Welcome back, my budding hackers.
So many of you are interested in hacking Wi-Fi that I have decided to revisit my Wi-Fi Hacking series with some updated and more in-depth material. I strongly suggest that you look at some of my earlier posts, such as "Getting Started with Terms and Technologies" and "Getting Started with the Aircrack-ng Suite of Wi-Fi Hacking Tools," before continuing here. If you're ready, you can also check out our updated 2017 buying guide here.
When it comes to Wi-Fi, the question I probably get asked most often is, "Which wireless adapter is best for hacking?" Well, let's find out.
Before we address the hardware necessary to hack wireless networks, let me once again recommend the Aircrack-ng suite of hacking tools. Nothing else in our open-source world quite compares to the power and versatility of Aircrack-ng.
A fast multi-core or multi-processor CPU is certainly helpful. When cracking WEP passwords, which is a statistical crack, you need to crunch a lot of numbers, and the faster the CPU the better. The WPA2 crack basically involves crunching millions of password hashes, which is also very CPU-intensive. So, the faster the CPU, the faster you can crack wireless passwords.
One caveat, though. The difference in speed is not huge. You can only expect a 20 to 50% improvement in hacking speed between the slowest modern CPUs and the fastest. More cores, on the other hand, will improve performance significantly.
Beyond the two primary tools listed above, the next most important requirement is good wireless adapter. To really be effective at wireless hacking, your wireless adapter should have two primary features.
- The ability to enter monitor (promiscuous) mode.
- The ability to inject packets and capture packets simultaneously.
A wireless adapter that can't do these two critical features doesn't mean that you won't be able to crack wireless, but it will mean that it will be so slow that it renders it effectively impossible. Wireless hacking in a world of WPA2 encryption can be a relatively slow process with the best equipment.
If you are hamstrung without a proper wireless adapter, you might as well quit before you begin.
Network adapters, whether wired or wireless, are designed to only capture and process packets that are sent to them. When you want to sniff a wired connection and pick up all packets going over the wire, you put your wired network card in "promiscuous" mode.
In the wireless world, the equivalent is monitor mode. This enables us to see and manipulate all wireless traffic passing through the air around us. Without this ability, you are limited to using your wireless adapter to only connect to wireless APs that accept you and authenticate you. That is not what we are willing to settle for.
In the Aircrack-ng suite, we need to be able to use Airodump-ng to collect packets.
Most wireless attacks require that you be able to inject packets into the AP while, at the same time, capturing packets going over the air. VERY few wireless cards are capable of doing this.
As you can imagine, wireless adapter manufacturers are NOT looking to add features to their standard wireless adapters to suit OUR needs. Most wireless adapters built into your laptop are designed so that mom and dad can connect to AOL and send their email. We need something much more powerful and versatile than that.
If we can't inject packets into the AP (in Aircrack-ng, this is the function of Aireplay-ng), then it really limits what we do.
For instance, in our WEP attack, we will be forced to passively wait for packets to traverse to air in order to capture the ever valuable and vulnerable IVs. Since we need to capture around 500,000 to crack WEP, we could be waiting for days and weeks on a little used AP. With packet injection capabilities, we can reduce that to a few minutes by injecting the AP with ARPs.
The first issue we need to address in choosing a wireless adapter is making certain that it has drivers for Linux. In 2017, most wireless adapters now have Linux drivers, but that wasn't always the case.
It's important to note, though, that Linux compatibility is far from being an optimal wireless hacking adapter. It is only a minimal requirement.
Probably the most important feature we need is compatibility with our software of choice, Aircrack-ng. The developers of Aircrack-ng maintain a compatibility list on their website that includes all of the adapters they have tested and their level of compatibility.
Note that you will need the chipset for your wireless card to find its compatibility on this chart. The first column indicates whether the chipset is supported in Windows for Airodump-ng (packet capture in monitor mode). The next column indicates whether that same capability is available in Linux for that chipset card. Finally, the last column indicates whether that chipset is supported for Aireplay-ng (packet injection) in Linux.
If you choose to install Kali or BackTrack in a virtual machine (VMware or VirtualBox), you will need an external wireless adapter. This is because the virtual software hypervisor "pipes" your wireless access to a wired connection in your virtual machine. As a result, Kali does not have a wireless device to work with.
Since most built-in wireless adapters in your laptop are probably inadequate to crack wireless, you are better off purchasing a USB wireless adapter for wireless hacking. For long-range, our community recommends the Alfa AWUS036NHA Wireless B/G/N USB Adaptor. For a more discreet form factor, the Panda Wireless N USB Adapter is the most popular adapter among our newer hackers.
If you choose to install Kali as a dual boot system, you can use your built-in wireless adapter for wireless hacking, if its on the Aircrack-ng compatibility list. Although you can hack with wireless cards not on that list, you had better be very patient as this process make take you days or weeks without the proper adapter.
To effectively hack Wi-Fi passwords, you will need a proper wireless adapter. Make certain that you check the Aircrack-ng compatibility list to make certain that your wireless adapter has the necessary features to make your Wi-Fi hacking fast and effective.
If you're looking for a low-cost way to jump into Wi-Fi hacking, consider grabbing a $35 Raspberry Pi with your adapter to build a Kali-based hacking computer on a budget. You can check out our guide here on setting it up.
To learn more on this subject, stay tuned to my Wi-Fi Hacking series.
Want to start making money as a white hat hacker? Jump-start your white-hat hacking career with our 2020 Premium Ethical Hacking Certification Training Bundle from the new Null Byte Shop and get over 60 hours of training from ethical hacking professionals.