WIFI Hacking : Crack WEP/WPA/WPA2 Password Without Dictionary/Bruteforce NEW METHODE : Fluxion

Oct 14, 2016 08:38 AM
Oct 14, 2016 02:58 PM
636120062614274206.jpg

I hadn't ventured into Hackforums since a while, and this time when I went there I saw a thread about a script called Fluxion. It's based on another script called linset (actually it's no much different from linset, think of it as an improvement, with some bug fixes and additional options). I did once think about (and was asked in a comment about) using something like a man in the middle attack/ evil twin attack to get WPA password instead of going the bruteforce/dictionary route, but never looked the idea up on the internet nor spent much time pondering over it. However, once I saw the thread about this cool script, I decided to give it a try. So in this post I'll show you how I used Fluxion, and how you can too.

Disclaimer : Use this tool only on networks you own .Don't do anything illegal.

Step 1: Just Double Checking

The first thing I did was make sure that Kali doesn't already have this tool. Maybe if you are reading this post a long time after it was written, then you might have the tool pre-installed in Kali. In any case, try this out:

fluxion

636119643610680795.jpg

I, personally tried to check if linset or fluxion came pre-installed in Kali (though I didn't expect them to be there).

Step 2: Getting the Script

Getting the script is just a matter of cloning the github repository. Just use the git command line tool to do it.

git clone https://github.com/deltaxflux/fluxion

636119644349900559.jpg

If you have any problems with this step, then you can just naviagate to the repostitory and manually download the stuff.

Step 3: Running the Script

Just navigate to the fluxion directory or the directory containing the scripts in case you downloaded them manually. If you are following the terminal commands I'm using, then it's just a simple change directory command for you:

cd fluxion

Now, run the script.

sudo ./fluxion

636119651874899487.jpg

Dependencies

If you have any unmet dependencies, then run the installer script.

sudo ./Installer.sh

636119652574274754.jpg

Anyways, one way or the other, your unmet dependencies will be resolved, and then you can use Flexion.

PS: For those trying to use apt-get to install the missing stuff – some of the dependencies aren't available in the default Kali repos, so you'll have to let the script do the installation for you, or manually add the repos to /etc/apt/sources.list (look at the script to find out which repos you need to add)

Step 4: Fluxion

Once again, type the following:

sudo ./fluxion

This time it should run just fine, and you would be asked a few very simple questions. For the wireless adapter, choose whichever one you want to monitor on. For the channels question, choose all, unless you have a specific channel in mind, which you know has the target AP.

636119653733180763.jpg
636119655168962917.jpg
636119653733180763.jpg
636119655168962917.jpg

Then you will see an airodump-ng window (named Wifi Monitor). Let it run while it looks for APs and clients. Once you think you have what you need, use the close button to stop the monitoring.

636119676455211971.jpg

You'll then be prompted to select target.

636119677638181069.jpg

Then you'll be prompted to select attack.

636119680212400547.jpg

You choose an attack. I am going to choose the Hostapd (first one) attack.

Then you'll be prompted to provide handshake.

636119681686618583.jpg

If you don't have a handshake captured already, just press Enter and then the script will help you capture one. It will send deauth packets to achieve that.

636120048666149394.jpg

I'll use aircrack-ng (the first one).

636120049183805736.jpg

And Deauth all.

636120058886149830.jpg

Then you can see the targets deauth .

Press 1 to Check handshake . if done you will see this:

636120050855993307.jpg

I prefer Web Interface (The first one).

636120051473649501.jpg

Then Select Your language.

636120051867711925.jpg

As you can see lots of windows opened , The fake page will be sent to the victim , and then the victim will think it's just deauth of wifi network and he will enter the password again , and the attacker will receive it.

Disclaimer : Use this tool only on networks you own .Don't do anything illegal.

modified

Note:I copied ths article from another site and i modified it.

source: kalilinuxtoturiales.net and thenexthack.net

Just updated your iPhone? You'll find new Apple Intelligence capabilities, sudoku puzzles, Camera Control enhancements, volume control limits, layered Voice Memo recordings, and other useful features. Find out what's new and changed on your iPhone with the iOS 18.2 update.

Comments

No Comments Exist

Be the first, drop a comment!