Hey,
I'm new here and want to learn something about "hacking" and its backgrounds.
But I have problem: I'm a script kiddie.
I know nothing except for some things from this website. I'm someone who wants to get results otherwise I get easily frustated. Of course I want to learn WHY or HOW these things work.
I always wanted to "crack" a WPA2 password. I used aircack-ng and captured my needed handshake-file but I have no clue how to crack it. I know the password so I tried a dictionary/wordlist and added the correct password...It worked.
But I want to accomplish the same goal without any "help".
If I'm going to create a wordlist (length:10; all "signs") it will take 35 thousand terabyte and if I use a Brute-Force-Method it will take some years.
Now I asked myself (and you) if it wouldn't be much easier & faster to get the password directly from a client. (Phishing co.)
I found many detailed instructions (especially on this website) but non of these are made for an beginner who wants to undertstand how it works.
It would be really polite if someone here could spare a moment and explain to me how I get a WPA2 password fast and HOW it's working.
P.S: You guys can probably already tell that I can't speak adequate english so please to be patient with me. Sorry for this inconvenience.
Best regards
4 Responses
Hi!
Your English is good enough and welcome to null-byte!
The key skill of a hacker is his unique thinking and problem solving ability or rather problem finding ability. We can surely tell you the sources you can refer to or give you direction.
I've faced the same problem and I was thinking that why can't we create an Evil-twin(same ESSID and BSSID) and when the user connects to us why can't we read that to get the password as we are in control of our side. BUT, then i read about the way these keys are exchanged and have come to realize that it's much easier to pass-the-password from the victim to the router and connect to it. From there we can do a lot of things. I'll be reading about it when i get time next month. If you do find an easier way than brute-forcing and phishing, please let me know. I'll be following this post.
--DragonSlayer
Some sort of MITM. I don't know how to do that yet but i'll be exploring the net and read around.
Welcome to Null Byte!
Take a look at my tutorial on wifiphisher.
OTW, JediMaster,
Another apprentice reporting for duty :)
I wanted to sincerely thank you for all your excellent articles and your patiences with us
Share Your Thoughts