Saturday, 25 July 2015

How to Hack Wi-Fi: Cracking WPA2-PSK Passwords Using Aircrack-Ng

First you have to download or install these 3 basic thing in your pc .
1- KALI LINUX (which you can download from here ) it is a hacking/pen-testing software https://www.kali.org/
2- VMWARE (which you can download from here ) it is a virtual machine which runs kali linux or you can download any other virtual machine. http://filehippo.com/download_vmware_player/
3- A  perfect injection wire-less chipset for more details on chipset visit this site. http://www.aircrack-ng.org/doku.php?id=compatibility_drivers
LETS GET STARTED WITH HACKING 
Most wireless access points now use Wi-Fi Protected Access II with a pre-shared key for wireless security, known as WPA2-PSK. WPA2 uses a stronger encryption algorithm, AES, that's very difficult to crack—but not impossible. The weakness in the WPA2-PSK system is that the encrypted password is shared in what is known as the 4-way handshake. When a client authenticates to the access point (AP), the client and the AP go through a 4-step process to authenticate the user to the AP. If we can grab the password at that time, we can then attempt to crack it.
In this tutorial from our Wi-Fi Hacking series, we'll look at using aircrack-ng and a dictionary attack on the encrypted password after grabbing it in the 4-way handshake. If you're looking for a faster way, I suggest you also check out my article on " HOW TO HACK WIFI USING COWPATTY "which is probably a lot faster way but it is tough to handle.

Step 1: Put Wi-Fi Adapter in Monitor Mode with Airmon-Ng


Open kali linux terminal after downloading from the required websites, open the terminal and type "airmon-ng" their will be a list of wireless card that are installed on your pc if their are no lists then your pc 's wireless chipset does not support aircrack-ng 

Let's start by putting our wireless adapter in monitor mode.  This is similar to putting a wired adapter into promiscuous mode. It allows us to see all of the wireless traffic that passes by us in the air. Let's open a terminal and type:

  • airmon-ng start wlan0



 Note-that airmon-ng has renamed your wlan0 adapter to mon0.



Step 2: Capture Traffic with Airodump-Ng

Now that our wireless adapter is in monitor mode, we have the capability to see all the wireless traffic that passes by in the air. We can grab that traffic by simply using the airodump-ng command.
This command grabs all the traffic that your wireless adapter can see and displays critical information about it, including the BSSID (the MAC address of the AP), power, number of beacon frames, number of data frames, channel, speed, encryption (if any), and finally, the ESSID (what most of us refer to as the SSID). Let's do this by typing:

  • airodump-ng mon0



Note all of the visible APs are listed in the upper part of the screen and the clients are listed in the lower part of the screen.

Step 3: Focus Airodump-Ng on One AP on One Channel

Our next step is to focus our efforts on one AP, on one channel, and capture critical data from it. We need the BSSID and channel to do this. Let's open another terminal and type:
  • airodump-ng --bssid 08:86:30:74:22:76 -c 6 --write WPAcrack mon0



  • 08:86:30:74:22:76 is the BSSID of the AP
  • -c 6 is the channel the AP is operating on
  • WPAcrack is the file you want to write to
  • mon0 is the monitoring wireless adapter*
As you can see in the screenshot above, we're now focusing on capturing data from one AP with a ESSID of Belkin276 on channel 6. The Belkin276 probably a default SSID, which are prime targets for wireless hacking as the users that leave the default ESSID usually don't spend much effort securing their AP.

Step 4: Aireplay-Ng Deauth

In order to capture the encrypted password, we need to have the client authenticate against the AP. If they're already authenticated, we can de-authenticate them (kick them off) and their system will automatically re-authenticate, whereby we can grab their encrypted password in the process. Let's open another terminal and type:
  • aireplay-ng --deauth 100 -a 08:86:30:74:22:76 mon0






  • 100 is the number of de-authenticate frames you want to send
  • 08:86:30:74:22:76 is the BSSID of the AP
  • mon0 is the monitoring wireless adapter

Step 5: Capture the Handshake

In the previous step, we bounced the user off their own AP, and now when they re-authenticate, airodump-ng will attempt to grab their password in the new 4-way handshake. Let's go back to our airodump-ng terminal and check to see whether or not we've been successful.
Notice in the top line to the far right, airodump-ng says "WPA handshake." This is the way it tells us we were successful in grabbing the encrypted password! That is the first step to success!

Step 6: Let's Aircrack-Ng That Password!

Now that we have the encrypted password in our file WPAcrack, we can run that file against aircrack-ng using a password file of our choice. Remember that this type of attack is only as good as your password file.for wordlist or we can say for password file contact me on comments or wait for some time on tutorial on "how to create wordlist using crunch in kali linux "
We'll now attempt to crack the password by opening another terminal and typing:
    • aircrack-ng WPAcrack-01.cap -w /pentest/passwords/wordlists/darkc0de(whatever your wordlist postion is type that )

  • WPAcrack-01.cap is the name of the file we wrote to in the airodump-ng command
  • /pentest/passwords/wordlist/darkc0de is the absolute path to your password file

How Long Will It Take?

This process can be relatively slow and tedious. Depending upon the length of your password list, you could be waiting a few minutes to a few days. On my dual core 2.8 gig Intel processor, it's capable of testing a little over 500 passwords per second. That works out to about 1.8 million passwords per hour. Your results will vary.
When the password is found, it'll appear on your screen. Remember, the password file is critical. Try the default password file first and if it's not successful, advance to a larger, more complete password file such as one of these.'


PLEASE FOLLOW AND COMMENT FOR ANY INFORMATION .

Tuesday, 21 July 2015

HOW TO LOCK FOLDER WITHOUT ANY ADD-ON SOFTWARE (.BAT FILE )

1- open notepad 

2- type this script in notepad/copy because of human errors
   
   cls
@ECHO OFF
title hackingorganization.blogspot.com
if EXIST "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" goto UNLOCK
if NOT EXIST myFolder goto MDmyFolder
:CONFIRM
echo Are you sure to lock this folder? (Y/N)
set/p "cho=>"
if %cho%==Y goto LOCK
if %cho%==y goto LOCK
if %cho%==n goto END
if %cho%==N goto END
echo Invalid choice.
goto CONFIRM
:LOCK
ren myFolder "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
attrib +h +s "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
echo Folder locked
goto End
:UNLOCK
echo Enter password to Unlock Your Secure Folder
set/p "pass=>"
if NOT %pass%== myfolder goto FAIL
attrib -h -s "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
ren "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" MyFolder
echo Folder Unlocked successfully
goto End
:FAIL
echo Invalid password
goto end
:MDMyFolder
md MyFolder
echo MyFolder created successfully
goto End
:End
3- OR FURTHER DOWNLOAD FROM HERE "http://speedy.sh/xUgd8/lock-folder.txt"
Save this anywhere (except on Desktop) with the  name  (anyname).bat 
4-An ms dos batch file be created ,click on that.
5-a command prompt will open type "Y" to accept conformation .
6-then new folder will be create with name "myfolder" put all the stuff in it.
7-And then again click on that ms dos batch file it will ask for password to hide that file or to open that file type "myfolder"which is default password .You can change that in above script.
8-BINGO all your files are locked in particular folder.