- This topic has 8 replies, 2 voices, and was last updated 6 months, 4 weeks ago by Diego Pérez.
- AuthorPosts
- April 22, 2024 at 10:18 pm #141913rdangelParticipant
Hello,
I have been trying everything I can think of to crack the password to my own router using everything I have learned in the Learning Ethical Hacking From Scratch course I took on Udemy, and this one Network Hacking Continued – Intermediate. I have thrown everything at my Router, I have used airodump-ng, aireplay-ng etc, following instructions and steps Zaid shows in the video lessons…. but I just can’t seem to grab anything. Every time I run airodump-ng my router’s network shows up several times in the list with different MAC addresses and Channels. When I use this info to try to grab the handshake on any of them, nothing happens because by the time I have input the parameters into airodump-ng, the channel and/or BSSID has changed. This must be a feature of my router that keeps it rolling around randomly, so that I can’t seem to pin it down long enough to run an attack on it. Can you help me figure out how I can get through this? Can you suggest an alternative method of cracking my WPA2 network? I am stumped.
Btw… yes, my adapter IS in Monitor mode.
Thank you
RossApril 23, 2024 at 7:08 pm #142182Diego PérezModeratorHi!
Can you tell me the exact model of your adapter?(brand and model)
Can you share a screenshot with the commands used and the results please?Thanks!
DiegoApril 23, 2024 at 10:13 pm #142238rdangelParticipantHi Diego, my Router unfortunately does not come with a lot of information… I believe it was built for my internet provider and so has their own logo and info on it: the brand is not given but I did some digging and I believe it’s Arcadya. The model listed is Telus WiFi Hub… but I think this is just the aftermarket model number they put on it. I’m attaching some screenshots of the process… tried many ways, but it always fails to capture the handshake, even though it says “Association Successful”. There is nothing written in the wap_handshake.cap file.
PS. I have submitted this reply twice now, with screenshots attached, and gotten confirmation from your webpage… but when I return to it to view it I don’t see it on the post
April 23, 2024 at 10:31 pm #142239rdangelParticipantSorry, I have reduced the screenshots each to less than 1 MB, but it just won’t attach them.
April 24, 2024 at 12:05 am #142240rdangelParticipantOK Diego, sorry for the repeated attempts. I have the screenshots in Google Drive at these links:
https://drive.google.com/file/d/16b4xb4-0aiWlAbrb7urbF1aOmxHkilyJ/view?usp=drive_link
https://drive.google.com/file/d/1O4W4b8TGiPOdyln0Hjzd2DvnHw-HJ_4f/view?usp=drive_link
https://drive.google.com/file/d/1w_muSj0t8tiKgxPTfvrb1riOHFsMQgh_/view?usp=drive_link
https://drive.google.com/file/d/1smE-sLb6yF5LyiTfu9L2Wsvw7XHG-uqz/view?usp=drive_link
https://drive.google.com/file/d/1oYztPDk0LqDZp-IsFG18D2CvfAKaI1qI/view?usp=drive_linkBTW… additional Router info to what I said above: the router is listed as 2.4GHz, 5GHz-low and 5GHz-High
I hope this helps.
Ross
April 24, 2024 at 8:55 pm #142539Diego PérezModeratorHi!
I asked for the brand and model of the wireless adapter not the router.
In the screenshots you are trying to run the fakeauth attack and as mentioned in the course it will only work against WEP encrypted networks. In this case follow the attacks mentioned for WPA/WPA2 networks. Also, in one of the screenshots it seems you are a bit far from the router, try to get closer.Greetings!
DiegoApril 28, 2024 at 1:35 am #143708rdangelParticipantOK Diego, sorry I thought you wanted the Router info:
– The adapter is a Realtek RTL8812AU which I purchased from you guys on the zSecurity Shop. As I said, it is running in Monitor Mode.
– No I am NOT running a WEP attack. I am taking this Intermediate Network Hacking course because I have already completed the (prerequisite) beginner’s Learn Ethical Hacking From Scratch course on Udemy. The Intermediate course I am doing now picks up WPA/WPA2 Cracking in Section 5 and beginning of Section 6… and it assumes YOU ALREADY HAVE CAPTURED THE HANDSHAKE in the wpa_handshake.cap file…. Zaid does not show you how to do this because he assumes you have already learned how to do that in the Beginner’s course. The problem is… that I have followed Zaid’s lectures in the beginner’s course on WPA/WPA2 cracing, and Capturing the Handshake (Lessons 22, 27, 28 and 29)…. but I am just not able to capture the handshake and the WPS method doesn’t work on my Router. The wpa_handshake capture file never seems to have any data in it. I showed you the messages displayed in my Kali machine in the screenshots I sent you. this is the WPA/WPA2 (NOT WEP) attack I keep trying without success:
– airodump-ng wlan0
– on upper screen: airodump-ng –bssid <target MAC> –channel <channel #> –write wpa_handshake wlan0
– on lower screen: aireplay-ng –deauth 4 -a <target MAC> -c <connected client MAC> wlan0
and no handshake is ever captured. My network name WiFione and as you can see from the screenshots, the MAC keeps changing… sometimes I can’t find a connected client because the target MAC has now changed.
And Diego… I cannot get ANY CLOSER to the Router…. I am literally 3 feet away from it, it’s sitting right in front of me.
Please help, otherwise I am not going to be able to continue with the course… this is one subject I just can’t skip in order to move forward. Thank you,Ross
April 28, 2024 at 10:51 pm #144106rdangelParticipantHello again,
I just want to let you know that I tried the WPA/WPA2 cracking attack on the exact same network, with the exact same command strings… but on my Intel Mac and it worked!!! I originally had been working on my Mac M1 and that’s where I was having problems… but for some reason, when I switched machines to the Mac Intel I7 – even though I’m using the same versions of the zSecurity Custom Kali, now it seems to work fine and it has no problem capturing the handshake. Thanks for your suggestions so far… at this point, I’ve got this! Cheers,Ross
April 29, 2024 at 9:15 pm #144533Diego PérezModeratorHi!
Glad you got it!
Diego - AuthorPosts
- You must be logged in to reply to this topic.