Androinar

<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: justify;">
<span style="color: #666666;"><span style="font-family: Arial,Helvetica,sans-serif;"><i>Your Wi-Fi network is your conveniently wireless gateway to the 
internet, and since you're not keen on sharing your connection with any 
old hooligan who happens to be walking past your home, you secure your 
network with a password, right? Knowing, as you might, how easy it is to crack a WEP password, you probably secure your network using the more bulletproof WPA security protocol.</i></span></span></div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://i.kinja-img.com/gawker-media/image/upload/s--gCtMcbZQ--/c_fit,fl_progressive,q_80,w_636/17pw3mgej3x93jpg.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="http://i.kinja-img.com/gawker-media/image/upload/s--gCtMcbZQ--/c_fit,fl_progressive,q_80,w_636/17pw3mgej3x93jpg.jpg" /></a></div>
<div data-textannotation-id="d70d2c13eb4fbb94ebe11ba554293cf9">
<br /></div>
<div data-textannotation-id="d70d2c13eb4fbb94ebe11ba554293cf9">
<br /></div>
<div data-textannotation-id="d70d2c13eb4fbb94ebe11ba554293cf9" style="text-align: justify;">
Here's the bad news: A new, free, open-source tool called <a href="http://code.google.com/p/reaver-wps/" target="_blank">Reaver</a>
 exploits a security hole in wireless routers and can crack most 
routers' current passwords with relative ease. Here's how to crack a WPA
 or WPA2 password, step by step, with Reaver—and how to protect your 
network against Reaver attacks.</div>
<div data-textannotation-id="d70d2c13eb4fbb94ebe11ba554293cf9" style="text-align: left;">
<br /></div>
<div data-textannotation-id="d70d2c13eb4fbb94ebe11ba554293cf9" style="text-align: justify;">
</div>
<div data-textannotation-id="d70d2c13eb4fbb94ebe11ba554293cf9" style="text-align: justify;">
</div>
<div data-textannotation-id="d70d2c13eb4fbb94ebe11ba554293cf9" style="text-align: justify;">
<span class="annotation-footnote-wrapper clearfix"></span></div>
<div style="text-align: justify;">

In the 
first section of this post, I'll walk through the steps required to 
crack a WPA password using Reaver. You can follow along with either the 
video or the text below. After that, I'll explain how Reaver works, and 
what you can do to protect your network against Reaver attacks</div>
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<iframe width="320" height="266" class="YOUTUBE-iframe-video" data-thumbnail-src="https://ytimg.googleusercontent.com/vi/z1c1OIMbmb0/0.jpg" src="http://www.youtube.com/embed/z1c1OIMbmb0?feature=player_embedded" frameborder="0" allowfullscreen></iframe></div>
<br />
<br />
<div style="text-align: justify;">
<span style="color: #666666;"><span style="font-family: Arial,Helvetica,sans-serif;"></span></span><b><em>First, a quick note:</em></b> As we remind often remind readers when we discuss topics that appear 
potentially malicious: Knowledge is power, but power doesn't mean you 
should be a jerk, or do anything illegal. Knowing how to pick a lock 
doesn't make you a thief. Consider this post educational, or a 
proof-of-concept intellectual exercise. The more you know, the better 
you can protect yourself.

