It is a well known fact that in order to capture a wpa handshake, you need to issue a lot of commands, and the process itself of getting a handshake can take a long time sometimes. What about automating the whole process !! and getting a very quick wpa handshake !!! well the solution comes with the "besside-ng" utility which comes in backtrack with the aircrack-ng suite All that you have to do is to get a bssid and issue the following command: besside-ng -b bssid mon0 and all the magic happens in seconds here is demonstartion of the process with this video link:
Today i'm going to introduce you to a very useful tool in Backtrack that helps you create a word-list that contains all the possible password combinations for a given victim. It simply creates a target-specific wordlist for password brute-forcing. After running the utility, it will ask you some questions about the victim,this same information will be used to make some word combinations for the right password. Though this method is not 100% sure, it helps a lot and gives almost a 80% chance to get the right password. First,type the following command to access the utility root@bt:~# cd /pentest/passwords/cupp root@bt:~# cd /pentest/passwords/cupp: ./cupp.py Here is a preview of what it looks like:
This option is used for help:
For the moment, we are going to use the "i" option:
At this level, you will be prompted to feed the utility with all possible information you can provide such as names, wife /girlfriend etc... Note that not all fields are necessary; you can skip any field by typing enter, here is an example:
Wen finished, you'll have a txt file that contains some possible word combinations, that the victim may have used for his/her password:
In this example, i'm going to use "cat" to view the file contents, by using the following command root@bt:~# cat ahmed.txt And finally, here is the outcome:
I noticed that many people are so lazy to generate their own password for their wifi connection, that they just use their phone number as a password. Of course, this is hard to be found in a downloadable wordlist dictionary. So i present you the way to generate a wordlist phone number with the Backtrack utility: crunch. First, move to this directory: root@bt:~# cd /pentest/passwords/crunch ./crunch 8 8 -t 20%%%%%% -o /root/Desktop/phonenumbers.txt - Notice that 8 8 means: start with 8 numbers and finish with all the possible combinations of 8 numbers - You can change 8 by the number of digits that correspond to phone numbers in your country, like 10 10 etc - 20 is the number of the phone provider i have chosen, you can replace this by the number of your convenience - %=corresponds to the all the possible combinations from 0 to 9 - The number of %s must fit the number of characters of the phone number, for eg: if your phone number if 10 digits you must type % 10 times - "-t" means to crunch that this a phone number and that he must not alter the phone number indicator, which is here (20)
3:31 PM
By
Unknown
