How to Crack Wi-Fi Passwords—for Beginners!

How Are Wireless Networks Secured?

In a secured wireless connection, internet data is sent in the form of encrypted packets. These packets are encrypted with network security keys. If you somehow manage to get hold of the key for a particular wireless network you virtually have access to the wireless internet connection

Broadly speaking there are two main types of encryptions used:

WEP (Wired Equivalent Privacy):

This is the most basic form of encryption. This has become an unsafe option as it is vulnerable and can be cracked with relative ease. Although this is the case many people still use this encryption.

WPA (Wi-Fi Protected Access):

This is the more secure alternative. Efficient cracking of the passphrase of such a network requires the use of a wordlist with the common passwords. In other words you use the old fashioned method of trial and error to gain access. Variations include WPA-2 which is the most secure encryption alternative till date. Although this can also be cracked using a wordlist if the password is common, this is virtually uncrackable with a strong password. That is, unless the WPA PIN is still enabled (as is the default on many routers).

Hacking WEP passwords is relatively fast, so we'll focus on how to crack them for this guide. If the only networks around you use WPA passwords, you'll want to follow this guide on how to crack WPA WiFi passwords instead.

What You'll Need...

• A compatible wireless adapter:

This is by far the biggest requirement.The wireless card of your computer has to be compatible with the software CommVIew. This ensures that the wireless card can go into monitor mode which is essential for capturing packets. Click here to check if your wireless card is compatible

• CommView for Wi-Fi :

This software will be used to capture the packets from the desired network adapter. Click here to download the software from their website.

• Aircrack-ng GUI:

After capturing the packets this software does the actual cracking. Click here to download the software from their website.

• A little patience is vital!!

Step 1: Setting Up CommView for Wi-Fi

• Download the zip file of CommView for Wi-Fi from the website. Extract the file and run setup.exe to install CommView for Wi-Fi. When CommView opens for the first time it has a driver installation guide. Follow the prompts to install the driver for your wireless card.
• Run CommView for Wi-Fi.
• Click the play icon on the top left of the application window.

Start scanning for wireless networks.

CommView now starts scanning for wireless networks channel by channel. After a few minutes you will have a long list of wireless networks with their security type and signal. Now it is time to choose your target network.

Step 2: Selecting the Target Network and Capturing Packets

A few things to keep in mind before choosing the target wireless network:

• This tutorial is only for WEP encrypted networks, so make sure you select a network with WEP next to its name. If you need to crack a WPA encrypted network, follow this tutorial instead.
• Choose a network with the highest signal.
• Each network will have its details in the right column.
• Make sure the WEP network you are choosing has the lowest dB (decibel) value.

Once you have chosen your target network, select it and click Capture to start capturing packets from the desired channel.

Now you might notice that packets are being captured from all the networks in the particular channel. To capture packets only from the desired network follow the given steps.

• Right click the desired network and click on copy MAC Address.
• Switch to the Rules tab on the top.
• On the left hand side choose MAC Addresses.
• Enable MAC Address rules.
• For 'Action' select 'capture' and for 'Add record' select 'both'.
• Now paste the mac address copied earlier in the box below.

We need to capture only data packets for cracking. So, select D on the bar at the top of the window and deselect M (Management packets) and C (Control packets).

Now you have to save the packets so that they can be cracked later. To do this:

• Go to the logging tab on top and enable auto saving.
• Set Maximum Directory Size to 2000.
• Set Average Log File Size to 20.

Step 3: Waiting...

Now the boring part- WAITING!

NOTE: The amount of time taken to capture enough data packets depends on the signal and the networks usage. The minimum number of packets you should capture should be 100,000 for a decent signal.

After you think you have enough packets (at least 100,000 packets), you'll need to export them.

• Go to the log tab and click on concatenate logs.
• Select all the logs that have been saved.
• Do not close CommView for Wi-Fi.
• Now navigate to the folder where the concatenated logs have been saved.
• Open the log file.
• Select File- Export -Wire shark tcpdump format and choose any suitable destination.
• This will save the logs with a .cap extension to that location.

Now the Interesting Part... CRACKING!

• Download Aircrack-ng and extract the zip file.
• Open the folder and navigate to 'bin'.
• Run Aircrack-ng GUI.
• Choose WEP.
• Open your .cap file that you had saved earlier.
• Click Launch.
• In the command prompt type in the index number of your target wireless network.
• Wait for a while. If everything goes fine, the wireless key will be shown.

You may also receive a request to try with more packets. In this case wait until more packets have been captured and repeat the steps to be performed after capturing packets.

BEST OF LUCK!