</div>
<h3 data-textannotation-id="a297e2d4f12afc3590548aaed87eab57">
What You'll Need<span class="annotation-footnote-wrapper clearfix"></span></h3>
<div data-textannotation-id="ae8ef73102d4a424254e708ab573a404" style="text-align: justify;">
You don't 
have to be a networking wizard to use Reaver, the command-line tool that
 does the heavy lifting, and if you've got a blank DVD, a computer with 
compatible Wi-Fi, and a few hours on your hands, you've got basically 
all you'll need. There are a number of ways you could set up Reaver, but
 here are the specific requirements for this guide:</div>
<div data-textannotation-id="ae8ef73102d4a424254e708ab573a404" style="text-align: left;">
<br /></div>
<div data-textannotation-id="ae8ef73102d4a424254e708ab573a404" style="text-align: justify;">
</div>
<div data-textannotation-id="ae8ef73102d4a424254e708ab573a404" style="text-align: justify;">
</div>
<div data-textannotation-id="ae8ef73102d4a424254e708ab573a404" style="text-align: justify;">
<span class="annotation-footnote-wrapper clearfix"></span></div>
<div class="has-media media-640" data-textannotation-id="c17864d0e5e0536c495ee7677c255af0">
<span class="img-border"><img alt="How to Crack a Wi-Fi Network's WPA Password with Reaver" class="js_annotatable-image cursor-crosshair" data-asset-url="http://i.kinja-img.com/gawker-media/image/upload/s--R6BvRAov--/c_fit,fl_progressive,q_80,w_636/194pra0777vwyjpg.jpg" data-chomp-id="194pra0777vwyjpg" data-format="jpg" height="357" src="http://i.kinja-img.com/gawker-media/image/upload/s--R6BvRAov--/c_fit,fl_progressive,q_80,w_636/194pra0777vwyjpg.jpg" width="636" /></span></div>
<ul>
<li data-textannotation-id="4a1a4bf8418919fa757be95fd7f6410b"><strong> <a href="http://www.backtrack-linux.org/downloads/" target="_blank">The BackTrack 5 Live DVD</a>.</strong>
 BackTrack is a bootable Linux distribution that's filled to the brim 
with network testing tools, and while it's not strictly required to use 
Reaver, it's the easiest approach for most users. Download the Live DVD <a href="http://www.backtrack-linux.org/downloads/" target="_blank">from BackTrack's download page</a>
 and burn it to a DVD. You can alternately download a virtual machine 
image if you're using VMware, but if you don't know what VMware is, just
 stick with the Live DVD. As of this writing, that means you should 
select BackTrack 5 R3 from the Release drop-down, select Gnome, 32- or 
64-bit depending on your CPU (if you don't know which you have, 32 is a 
safe bet), ISO for image, and then download the ISO.<span class="annotation-footnote-wrapper clearfix"></span></li>
<li data-textannotation-id="2ebecca60c5497e7cd64ad31dff89414"><strong>A computer with Wi-Fi and a DVD drive.</strong>
 BackTrack will work with the wireless card on most laptops, so chances 
are your laptop will work fine. However, BackTrack doesn't have a full 
compatibility list, so no guarantees. You'll also need a DVD drive, 
since that's how you'll boot into BackTrack. I used a six-year-old 
MacBook Pro.<span class="annotation-footnote-wrapper clearfix"></span></li>
<li data-textannotation-id="f2ee86cae43d4799aa2065ecb121484c"><strong>A nearby WPA-secured Wi-Fi network.</strong>
 Technically, it will need to be a network using WPA security with the 
WPS feature enabled. I'll explain in more detail in the "How Reaver 
Works" section how WPS creates the security hole that makes WPA cracking
