Brute Force Attack

Brute force attack is a trial-and-error method used to obtain information such as a user password or personal identification number (PIN). In a brute force attack, automated software is used to generate a large number of consecutive guesses as to the value of the desired data. Brute force attacks may be used by criminals to crack encrypted data, or by security analysts to test an organization’s network security.

Brute Force Attack on Wireless Network project done by ICSS Student Debshubra Chakraborty. Here discussed the full process below.

Project Name: Brute Force Attack on Wireless Network without Using Wordlist

Author Name: Debshubra Chakraborty

Publish Date: 06-08-2018

CONTENT:

Introduction

Scan for Available Wireless Networks

Generating the Capture File

Getting WPA Handshake

Cracking Password by Brute Force Attack (Using Wordlist)

Cracking Password by Brute Force Attack (Without Using Wordlist)

Solutions and Recommendation

Introduction

According to the Algorithm or Procedure of hacking a Wi-Fi Router we need to generate a Capture file Ex: a-01.cap, this capture file Hold the actual Password of the Wi-Fi Router when we get the WPA Handshake. The Password in the capture file is in Encrypted form, and it can’t be Decrypt. All we can do is to generate Random Passwords, Encrypt the Passwords and we can compare it with the Password which is in Encrypted form in the capture file. If the two Encrypted Passwords match then we can easily find the Password in Decrypt form. In this scenario we need a Wordlist, It’s a word file full of random generated passwords. In a Brute Force Attack we almost try all the passwords in the wordlist that if they match with the Password in the capture file.

**We Need a NAT (Network Address Translator) to Perform Brute Force Attack

Scan for Available Wireless Networks

First we need to detect the NAT (Network Address Translator) Command: airmon-ng

Then we need to configure the NAT to Monitoring Mode Command: airmon-ng start wlan0

Then we will start Monitoring

Command: airodump-ng wlan0mon

Generating the Capture File:

So, now we are Generating the Capture File Command:

airodump-ng –c 13 –bssid 7E:46:85:5C:CA:8A –w /root/Desktop/a wlan0mon

Now, the Capture File is generated

You can see the .cap file a-01.cap, on my Screen

Getting WPA Handshake:

Now, we need a Data transfer from the Network

Now we are Connected with the network “Strike Rider”

The Data Transfer rate is increasing

And we can also observe it here

Now we just need to DE Authenticate all users from the Network to get the WPA Handshake

Command: aireplay-ng –deauth 13 –a 7E:46:85:5C:CA:8A wlan0mon

And here we get the WPA Handshake

We can see that it get the WPA Handshake, Now we are good to go.

It means the Capture file (a-01.cap) got the Password which is in Encrypted form.

Cracking Password by Brute Force Attack (Using Wordlist)

Now we are generating a wordlist. Ex: b.txt

So, Let’s Start the Cracking

Command: aircrack-ng –b 7E:46:85:5C:CA:8A –w /root/b.txt /root/Desktop/a-01.cap

Here we found the Password as “abcdefgh” which is in the Word list b.txt

Cracking Password by Brute Force Attack (Without Using Wordlist)

Here we don’t have any wordlist

But we can generate a Wordlist using Crunch.

If we get information as the Password is length of 8 and it is a combination of a, c, g, h, b, d, f, e then we can generate a wordlist Command: crunch 8 8 acghbdfe

Here the Crunch is generating a file that contains 16777216 Passwords and the size will be 144 MB.

We can afford the size 144 MB, What we will do if we have no information about the Password?

If we have no information about the Password, and we create passwords of 8

to 16 lengths with using every ASCII key which could be a Password, The

Result will become…..

Command:

crunch 8 16 abcdefghijklmnopqrstuvwxyz1234567890ABCDEFGHIJKLMNOPQRSTUVXYZ

Look the Crunch is generating a file that contains 15019004610786720137 Passwords and the size will be 13339 PB.

We can’t afford the Size 13339 PB, But we can do one thing…..

We can run Brute Force Attack without using wordlist.

In this scenario crunch will generate one Password and it will be compared with the Password which is in the capture file, If the password match crunch will stop else it will generate another Password. Command:

crunch 8 8 acghbdfe | aircrack-ng –b 7E:46:85:5C:CA:8A /root/Desktop/a-01.cap –w-

Look I didn’t give any location of the wordlist, that means I am not using any in this attack.

So, The Password Cracking process is running it will take some time to found the Password. After few Seconds……..

Even in this way we Found the Password same as “abcdefgh”

So, We Found that we can Crack any Password if we set the crunch from 8 to 32 with every ASCII key that can be use as Password. It’s a Time Consuming Process but we will be able to Crack every Password and we can also cross our limitations.

Solutions and Recommendation:

This process of Brute Force Attack can also perform in “John the Ripper” so it’s nearly impossible to stop anyone from cracking a Wi-Fi or some kind of password.

All we can do is to set a Password more than 8 characters and we should also change our Passwords repeatedly in short time intervals. It’s the only way to make your Wi-Fi Router or Any account, lock, etc Safe.

Highest Selling Technical Courses of Indian Cyber Security Solutions:

Certified Ethical Hacker Training in Bhubaneswar

Ethical Hacking Training in Bhubaneswar

Certified Ethical Hacker Training in Bangalore

Ethical Hacking Training in Bangalore

Certified Ethical Hacker Training in Hyderabad

Ethical Hacking Training in Hyderabad

Python Training in Bangalore

Python Training in Hyderabad

Python Training in Bhubaneswar

Microsoft Azure Training in Hyderabad

Microsoft Azure Training in Bangalore