How to crack wpa & wpa2 wi

In tutorial we will learn how to lớn use airmon-ng (scripts from aircrack-ng package) lớn discover wireless networks around us. Then we will deauthenticate clients from a specific wireless network so that we can capture the four-way handshake, then we will decrypt the handshake lớn find the WiFi password.

Bạn đang xem: How to crack wpa & wpa2 wi


The network I will attack in this tutorial is a network that I own, I’m not attacking someone else’s network. Please vày not use the information for non-ethical purposes. What I’m sharing here is for educational purposes only

before we get start let’s see what you’ll need:

WiFi network adapter that supports monitor mode.Kali Linux or any Linux Distro with Aircrack-ng suite installed.

Let’s begin, first thing we must kiểm tra for the wifi adapter if it’s connected to kali Linux to vì chưng so please type the comm& below:Step 1: open up your terminal & type

This will show you all the networking interfaces connected khổng lồ your device.


if your wireless network adapter is connected và recognized in your operating system you should see the ” wlan0 ” as you can see in the photo above sầu, Please note the name may change if you have more then one connected wireless adapter.

Step 2: Now to lớn enabled monitor mode type the following command

subởi vì airmon-ng start wlan0
sudo gives us root privileges (root privileges is requested for airmon-ng)Airmon-ng is used to lớn enable and disable monitor mode on wireless interfaces.wlan0 is your wireless interface

Monitor mode is enabled, now we should kill all PID that is interfering with the adapter, Those processes are highlighted in red in the above example.There is tow way to lớn kill those processes :

First using airmon-ng kiểm tra killSecond thru pgrep, and it’s the way I preferby typing kill followed by the number of the processes

why we should stop those processes ? they may cause trouble during the process.

kill 508 1420
Step 3: Okay, so now let’s discover wireless networks around us. To bởi that we use the comm& suvì chưng airodump-ng wlan0.

Xem thêm: Khắc Phục: Rất Tiếc Chúng Tôi Không Thể Kết Nối Với Skype, Mình Bị Lỗi Skype Báo Không Thể Kết Nối Internet

airodump-ng wlan0
To stop the searching processing, và keep the các mục of discovered networkpress Ctrl + C.


As you can see a whole bunch of a wireless networks is discovered. So here are the BSSID or MAC addresses of the wireless networks in the first Colum.

The network I’m interested in is the one named Kail on channel 1, Take note of the channel number và the the MAC address of the target access point. in my case:

Channel: 1BSSID: 50:D4:F7:E5:66:F4

we’re gonmãng cầu use the comm& suvì chưng airodump-ng -c 1 -w kalibssid wlan0.kali This is the name of the file that we’re gonmãng cầu store the captures in. the channel that we’re gonmãng cầu attack is one, the BSSID that we’re gonna attack is 50:D4:F7:E5:66:F4 và the interface we’re gonna use is wlan0.

Step 4: To Start capturing the packets of your target network type the following command:

airodump-ng -c 1 -w kali --bssid 50:D4:F7:E5:66:F4 wlan0


So in this window we are capturing the packets trying lớn capture 4 way handshake, now open a second window khổng lồ deauthenticate clients from the network. this act will tốc độ up the processing of capturing the handshake.

For deauthenticate we will use aireplay-ng

aireplay-ng -0 0 -a 50:D4:F7:E5:66:F4 wlan0


We haven’t captured the four-way handshake but as soon as I deauthenticate clients we get the WPA handshake as you see in the image below.


now after we have successfully captured the WPA handshake, stop aireplay-ng and airodump-ng using Cntrl+c

Step 5: Cracking the password How to lớn decrypt four way handshake

in the terminal type “ls” to lớn các mục all the current directories và files.Select the file with “.cap“ extension it should be named kali-01.cap and type the following command:

aircrack-ng -w wordmenu.txt kali-01.cap
For the Wordcác mục Chechồng this article: Best Password dictionaryWhat aircrack-ng tool is comparing the hash inside the .cap tệp tin with the hashes of the passwords listed inside the wordlist.txt file by converting every single line from text to hash and when the hashes match, we know the password.

Now all you have khổng lồ vày is wait till you see ( KEY Found ( your key is here