 possible.<span class="annotation-footnote-wrapper clearfix"></span></li>
<li data-textannotation-id="aae8aa832381324930beee5cce667249"><strong>A little patience.</strong>
 This is a 4-step process, and while it's not terribly difficult to 
crack a WPA password with Reaver, it's a brute-force attack, which means
 your computer will be testing a number of different combinations of 
cracks on your router before it finds the right one. When I tested it, 
Reaver took roughly 2.5 hours to successfully crack my password. The <a href="http://code.google.com/p/reaver-wps/" target="_blank">Reaver home page</a> suggests it can take anywhere from 4-10 hours. Your mileage may vary.<span class="annotation-footnote-wrapper clearfix"></span></li>
</ul>
<h3 data-textannotation-id="be157dfd7514756d142d4701d973852d">
Let's Get Crackin'<span class="annotation-footnote-wrapper clearfix"></span></h3>
<div data-textannotation-id="ce31795f62ea47b49d9adb2e80866d07">
At this point you should have BackTrack burned to a DVD, and you should have your laptop handy.<span class="annotation-footnote-wrapper clearfix"></span></div>
<h4 data-textannotation-id="bb920f917c1fc3dc4b31f8fc7336d746">
Step 1: Boot into BackTrack<span class="annotation-footnote-wrapper clearfix"></span></h4>
<div data-textannotation-id="a1e3998a62fcc07ff8d4f85f4efada4d">
To boot 
into BackTrack, just put the DVD in your drive and boot your machine 
from the disc. (Google around if you don't know anything about live 
CDs/DVDs and need help with this part.) During the boot process, 
BackTrack will prompt you to to choose the boot mode. Select "BackTrack 
Text - Default Boot Text Mode" and press Enter.<span class="annotation-footnote-wrapper clearfix"></span></div>
<div data-textannotation-id="1ce9af4e47f78734c3de81e24beeb08e">
Eventually BackTrack will boot to a command line prompt. When you've reached the prompt, type <code>startx</code> and press Enter. BackTrack will boot into its graphical interface.</div>
<h4 data-textannotation-id="207c43695d3879a28dabdffd3532c41f">
<s>Step 2: Install Reaver</s><span class="annotation-footnote-wrapper clearfix"></span></h4>
<div data-textannotation-id="733fe2aa7707bc3fdd0d9a5cccf7b2ff">
<em>Update: This step is no longer necessary, as Reaver comes pre-installed on Backtrack 5 R3. Skip down to Step 3.</em><span class="annotation-footnote-wrapper clearfix"></span></div>
<div data-textannotation-id="00be808ac908d161ab970422e0906208">
Reaver has 
been added to the bleeding edge version of BackTrack, but it's not yet 
incorporated with the live DVD, so as of this writing, you need to 
install Reaver before proceeding. (Eventually, Reaver will simply be 
incorporated with BackTrack by default.) To install Reaver, you'll first
 need to connect to a Wi-Fi network that you have the password to.<span class="annotation-footnote-wrapper clearfix"></span></div>
<ol>
<li data-textannotation-id="9d6bfdc6c9f03710c4ba3e1fa207e90a">Click Applications > Internet > Wicd Network Manager<span class="annotation-footnote-wrapper clearfix"></span></li>
<li data-textannotation-id="668ff97a9e4b412fe88587ab47f0a0b5">Select your network and click Connect, enter your password if necessary, click OK, and then click Connect a second time.<span class="annotation-footnote-wrapper clearfix"></span></li>
</ol>
<div data-textannotation-id="fd9f6c4c0d671b4849e900fb298749cf">
Now that 
