Friday, April 18, 2014

Wifite : Hacking Wifi The Easy Way : Kali Linux

Wifite

While the aircrack-ng suite is a well known name in the wireless hacking , the same can't be said about Wifite. Living in the shade of the greatness of established aircrack-ng suite, Wifite has finally made a mark in a field where aircrack-ng failed. It made wifi hacking everyone's piece of cake. While all its features are not independent (eg. it hacks WPS using reaver), it does what it promises, and puts hacking on autopilot. I'm listing some features, before I tell you how to use wifite (which I don't think is necessary at all, as anyone who can understand simple English instructions given by Wifite can use it on his own).

Features Of Wifite

  • Sorts targets by signal strength (in dB); cracks closest access points first
  • Automatically de-authenticates clients of hidden networks to reveal SSIDs
  • Numerous filters to specify exactly what to attack (wep/wpa/both, above certain signal strengths, channels, etc)
  • Customizable settings (timeouts, packets/sec, etc)
  • "Anonymous" feature; changes MAC to a random address before attacking, then changes back when attacks are complete
  • All captured WPA handshakes are backed up to wifite.py's current directory
  • Smart WPA de-authentication; cycles between all clients and broadcast deauths
  • Stop any attack with Ctrl+C, with options to continue, move onto next target, skip to cracking, or exit
  • Displays session summary at exit; shows any cracked keys
  • All passwords saved to cracked.txt
  • Built-in updater: ./wifite.py -upgrade

I find it worth mentioning here, that not only does it hack wifi the easy way, it also hack in the best possible way.  For example, when you are hacking a WEP wifi using Wifite, it uses fakeauth and uses the ARP method to speed up data packets (I wrote a full length post about something which it does automatically!).

Hacking WEP network

If you've followed my previous posts on Hacking Wifi (WEP), you know there's a lot of homework you have to do before you even start hacking. But not here. With Wifite, its as easy and simple as a single command.
wifite -wep
You might even have used the command
wifite
If you see any error at this stage move to the bottom of the page for troubleshooting tips. If your issue is not listed please comment. We reply within a day.
The -wep makes it clear to wifite that you want to hack WEP wifis only. It'll scan the networks for you, and when you think it has scanned enough, you can tell it to stop by typing ctrl+c. It'll then ask you which wifi to hack. In my case, I didn't specify -wep so it shows all the wifis in range.
 You can also select all and then go take a nap (or maybe go to sleep). When you wake up, you might be hacking all the wifi passwords in front of you. I typed one and it had gathered 7000 IVs (data packets) within 5 mins. Basically you can except it to hack the wifi in 10 mins approx. Notice how it automatically did the fake auth and ARP replay.
Here are a few more screenshots of the working of Wifite, from their official website (./wifite.py is not something that should bother you. You can stick with the simple wifite. Also, specifying the channel is optional so even the -c 6 was unnecessary. Notice that instead of ARP replay, the fragmentation attack was used, using -frag) -

 Hacking WPS wasn't fast (it took hours), but it was easy and didn't require you to do anything but wait.
 Note, the limitation that many reader on my blog are beginners forbid me from introducing too many attacks. I made a tutorial about ARP replay attack, and that too was detailed as hell. However, Wifite makes it possible for you to use any method that you want to use, by just naming it. As you saw in the screenshot above, the fragmentation attack was carried out just by typing -frag. Similarly, many other attacks can be played with. A good idea would be to execute the following-
wifite -help
This will tell you about the common usage commands, which will be very useful. Here is the list of WEP commands for different attacks-
    WEP
-wep         only target WEP networks [off]
-pps <num>   set the number of packets per second to inject [600]
-wept <sec> sec to wait for each attack, 0 implies endless [600]
-chopchop   use chopchop attack      [on]
-arpreplay   use arpreplay attack     [on]
-fragment   use fragmentation attack [on]
-caffelatte use caffe-latte attack   [on]
-p0841       use -p0841 attack        [on]
-hirte       use hirte (cfrag) attack [on]
-nofakeauth stop attack if fake authentication fails    [off]
-wepca <n>   start cracking when number of ivs surpass n [10000]
-wepsave     save a copy of .cap files to this directory [off]
As you can see, its the same thing as is there on the help screenshot. Play around with the attacks and see what you can do. Hacking WPA without WPS wouldn't be that easy, and while I don't usually do this, I'm providing a link to an external website for the tutorial . This is the best WPA cracking tutorial I've seen, and I can't write a better one. It's highly detailed, and I'm just hoping I don't lose my audience to that website. Here is the tutorial - Cracking Wifi WPA/WPA2 passwords using pyrit cowpatty in Kali Linux

Troubleshooting

Wifite quits unexpectedly, sating "Scanning for wireless devices. No wireless interfaces were found. You need to plug in a wifi device or install drivers. Quitting."
You are using Kali inside a virtual machine most probably. Virtual machine does not support internal wireless card. Either buy an external wireless card, or do a live boot / side boot with Windows. Anything other than Virtual machine in general.

