Configuration defects in numerous switches can permit hackers to take Wi-Fi credentials, regardless of whether WPA or WPA2 encryption is utilized with a strong password. While this strategy used to take as long as 8 hours, the more up to date WPS Pixie-Dust attack can break networks like a flash. To do this, an advanced wireless attack framework called Airgeddon is utilized to discover vulnerabilities, and afterward Bully is utilized to crack them.
While assaulting a Wi-Fi network, the first and most evident spot for a hacker to look is the sort of network encryption. While WEP networks are anything but difficult to split, most simple strategies to break WPA and WPA2 encoded Wi-Fi depend on the password being bad or having the processing power to agitate through enough outcomes to make brute-forcing a viable approach.
In the event that you forget the password , Wi-Fi Protected Setup, better referred to just as WPS, lets you connect with the system utilizing a 8-digit number imprinted on the base of the router. This is to some degree more advantageous than simply resetting the router, yet additionally an enormous security gap as a result of the manner in which numerous routers deal with implementing this feature.
How to install Airgeddon?
- Clone the GitHub repository.
git clone --depth 1 https://github.com/v1s1t0r1sh3r3/airgeddon.git
- Go to the cloned directory.
- Make airgeddon.sh executable.
sudo chmod +x airgeddon.sh
- Now, run it for the first time.
- Airgeddon will do a check to see what essential tools are installed. To install a missing repo
sudo apt-get install tool-name
Usage (pixie-dust attack)
- Select your wireless network adapter type (in our case wlan0).
- Select option 8 to perform WPS attack.
- Now, put your card into monitor mode (Select option 2 and press enter).
- Scan the area for targets by selecting option 4.
- Choose a target to attack from all the networks found while scanning.
- Depending on your wireless card select option 7 (bully) or 8 (reaver) for pixie-dust attack.
- Next, provide the timeout value (for now set it to around 60 sec).
- Finally, launch the attack & break the WPS PIN.
- After successfully cracking the password it is stored as a text file in the machine.