you're online, let's install Reaver. Click the Terminal button in the 
menu bar (or click Applications > Accessories > Terminal). At the 
prompt, type:<span class="annotation-footnote-wrapper clearfix"></span></div>
<pre data-textannotation-id="331af5c21044d8f7b8ace076c3d6bbd8">apt-get update
</pre>
<div data-textannotation-id="0e0af5afe0a4ea851a821f28b040aa62">
And then, after the update completes:<span class="annotation-footnote-wrapper clearfix"></span></div>
<pre data-textannotation-id="4641d03a6395c569762433914b21fb86">apt-get install reaver
</pre>
<div data-textannotation-id="64848a231cd08f519bb2c252cd6b5f04">
If all went
 well, Reaver should now be installed. It may seem a little lame that 
you need to connect to a network to do this, but it will remain 
installed until you reboot your computer. At this point, go ahead and 
disconnect from the network by opening Wicd Network Manager again and 
clicking Disconnect. (You may not strictly need to do this. I did just 
because it felt like I was somehow cheating if I were already connected 
to a network.)<span class="annotation-footnote-wrapper clearfix"></span></div>
<h4 data-textannotation-id="f06240a7816599c89a286e26aae6f8a9">
Step 3: Gather Your Device Information, Prep Your Crackin'<span class="annotation-footnote-wrapper clearfix"></span></h4>
<div data-textannotation-id="af435fe692bed65c15eb11203fc5cdf6">
In order to
 use Reaver, you need to get your wireless card's interface name, the 
BSSID of the router you're attempting to crack (the BSSID is a unique 
series of letters and numbers that identifies a router), and you need to
 make sure your wireless card is in monitor mode. So let's do all that.<span class="annotation-footnote-wrapper clearfix"></span></div>
<div data-textannotation-id="727376804e9bd583e7991ca46997af5e">
<strong>Find your wireless card:</strong> Inside Terminal, type:<span class="annotation-footnote-wrapper clearfix"></span></div>
<pre data-textannotation-id="942271e0310ab5038d9077e917554b57">iwconfig
</pre>
<div data-textannotation-id="8730332105736744b04dc1efd91648ba">
Press Enter. You should see a wireless device in the subsequent list. Most likely, it'll be named <code>wlan0</code>, but if you have more than one wireless card, or a more unusual networking setup, it may be named something different.</div>
<div data-textannotation-id="8730332105736744b04dc1efd91648ba">
<br /></div>
<div class="has-media media-640" data-textannotation-id="4e907382c93472bc0f0481fc0c4bf3ba">
<span class="img-border"><img alt="How to Crack a Wi-Fi Network's WPA Password with Reaver" class="js_annotatable-image cursor-crosshair" data-asset-url="http://i.kinja-img.com/gawker-media/image/upload/s--gkRRSPpj--/c_fit,fl_progressive,q_80,w_636/194prsh4oyo2mjpg.jpg" data-chomp-id="194prsh4oyo2mjpg" data-format="jpg" height="357" src="http://i.kinja-img.com/gawker-media/image/upload/s--gkRRSPpj--/c_fit,fl_progressive,q_80,w_636/194prsh4oyo2mjpg.jpg" width="636" /></span></div>
<div data-textannotation-id="e707ac1e48f475a0d4926e122960eb10">
<br /></div>
<div data-textannotation-id="e707ac1e48f475a0d4926e122960eb10">
<strong>Put your wireless card into monitor mode:</strong> Assuming your wireless card's interface name <em>is</em> <code>wlan0</code>, execute the following command to put your wireless card into monitor mode:</div>
<div data-textannotation-id="e707ac1e48f475a0d4926e122960eb10">
<br /></div>
<span style="color: red;">