Another attack automating script : Fluxion

Wifite is cool and all, but doesn't do much against the invincible WPA-2 networks. Using a combination of evil-twin and man in the middle sort of attacks, fluxion tries to fool a client into giving you the key to the WPA-2 protected access point. Sounds interesting? Take a look.

    77 comments:

    1. The wifite I am using on Kali linux asks me to use a dictionary so it can use to attack. How do I write the command to achieve this ? Also why does wifite ask me to do this ?

      ReplyDelete
    2. I would like to add to my above statement. I think the material you have put together is fantastic. Well done. No easy task. Keep up the good work Shashwat.

      ReplyDelete
    3. Thanks Shashwat. You have helped me take a step forward. It's refreshing to find a good resource that is helpful. Great job.

      ReplyDelete
    4. Bout how long do you think ?
      I had success with Reaver.

      ReplyDelete
      Replies
      1. Wifite will take
        -as long as reaver for WPS
        -as long as aircrack+aireplay for WEP

        Delete
    5. Nice tutorial thanx
      http://beinghaxor.blogspot.com/
      http://beinghaxor.blogspot.com/2015/03/how-to-hack-wifiwpawpa2wep-in-single.html
      http://beinghaxor.blogspot.com/2015/03/top-10-hackers-tools.html

      ReplyDelete
    6. hi, i try your way, it start with WPS attack but later it says unable to complete successful try in 660 seconds.
      then it skipped the target and follow the wpa handshake capture, but also fail with error ; unable to capture handshake in timesent, the it quit. i wish i can upload the screenshots. pls help me on this. thank you.

      ReplyDelete
      Replies
      1. go into terminal and type:
        wifite -wpst -wpstime 0

        Delete
    7. [#] Drone Hijacking With Maldrone — Drone Malware

      http://beinghaxor.blogspot.com/2015/05/drone-hijacking-with-maldrone-drone.html

      ReplyDelete
    8. hi tank you for Many nice training

      but i need yours help for hack my bank account
      iam live in iran Because Issues security iam not hack pls help me for hack my bank account for me

      I really need the money

      I want you to hack my bank account if I got arrested for some, but if you hack Iran Hksh you do not have to.
      You can do this for me? Or someone you know who do this for me my Emil bikas2baroon@yahoo.com

      ReplyDelete
      Replies
      1. Wtf. learn english

        Delete
      2. This is exactly why I hate that tutorials like this exist on the web. Not only does this guy not have the mental capacity to learn, he doesn't even try but instead asks a stranger to do it for him. To the author of this post, you should be ashamed of yourself for helping these people to learn tools that are meant for pen testing professionals. One day you are going to be the resource a terrorist needs to kill innocent people or ruin lives. -KYS!

        Delete
      3. Yeah, you read "Iran" and your first thought is "terrorist attack". That guy bikas2baroon is a moron, yes, and should be deleted, but the real problem with pretty much any online blog is that racist dickheads feel legitimated to share their anti-intellect. Really, the world doesn't need you...

        Delete
    9. You can also send cap file to http://wpa-plc.com and wait for password.

      ReplyDelete
    10. i have the wifi chipset driver inbuilt, so reply with my above qn !!!!!!!!!

      ReplyDelete
    11. how troubleshooting problem will solve?

      ReplyDelete
    12. IS TP-LINK TL-WN727N USB WIRELESS ADAPTER IS COMPATIBLE FOR WIFI HACKING ?

      ReplyDelete
    13. how do you do a live boot/side boot with windows

      ReplyDelete
    14. This is really useful if you are on youre phone and have kali nethunter installed. Then just vnc to your phone with the vncviewer from google play and use your phone as kali linux!

      ReplyDelete
    15. Just says failed to associate on everything i try it on.

