credit for them!
However, the best way to get wordlists is by creating them yourself on Crunch. If you suspect that someone has changed their password to something ‘personal’ then it might be worth running CUPP (Common User Password Profiler) for a list.
Kali also comes with a default list (rockyou.txt) located in: /usr/share/wordlists
When hashing against a list, the more you know about the network, router and users can help a lot. First things first would be to look at the SSID (most SSID’s have the brand of router included within the name) and this allows you to understand how many characters the default WiFi code is and the combination of letters, numbers, caps. An example of this is:
Default Iphone Hotspots/Tether will use 13 Lowercase only with Numbers (No Symbols or Caps). This information will allow us to filter our wordlists and create new wordlist around this.
Once you have downloaded or created a password list, it’s time to run this against the captured hash using aircrack-ng. The Syntax for aircrack-ng is:
aircrack-ng capturedpackets.cap -w wordlist.txt
When we execute this, aircrack-ng will begin hashing the passwords from the list against the handshake password hash.
If the password is in the list then it will eventually strike a match.
As you can see, the WiFi password is ‘pleaseletmein’. While a simple password, this one wasn’t in the common password file in wifite and required the use of our own wordlist in order to crack.
Make sure you exit monitor mode on your WiFi adapter so you can test if the passphrase works.
So there we have it, the WiFi password. Please note that the cracking speed will be based upon your machines performance and it goes without saying that if the passphrase isn’t in your wordlist then you wont find the password. So make sure you build out specific wordlists dependent on the WiFi AP you want to crack. There are many other tools that you can use for the capture of the handshake and the cracking of the handshake. I prefer wifite as its easy to use and great for beginners and aircrack-ng has easy to remember syntax for piping a handshake to a wordlist.
Please use this knowledge responsibly and make sure you have consent to execute attacks such as this against someones Access Point. I take no responsibility for misuse of this information.
Please feel free to put any questions or comments in the section below.
Written and Executed by Gennaro Migliaccio
Proofed, Edited and otherwise scrutinized by Summer-Jade Greenaway