</span><pre data-textannotation-id="3d495b7e68fad49ae982623ec549bdbd"><span style="font-family: Times,"Times New Roman",serif;"><b><span style="color: red;">airmon-ng start wlan0</span></b></span></pre>
<pre data-textannotation-id="3d495b7e68fad49ae982623ec549bdbd"><span style="font-family: Times,"Times New Roman",serif;"><b> </b></span></pre>
<div data-textannotation-id="2034f35bdde6937c887cce9e9be84bba">
This command will output the name of monitor mode interface, which you'll also want to make note of. Most likely, it'll be <code>mon0</code>, like in the screenshot below. Make </div>
<div data-textannotation-id="2034f35bdde6937c887cce9e9be84bba">
note of that.</div>
<div data-textannotation-id="2034f35bdde6937c887cce9e9be84bba">
<br /></div>
<div class="has-media media-640" data-textannotation-id="d831093120f8901c041d252c38eba4ab">
<span class="img-border"><img alt="How to Crack a Wi-Fi Network's WPA Password with Reaver" class="js_annotatable-image cursor-crosshair" data-asset-url="http://i.kinja-img.com/gawker-media/image/upload/s--mMsMCKDx--/c_fit,fl_progressive,q_80,w_636/194prrjkz8yorjpg.jpg" data-chomp-id="194prrjkz8yorjpg" data-format="jpg" height="357" src="http://i.kinja-img.com/gawker-media/image/upload/s--mMsMCKDx--/c_fit,fl_progressive,q_80,w_636/194prrjkz8yorjpg.jpg" width="636" /></span></div>
<div data-textannotation-id="d597af52f5e263d05a7a0e35e4616e7b">
<br /></div>
<div data-textannotation-id="d597af52f5e263d05a7a0e35e4616e7b">
<strong>Find the BSSID of the router you want to crack:</strong>
 Lastly, you need to get the unique identifier of the router you're 
attempting to crack so that you can point Reaver in the right direction.
 To do this, execute the following command:<span class="annotation-footnote-wrapper clearfix"></span></div>
<pre data-textannotation-id="b0c65846326e9be271b078025e20e371">airodump-ng wlan0
</pre>
<div data-textannotation-id="e19b2aa522be7b3ecc1b27beba45ac0c">
(Note: If <code>airodump-ng wlan0</code> doesn't work for you, you may want to try the monitor interface instead—e.g., <code>airodump-ng mon0</code>.)</div>
<div data-textannotation-id="0e8e2a67a6cefde5785dd2f5ca95221d">
You'll see a list of the wireless networks in range—it'll look something like the screenshot below:<span class="annotation-footnote-wrapper clearfix"></span></div>
<div class="has-media media-640" data-textannotation-id="19172b69383f21f1de795aa1ee7eb74b">
<span class="img-border"><img alt="How to Crack a Wi-Fi Network's WPA Password with Reaver" class="js_annotatable-image cursor-crosshair" data-asset-url="http://i.kinja-img.com/gawker-media/image/upload/s--LedKRucT--/c_fit,fl_progressive,q_80,w_636/194prtyebc284jpg.jpg" data-chomp-id="194prtyebc284jpg" data-format="jpg" height="357" src="http://i.kinja-img.com/gawker-media/image/upload/s--LedKRucT--/c_fit,fl_progressive,q_80,w_636/194prtyebc284jpg.jpg" width="636" /></span></div>
<div data-textannotation-id="d318550220348bcc8207cdcf2a362331">
<br /></div>
<div data-textannotation-id="d318550220348bcc8207cdcf2a362331" style="text-align: justify;">
When you 
see the network you want, press Ctrl+C to stop the list from refreshing,
 then copy that network's BSSID (it's the series of letters, numbers, 
and colons on the far left). The network should have WPA or WPA2 listed 
under the ENC column. Now in BSSID and monitor interface name in hand, you've got everything you need to start up Reaver.<span class="annotation-footnote-wrapper clearfix"></span>