      ReplyDelete
    16. sir i am using this this method but attck is succesful but i dont no what to do forward so you can explain me what to do after when targert is succesful

      ReplyDelete
    17. May i know the problem ? :(
      i am using kali linux 2.0 with pendrive boot.
      and i have : http://www.tendacn.com/in/product/W311M.html

      http://i.imgur.com/y8kj6KR.jpg

      Help needed :(
      Regards.

      ReplyDelete
    18. Hello there! How do I go about hacking a WPA wifi with bruteforce?

      ReplyDelete
    19. I am trying it out now as it progresses does it reach 100%it only at .25%now 25/57
      anonsuffersociety

      ReplyDelete
    20. I was testing hacking my own network, and it was say 150/370 succeeded, do I just continue to let it run? Does it automatically stop and say the password when its done or how do I know when to stop it, I hit cntrol+c and it stopped completely

      ReplyDelete
    21. I was testing hacking my own network, and it was say 150/370 succeeded, do I just continue to let it run? Does it automatically stop and say the password when its done or how do I know when to stop it, I hit cntrol+c and it stopped completely

      ReplyDelete
    22. can anyone hack wps off networks. it is possible from kali linux???

      ReplyDelete
    23. 1. Is this processes sped up by a faster computer? I heard brute forcing requires a fast GPU. I'm on a laptop core i7-36010QM, 16gb ram, geforce gt750m
      2. Will installing kali on the hard drive speed things up? I'm using Oracle VM Virtualbox on Win7 64bit since I can't seem to get the installation working.

      ReplyDelete
    24. When I start wifite it asks me which device I want to put in monitor mode. I choose my adapter then it says "done" and asks same question again. Endlesly...
      I have no idea what to do.

      ReplyDelete
    25. how to crack wifi|how to crack wifi internet|how to crack wifi password

      http://lobatandawgs.com/46-wifi-password-cracker.html

      http://shanghaiblackgoons.com/49-wifi-password-cracker.html

      ReplyDelete
    26. hi,what tool do i need to know if the users in one SSID are present using it or none is using it?

      ReplyDelete
    27. it's forever stuck on trying to enable monitor mode. i enabled the monitor mode manually by using airmon-ng. but it didn't seem to help

      ReplyDelete
      Replies
      1. You should install driver for your interface card then start with airmon-ng

        Delete
    28. please I have a question : it is not possible to crack a wifi with kali linux installed in virtual machine and without external wireless card ??

      ReplyDelete
    29. for some reason my ctrl key on my phone doesn't work. some help PLEASE!!!!!!!!!

      ReplyDelete
    30. how can i do the live boot / side boot with Windows.

      ReplyDelete
    31. you can find more information about a Wi-Fi Protected Access on the website http://wlan-wifi.com/wpa

      ReplyDelete
    32. To the author; shame on you for helping these degenerates to become pseudo hackers, 90% of these people have bad intentions that go beyond just using their neighbors bandwidth. You will be the cause of death or destruction in the near future and you WILL be punished for it. This website and any others you are associated with will be taken down if you do not remove this content. All of your personal info will than be made public in forums that you would never want your info posted.

      ReplyDelete
    33. I entered the "wifite" command, then it noticed "select number of device to put into monitor mode(1-2)".
      No matter what I selected, it shows "enabling monitor mode on wlan0... done", and ask for select again, like the notice before.
      any one knows how to solve thanks.

      ReplyDelete
      Replies
      1. - you need a wireless adapter that support monitor mode and install driver for it.
        - put it into monitor mode before run wifite :
        Ifconfig wlan1 up && airmon-ng start wlan1
        wlan0 is internal wireless most of devices not support monitor mode.

        Delete
    34. Google is your friend, so why don't you mouth breathing retards at least research before asking Google it. Thank you for your time.

      ReplyDelete
    35. Google is your friend, so why don't you mouth breathing retards at least research before asking Google it. Thank you for your time.

      ReplyDelete
    36. Wifite quits unexpectedly, sating "Scanning for wireless devices. No wireless interfaces were found. You need to plug in a wifi device or install drivers. Quitting."

      i am getting the error same as troubleshooting, you mentioned to do live boot with windows , could you tell me how to do live boot ?

      ReplyDelete
    37. I got this after the process was done Unable to carry out hirte attack: no clients

      ReplyDelete
    38. Help me please i have a tp-link wn722n router. when i use wifite it keeps on sending deauthentication to victim and listens for handshake but it keeps on repeating the process no sucess.At the end it states disabling and quitting monitor mode o/1 wpa attacks succeeded.I have installed kali linux 2.0 in vmware.

