how to crack a wi-fi password
DESCRIPTION
hackerTRANSCRIPT
How to Crack a Wi-Fi PasswordFiled to: WI-FI 10/30/13 3:30pm
Cracking WiFi passwords isn't a trivial process, but it doesn't take too long to learn—
whether you're talking simple WEP passwords or the more complex WPA. Learn how
it works so you can learn how to protect yourself.
How to Crack a Wi-Fi Network's WEPPassword with BackTrack
How to Crack a Wi-Fi Network's WEP Password withBackTrack
You already know that if you want to lock down your
WiFi network, you should opt for WPA…
You already know that if you want to lock down your WiFi network, you should opt
for WPA encryption because WEP is easy to crack. But did you know how easy? Take
a look. Read more...
How to Crack a Wi-Fi Network's WPAPassword with Reaver
Your WiFi network is your conveniently wireless gateway to the internet, and since
you're not keen on sharing your connection with any old hooligan who happens to be
walking past your home, you secure your network with a password, right? Read
more...
Title image remixed from foto1883 (Shutterstock).
richstad Adam Dachis10/20/12 11:33pm
To me, showing people how to hack into wifi networks (and other "evil" how
to's) by Lifehacker is just plain irresponsible and can easily encourage otherwise
law abiding readers to carry out these hacks. Just show how to stop the illegal
activity, now how to do them. "Evil week" just encourages people to be evil.
Why not change this to "Beat the evil" week and help people protect
themselves? You can mention the ways your privacy can be hacked, but don't
go into detail and don't provide links to evil software. Who's side are you really
on?
Sandrockcstm richstad10/21/12 9:55am
Here's the thing: The information is already out there, regardless of whether or
not Lifehacker spreads it or not. Pandora's box has been opened. You can't
make people "unknow" this information, and the people that were doing this
before will do it again. Putting the information here is an informative process,
and is actually an advocacy move to get the router companies to update their
flailing technology, as well as to let consumers know that just because you have
a password up does not mean you are secure.
The idea is that if you take something that is underground, like knowing how to
crack a safe, pick a lock, or crack a wifi password, and put it into the public
eye, people will fix the security issues quicker. It works. There's a reason that
you can't break into someone's house with a "skeleton key" anymore, or why
you can't break into a good safe with a drill. If it stays secret, then the people
that use it for evil will keep using it, and the amount of people affected by it will
be greater in the long run than if the secret had been blown wide open and
people went hog wild for a few months.
Security is an arms race, and the only way to win is to stay knowledgeable.
TedMars Sandrockcstm10/21/12 6:48pm
+1 +1 +1 at Sandrockcstm
exactly right, putting it in the public eye will force the hand of those with the
power to change things and make them more secure
simpleburner richstad10/22/12 4:34am
They're on the side of educated people who use information like this to protect
themselves and their networks.
Evil Week is an excuse to talk about the things bad people do in the context of
helping good people protect themselves. If you can't see that, then you will
always be a victim of people who are smart enough to see it.
dementeddigital richstad10/22/12 5:36am
"showing people how to hack into wifi networks (and other "evil" howto's) by
Lifehacker is just plain irresponsible and can easily encourage otherwise law
abiding readers to carry out these hacks."
Uhhhhh. No.
phunkshun Adam Dachis10/19/12 5:25pm
I wonder how much higher the barrier to entry is if you turn off the broadcast
and whitelist all the mac addies for your devices. I'm sorta paranoid so I do this
at home and I thought that'd be sufficient. These are great links though, thank
you for that.
TheBlackVista phunkshun10/19/12 5:29pm
That does nothing. Broadcasts are negated because APs are identified only by
the MAC address of the AP not the SSID, the SSID just makes it easier to
connect if you're a human. MAC filtering is also useless because all you have to
do is view a MAC address that is sending traffic and assume it's an
authenticated MAC address and then change the attacking machine's MAC to
match. Both of these processes are somewhat shown in the how to crack a WEP
password tutorial above.
TheBlackVista phunkshun10/19/12 5:30pm
That does nothing. Broadcasts are negated because APs are identified only by
the MAC address of the AP not the SSID, the SSID just makes it easier to
connect if you're a human. MAC filtering is also useless because all you have to
do is view a MAC address that is sending traffic and assume it's an
authenticated MAC address and then change the attacking machine's MAC to
match. Both of these processes are somewhat shown in the how to crack a WEP
password tutorial above.
linnormlord TheBlackVista10/19/12 6:14pm
Seconded. Hidden SSIDs and MAC address filtering may prevent noobs from
trying to connect to your network, but they will be thwarted by a strong
password anyway. Anyone trying to crack your password will be sophisticated
enough to find your network without the SSID and spoof the MAC address.
I've actually heard the argument that if you go through the trouble of MAC
address filtering and hidden SSIDs, you attract more attention to yourself
because:
a) You are trying to hide something
b) You are taking completely ineffective measures to hide it
MAKE2 Mifune phunkshun10/19/12 7:08pm
spoofing a MAC address is one of the simplest things anyone can do. Heck, you
could even do it straight out of Windows hardware properties/advanced
properties list (listed as Network Adress). Just use WPA2/AES with a
long/strong password that isn't a dictionary word and make sure you disable
WPS ("WiFi Protected Setup", which was intended to act as one button
bluetoothlike secure setup of routers). At that point it would require
bruteforcing/way more effort than its worth.
sunhawk Adam Dachis10/19/12 6:51pm
best way to secure a wireless network is to skip the wireless part and use wires. i
only turn my wireless on to purchase nintendo store games on my 3ds and
books for my kindle. once they download is finished i turn the wireless off.
sui_generis sunhawk10/19/12 7:55pm
Yeah, when people ask me why I don't have a wifi router, I first explain that it's
not really terribly secure, then I point out that I generally don't use a laptop,
and finally I explain that wifi is free everywhere because of people who do, so
why would I pay for it?