</div>
<h4 data-textannotation-id="799375ff32d6865d15c32073ce4c5b81">
Step 4: Crack a Network's WPA Password with Reaver<span class="annotation-footnote-wrapper clearfix"></span></h4>
<div data-textannotation-id="e5e15f6727c052f8ab22b76823701d01">
Now execute the following command in the Terminal, replacing <code>bssid</code> and <code>moninterface</code> with the BSSID and monitor interface and you copied down above:</div>
<div data-textannotation-id="e5e15f6727c052f8ab22b76823701d01">
<br /></div>
<pre data-textannotation-id="5a10adcb2544e279dcbcd2ee90f0045f">reaver -i <strong>moninterface</strong> -b <strong>bssid</strong> -vv</pre>
<pre data-textannotation-id="5a10adcb2544e279dcbcd2ee90f0045f"> </pre>
<div data-textannotation-id="c39a108031fefc20eb00268931f3e60f">
For example, if your monitor interface was <code>mon0</code> like mine, and your BSSID was <code>8D:AE:9D:65:1F:B2</code> (a BSSID I just made up), your command would look like:</div>
<pre data-textannotation-id="b6f61ce873f92475b1daa3644d7b9f52">reaver -i mon0 -b 8D:AE:9D:65:1F:B2 -vv</pre>
<pre data-textannotation-id="b6f61ce873f92475b1daa3644d7b9f52"> </pre>
<pre data-textannotation-id="b6f61ce873f92475b1daa3644d7b9f52"> </pre>
<div data-textannotation-id="58cccb02841dd09226c17f19d9ef7a19" style="text-align: justify;">
Press 
Enter, sit back, and let Reaver work its disturbing magic. Reaver will 
now try a series of PINs on the router in a brute force attack, one 
after another. This will take a while. In my successful test, Reaver 
took 2 hours and 30 minutes to crack the network and deliver me with the
 correct password. As mentioned above, the Reaver documentation says it 
can take between 4 and 10 hours, so it could take more or less time than
 I experienced, depending. When Reaver's </div>
<div data-textannotation-id="58cccb02841dd09226c17f19d9ef7a19">
 cracking has completed, it'll 
look like this:</div>
<div data-textannotation-id="58cccb02841dd09226c17f19d9ef7a19">
<br /></div>
<div data-textannotation-id="58cccb02841dd09226c17f19d9ef7a19">
</div>
<div data-textannotation-id="58cccb02841dd09226c17f19d9ef7a19">
</div>
<div data-textannotation-id="58cccb02841dd09226c17f19d9ef7a19">
<span class="annotation-footnote-wrapper clearfix"></span></div>
<div class="separator" style="clear: both; text-align: center;">
<span class="img-border" style="margin-left: 1em; margin-right: 1em;"><img alt="How to Crack a Wi-Fi Network's WPA Password with Reaver" class="js_annotatable-image cursor-crosshair" data-asset-url="http://i.kinja-img.com/gawker-media/image/upload/s--4YjVdnWR--/c_fit,fl_progressive,q_80,w_320/18qpo7omnvkbejpg.jpg" data-chomp-id="18qpo7omnvkbejpg" data-format="jpg" data-original-src="http://i.kinja-img.com/gawker-media/image/upload/18qpo7omnvkbejpg.jpg" height="222" src="http://i.kinja-img.com/gawker-media/image/upload/s--4YjVdnWR--/c_fit,fl_progressive,q_80,w_320/18qpo7omnvkbejpg.jpg" width="400" /></span></div>
<div class="has-media media-470" data-textannotation-id="83f0c61672a6d5ed110d787b8de94d28">
<span class="lightBoxWrapper"><span class="magnifier lightBox"></span></span></div>
<div data-textannotation-id="00ef3ecb28c2ea6248e6cd0c1a96a471">
<br /></div>
<div data-textannotation-id="00ef3ecb28c2ea6248e6cd0c1a96a471" style="text-align: justify;">
<strong>A few important factors to consider:</strong>
 Reaver worked exactly as advertised in my test, but it won't 
necessarily work on all routers (see more below). Also, the router 
you're cracking needs to have a relatively strong signal, so if you're 
hardly in range of a router, you'll likely experience problems, and 
Reaver may not work. Throughout the process, Reaver would sometimes 
experience a timeout, sometimes get locked in a loop trying the same PIN
 repeatedly, and so on. I just let it keep on running, and kept it close
 to the router, and eventually it worked its way through.</div>
<div data-textannotation-id="00ef3ecb28c2ea6248e6cd0c1a96a471" style="text-align: justify;">
<span class="annotation-footnote-wrapper clearfix"></span></div>
<div data-textannotation-id="94278859886a09e0727c7b455dffefe4" style="text-align: justify;">
Also of 
note, you can also pause your progress at any time by pressing Ctrl+C 
while Reaver is running. This will quit the process, but Reaver will 
save any progress so that next time you run the command, you can pick up
 where you left off-as long as you don't shut down your computer (which,
 if you're running off a live DVD, will reset everything).</div>
<div data-textannotation-id="94278859886a09e0727c7b455dffefe4" style="text-align: justify;">
</div>
<div data-textannotation-id="94278859886a09e0727c7b455dffefe4" style="text-align: justify;">
</div>
<div data-textannotation-id="94278859886a09e0727c7b455dffefe4" style="text-align: justify;">
<span class="annotation-footnote-wrapper clearfix"></span></div>
<br />
<br />
<hr />

Have any experience of your own using Reaver? Other comments or concerns? Let's hear it in the comments.</div>

How to Hack a Wi-Fi Network's WPA Password with Reaver

Your Wi-Fi network is your conveniently wireless gateway to the internet, and since you're not keen on sharing your connection with a...

Androinar

How to Hack a Wi-Fi Network's WPA Password with Reaver

Popular Posts

Archive