      ReplyDelete
    39. What a bunch of ridiculous questions!

      ReplyDelete
    40. Thanks a lot, great script

      ReplyDelete
    41. Hey lecturer I know u have plenty of comments to reply so I'll make it straight to the point.
      I can't test Wifite nor Aircrack-ng on myself because my WPS is permanently locked/there's no such button on router and no such option on router setup site.
      However I can do that to people around me, I wanna ask u about risks of using both tools on others.
      Not sure if it should be like that but when I tried to hack my network my wlan connection went down on other devices, its not much of a sign, but always something.
      Other thing is that if I connect to other's wlan I'll probably end up in their client table in their router setup site (with my mac address at least).
      So how do you defend yourself from being discovered when you hack and what else can help them in identifying me? I really wanna test this things out but don't want to get discovered.
      PS. Amazing site providing very good smooth start.

      ReplyDelete
      Replies
      1. I'm not aware of any tool that could do that. However, you could log in into the route wirelessly (if the router permits it) and delete your MAC from the dchp table.

        Delete
      2. use the --mac flag in wifite

        Delete
      3. Sorry I didn't notice this question before. It may be too late to reply, but still, it might help others:
        1) Devices are getting disconnected probably because the attack you are performing involves sending de-auth packets to all clients on that network.
        2) There are many ways to spoof your MAC. However, spoofing MAC doesn't mean that if you do something illegal (illegal enough for anyone to spend their resources on forensics) you would be untraceable. However, for most practical purposes, it's enough.

        Delete
    42. is tp link wl-725n compatible with kali linux 2.0?

      ReplyDelete
      Replies
      1. ^^I really want to know

        Delete
    43. Can i know how to cracking WPA2/WPA wifi pass?

      ReplyDelete
      Replies
      1. Wifite does it for you. However, blackmoreops has some good tutorials.
        https://www.blackmoreops.com/2014/03/10/cracking-wifi-wpawpa2-passwords-using-pyrit-cowpatty/
        https://www.blackmoreops.com/2014/03/27/cracking-wpa-wpa2-with-hashcat-kali-linux/

        In my website I have two tutorials, which are slower than the above methods, but much simpler-
        http://www.kalitutorials.net/2014/06/hack-wpa-2-psk-capturing-handshake.html
        http://www.kalitutorials.net/2015/10/wpawpa-2-cracking-using-dictionary.html

        Delete
    44. [!] ERROR: wifite must be run as root
      [!] login as root (su root) or try sudo ./wifite.py


      plese halp

      ReplyDelete
      Replies
      1. Use the command sudo wifite.
        If you are on some distribution other than Kali, and have downloaded the script, then use - sudo ./wifite.py

        Delete
    45. Hi all,

      When I select the number of device to put into monitor mode it enters in a loop and ask e for the number of device to put in monitor mode over and over again.
      Anyone has the same problem?

      Cheers

      ReplyDelete
      Replies
      1. Well, I found the solution so here it is:
        All you have to do is to enable monitor mode with airmon-ng start and then start wifite.

        Delete
    46. Bro i have Nexus 5 and I install nethunter on it and I started wifite attack but not showing wlan1 option plzz help me����������

      ReplyDelete
    47. My name balveer choudhary nexus 5 device comment is my plzz help me

      ReplyDelete
    48. can you write simple tutorial? i dont understand

      ReplyDelete
    49. actually im using linux kali in my virtual box and ive installed the wlan driver (compat-wireless-2010-09-01-p.tar.bz2). after that when im typing wifite command it show to choose wlan0 or wlann1. i tried both of the option but its taking a lot of time scanning the target. why is this happening? what is the problem? please replay a solution. Thank you.

      ReplyDelete
    50. I successfully cracked my WEP network with wifite, but now it doesn't show up when wifite does a scan, even when I changed the network key. Other networks still show up, just not the one I already cracked. The only way I was able to do it again was when I replicated the process from a different computer, and now it doesn't show up in wifite scans on that computer either. Is their any way to fix this? I was hoping I could practace by doing it more than once. (btw I'm using virtualbox with a usb dongle so I still see wlan0 when I type ifconfig)

      ReplyDelete

    © Kali Tutorials, 2016. Unauthorized use and/or duplication of this material without express and written permission from this site’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to Shashwat Chaudhary and Kali Tutorials with appropriate and specific direction to the original content.
    Bitcoin: 1B5aLqJcMW7zznffTxQwta8JTZsxBDPguC