![]() ![]() Small, cheap computers like the Raspberry Pi Zero W and the Raspberry Pi 3 feature the ability to add powerful network adapters in addition to its internal Wi-Fi card, all while keeping the cost below $70 to run a remote headless attack suite. Since 2010, some major changes have made Besside-ng relevant again. Why a 2010 Tool Is Still Powerful in 2017 Keep in mind, if your target has an always-connected smart device, you can pretty much always grab a handshake for their network. It’s terrifyingly easy, and during peak activity hours in a high-density area, Besside-ng can harvest every Wi-Fi network in use within the range of your antenna. ![]() The targeted device will reconnect automatically, and we will record the handshake when it does. ![]() How a deauth attack works to harvest WPA keys. Besside-ng scans the airwaves for any devices connected to a Wi-Fi network, and then injects a packet that disconnects the device from that network for a very short period of time. In order to record a precious handshake from a W-Fi network, an authorized device like the target’s smartphone or laptop must connect to the network. Since many people choose bad passwords, we will get back around 10–20% of our recorded handshakes networks with cracked passwords. To save time, we can submit these handshakes to a distributed cracking service or a more powerful machine, which will automatically try all of the world’s most common and shitty passwords for us. If we guess the correct password, we’ll know, so having a good password list and a fast processor used to be essential to cracking WPA networks. ![]() While WEP can be broken easily, WPA and WPA2 networks require us to record a “handshake” when a device connects to the target network, and then try to guess the password by having a program try many possible passwords against that recorded handshake. Sound Simple? Let’s Look at How It WorksĮncrypted Wi-Fi networks come in two main flavors, WEP and WPA. It features customizable options to upload handshakes to distributed WPA password crackers which, on average, crack over 18% of networks submitted automatically. First written in 2010 in C, Besside-ng is an incredibly aggressive and persistent WPA handshake mass-harvester and WEP cracker. Besside-ng is, in my opinion, one of the most powerful Wi-Fi hacking tools currently available. Unlike many tools, it requires no special dependencies and can be run via SSH, making it easy to deploy remotely. When run with a wireless network adapter capable of packet injection, Besside-ng can harvest WPA handshakes from any network with an active user - and crack WEP passwords outright. In this how-to, I will be demonstrating a few of the tactical applications of Besside-ng, the hidden gem of the Aircrack-ng suite of Wi-Fi hacking tools. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |