Installing backtrack & cracking WPS ?

Greetings Users

Recently I have discovered a method to crack WPA/WPA2 Wireless networks.

What you will need:

- BackTrack ( I would recommend the latest possible version, as of now it's Version 5 RC3)

- A laptop or desktop equipped with a BackTrack compatible wireless card

- The ability to type commands into a terminal

- Novice computer knowledge.

How to install BackTrack 5 Live on to a USB in 5 steps. (Minimum 2GB Space Required):

Step 1: Download the ISO

Step 2:

Download UNetBootin

You are going to want to format the USB you are going to use

to FAT32, other filesystems like NTFS will not work.

Start UNetBootin and select the 'diskimage' option, choose the iso

you downloaded earlier. Select the amount of space to use for

persistence in MB. Select the correct USB drive and click 'OK'.

Step 3:

Reboot your computer, and open your BIOS or CMOS setup.

If you have an understanding of your BIOS, select your USB

as the first boot option, and restart. If you do not know how

to change your boot options follow this link to learn how.

Step 4:

Boot your computer on the USB drive, you will see a boot menu appear,

Use your arrow keys if necessary to select the 'Default Boot Text Mode'

Boot option.

Step 5:

Once it has booted, you should now see that BackTrack has started,

and it's in a command line. Type 'startx' (without quotations) to boot

up the desktop GUI.

That concludes how to install BackTrack Live to a USB.

How to install Reaver on BackTrack:

One step process:

Open terminal and type 'apt-get update'

Once it has fully updated, follow up with the following,

'apt-get install reaver'

Once that has completed, There you have it, Reaver is now installed.

How to execute the Reaver bruteforce attack, once installed

Step 1:

Locate your wireless card device name,

to do this, open up Terminal, and type the following:

'iwconfig' and press enter. You should see your wireless

device in the subsequent list. Chances are it will be named

'wlan0', but if you have more than one wireless card, or an

unusual networking setup, it may be named something different.

Step 2:

Enable monitor mode on your wireless card,

to do this, type the following command:

'airmon-ng start wlan0'

Step 3:

Find the BSSID of the router you would like to crack,

To do this, type the following command:

'airodump-ng wlan0' (if wlan0 doesn't work, try using mon0 instead.)

You will see a list of wireless networks in range, It will look similar to

the following image below:

When you have spotted the network you would like to crack,

press Ctrl+C to stop the list from refreshing. Select the BSSID

by Highlighting it, and copy it.

Step 4:

It's finally time to crack that network,

To do this, Type the following command:

'reaver -i moninterface -b bssid -vv'

Put your monitor interface (wlan0, mon0, or other) where I put 'moninterface',

and put your target's BSSID where I typed bssid.

eg. 'reaver -i mon0 -b 12:34:56:78:90:10'

Press enter, sit back, and let Reaver do it's incredible attack.

-
Note, Cracking can take anywhere from 2 hours to a full day, BE PATIENT!

- Something else I should have mentioned, this attack takes advantage of WPS on routers,

it bruteforces the WPS pin to retrieve the password, so if the router(s) you intend to attack does not have WPS enabled,

(in most cases majority of people don't even know what that is, though most routers these days

have it for ease of access to connect) it will not be able to retrieve the password through reaver.

Thanks!

Note: This tutorial is only for Educational Purposes, I did not take any responsibility of any misuse, you will be solely responsible for any misuse that you do. Hacking email accounts is criminal activity and is punishable under cyber crime and you may get upto 40 years of imprisonment, if got caught in doing so.