Sunday roundup for the 13th of March 2016. Hope your enjoying the original posts from this week!
Please contact me if you would like to be featured on security-sleuth.com.Read More
I wrote a post about installing Kali NetHunter a while back which you can read here building the hacker phone since then I have tested out quite a few features of the Kali NetHunter phone so I thought I would share a quick and easy wifi hacking tutorial with you all.
Even prior to launching this blog I had written at least 7 or 8 wifi hacking / web cracking posts and tutorials. I never published any of these tutorials due to the clunky / annoying but simple sequence of steps these kind of attacks were comprised of, I’m glad to see that Kali NetHunter and Wifite change all of this.
What you can do now with a mobile device in your pocket is verging on spectacular so without further ado lets go into the details.
Wifite is an automated wireless auditing script if you are familiar with using airmon and aircrack-ng wifi basically rolls up those tools and the process behind finding AP’s and automating penetration tests against them. In short it cuts out the complexity and manual work required when running these tools from the command line.
As always - remember running these attacks I have carried out all of the steps in this post on networks and devices I own and operate doing so anywhere else may be an offence.
Running wifite is very easy. to begin navigate to the Kali menu in your NetHunter phone and click “Launch wifite”. Now to progress further than this your going to have a your additional wireless adapter attached to your NetHunter device. Make sure you have a small adapter or one that uses very little energy in my earlier tests I wasn't able to get some larger adapters working with my NetHunter device.
First you will be asked which device you want to put into monitor mode you should put your external wifi adapter into monitor mode - this will most likely turn up as wlan1 where as your phones inbuilt will show up at wlan0. select the appropriate number to progress to the next step.
Based on your choice wifite will create a monitor mode interface which will just be listening for any traffic flowing through the ether.
Once its done scanning you should see a constantly refreshing list of ssid’s press Control + C to select which AP’s to attack.
Now list the numbers next to the AP’s you want to attacking watch wifite churn through them by running a combination of active and passive attacks to try and capture enough session into to decipher a wifi key.
Please note that in this example I attacked my own network and had devices authenticating and de-authenticating multiple times to generate this information quickly.
Unlike using wifite on a Kali desktop. NetHunter introduces a few additional steps into the equation after you have successfully captured enough info to start cracking an AP's password.
NetHunter will save your session as a .cap file. If for some reason you would like to go through your capture in a program like Wireshark for analysis you will need to convert them into .pcap files you can do that by going to the link here and uploading your .cap file:
From then on you can upload your .cap file to the Distributed WPA PSK auditor which is a service where people dedicate compute power to WPA cracking. you can upload your file by going to http://wpa-sec.stanev.org/?submit
Unfortunately since my wifi password is super complex none of these tools were able to crack it in a timely fashion :). But the below screen shows you what your end result should look like:
Its taken much longer than expected to get this simple tutorial published, between work and study it hasn't been easy to make enough time to get this post published. Thats said if this post proves popular I'd like to take the concept of wifi heists further in future posts by having multiple, tools tested and examined as well as offering some more in-depth scenarios perhaps via video? In closing I hope you found this tutorial useful or at least mildly entertaining, this is just one of the features Kali NetHunter offers there will be many more covered soon!
As always please let me know if found this article useful or if you didn't, Don’t forget to like this post or leave a comment below to let me know another area you would be interested in reading about. Thanks for your continued support! Until next time!