Veena sunhawk10/20/12 3:23am
They agree with you on Battlestar Galactica!
Audi5000 sunhawk10/20/12 9:16am
So you don't have a cellphone, or use your kindle for internet? Or play online
with your 3DS? Also, do you think your neighbors are really sitting in their
house/apartment trying to crack your network? Good odds, they aren't. It must
suck to be that paranoid.
Sandrockcstm Veena10/21/12 9:48am
Actually Battlestar Galactica had zero networks whatsoever, not even wired. It's
the only reason they were able to avoid a Cylon remote takeover of their
systems, because if they tried to hack in they could shut the attack down in
each system individually. The one time they did network stuff together (they
used wires) the Cylons released a virus into their systems and almost killed
them.
#Nerdcorrections
Audi5000 Adam Dachis10/20/12 9:20am
Why do people still use WEP? Besides ignorance. Actually, why is it even
offered on newer routers?
kirashi Audi500010/21/12 4:05pm
Becuase Nintendo's Original DS Lite's are not compatible with any version of
WPA that I know of. Go Nintendo.
Audi5000 kirashi10/21/12 8:19pm
Yeah I know it's for compatibility reasons, guess that was a rhetorical question.
tzakiel1 Audi500010/21/12 8:22pm
Yep, I'm also here to mention nintendo DS.
dangeorges Audi500010/26/12 7:03am
Some mobile devices have WEP as the only option (e.g., Palm Tungsten C).
If you have legacy devices that still require connectivity, you may have no
choice.
I have set up my router's guest network with WEP so I can use my older devices
that only support this type of encryption.
timgray Adam Dachis10/31/13 3:32am
I can secure a wide open network from being accessed from a location I dont
want it to be accessed from. It's called RF control, and sadly most people that
are IT people have zero education in RF so they have zero clue how to handle it
or use it.
My last house was 100% hacker proof with an open wireless ap. all aluminum
siding, aluminum storm windows with top to bottom aluminum screens. and I
believe there was aluminum on the roof as you lost all cellphone signal when
you went inside. Even holding a laptop against the window screen you had no
signal to my AP in the house.
I believe if the hacker climbed up on my roof and sat near the chimney he
could get some signal, but 99% of all hackers are too lazy to do that and it's
kind of obvious when they ring my doorbell asking if they can borrow a ladder.
rsanchez1 timgray10/31/13 8:40am
100% hacker proof? I bet if someone broke in and stole your computer you
would have egg on your face.
timgray rsanchez110/31/13 10:47am
Yes because that would go completely unnoticed as we all know those hackers
are invisible.
vidvamp01 Adam Dachis10/19/12 11:11pm
This is why more robust encryption was added to the consumer routers.
Eugene Smiley vidvamp0111/05/12 3:22pm
Actually, using Reaver on a WPA/WPA2 router that has WPS can bypass the
"robust encryption" since the PIN is a 4 digit number. Some routers (Linksys)
are even gimped by the fact that you think you can turn off the WPS, but it still
runs.
bixxcii Eugene Smiley10/30/13 11:16pm
sorry double post
bixxcii Eugene Smiley10/30/13 11:16pm
router pins have 8 digits
timgray Eugene Smiley10/31/13 3:39am
you can turn it off, Install OpenWRT.
RedPenOfDoom Adam Dachis10/21/12 10:00pm
Write a guide on how to crack a WiFi password with an Android device and
you have my attention.
timgray RedPenOfDoom10/31/13 3:42am
Reaver is available for android, it takes a high end phone with processing
power though. Even the Galaxy G3 is too slow.
Costermonger timgray10/31/13 3:13pm
Couldn't I use an array of phones to cut down the time?
pceasies RedPenOfDoom10/31/13 4:41pm
Download Linux Deploy. Install BackTrack through the app. I'm not sure
about phone support though, since drivers supporting packet injection that are
compatible with your phone's wifi chip have to exist.
Hild Adam Dachis7/30/13 7:42am
Nice to know, but I will never do this. It is illegal for a reason.
magicmadzik Hild10/30/13 4:47pm
Is it really illegal? Serious question.
Nederlandse magicmadzik10/30/13 11:25pm
In my country (the Netherlands), it is similar to breaking into someone's pc,
according to recent case law. So I'm not going to try it, unless it's my own
network or something like that.
Hild magicmadzik10/31/13 7:29am
This is illegal in Norway, yes.
Ray J magicmadzik11/01/13 1:49am
illegal, IMO.
Load More
scootertexas Adam Dachis10/19/12 7:41pm
I don't get it. A redo of 9 months old articles that were outdated at the time?
poiboy scootertexas10/19/12 8:31pm
kinda agree too
SBM_from_LA scootertexas10/19/12 10:14pm
Some readers were not here 9 months ago... it's a great idea keeping useful and
helpful articles in circulation.
simpleburner scootertexas10/22/12 4:32am
No, you don't get it. Move along and stop commenting.
HerX scootertexas10/31/13 2:04am
so in those last 9 months all wifi router manufacturers fixed this security hole?
MSNBCmole Adam Dachis10/31/13 1:43am
"Learn how it works so you can learn how to protect yourself."...... from the
1,000s of more people that may not have cared to learn this but just did.