Friday, April 18, 2014

Wifite : Hacking Wifi The Easy Way : Kali Linux

Wifite

While the aircrack-ng suite is a well known name in the wireless hacking , the same can't be said about Wifite. Living in the shade of the greatness of established aircrack-ng suite, Wifite has finally made a mark in a field where aircrack-ng failed. It made wifi hacking everyone's piece of cake. While all its features are not independent (eg. it hacks WPS using reaver), it does what it promises, and puts hacking on autopilot. I'm listing some features, before I tell you how to use wifite (which I don't think is necessary at all, as anyone who can understand simple English instructions given by Wifite can use it on his own).

Features Of Wifite

  • Sorts targets by signal strength (in dB); cracks closest access points first
  • Automatically de-authenticates clients of hidden networks to reveal SSIDs
  • Numerous filters to specify exactly what to attack (wep/wpa/both, above certain signal strengths, channels, etc)
  • Customizable settings (timeouts, packets/sec, etc)
  • "Anonymous" feature; changes MAC to a random address before attacking, then changes back when attacks are complete
  • All captured WPA handshakes are backed up to wifite.py's current directory
  • Smart WPA de-authentication; cycles between all clients and broadcast deauths
  • Stop any attack with Ctrl+C, with options to continue, move onto next target, skip to cracking, or exit
  • Displays session summary at exit; shows any cracked keys
  • All passwords saved to cracked.txt
  • Built-in updater: ./wifite.py -upgrade

I find it worth mentioning here, that not only does it hack wifi the easy way, it also hack in the best possible way.  For example, when you are hacking a WEP wifi using Wifite, it uses fakeauth and uses the ARP method to speed up data packets (I wrote a full length post about something which it does automatically!).

Hacking WEP network

If you've followed my previous posts on Hacking Wifi (WEP), you know there's a lot of homework you have to do before you even start hacking. But not here. With Wifite, its as easy and simple as a single command.
wifite -wep
You might even have used the command
wifite
If you see any error at this stage move to the bottom of the page for troubleshooting tips. If your issue is not listed please comment. We reply within a day.
The -wep makes it clear to wifite that you want to hack WEP wifis only. It'll scan the networks for you, and when you think it has scanned enough, you can tell it to stop by typing ctrl+c. It'll then ask you which wifi to hack. In my case, I didn't specify -wep so it shows all the wifis in range.
 You can also select all and then go take a nap (or maybe go to sleep). When you wake up, you might be hacking all the wifi passwords in front of you. I typed one and it had gathered 7000 IVs (data packets) within 5 mins. Basically you can except it to hack the wifi in 10 mins approx. Notice how it automatically did the fake auth and ARP replay.
Here are a few more screenshots of the working of Wifite, from their official website (./wifite.py is not something that should bother you. You can stick with the simple wifite. Also, specifying the channel is optional so even the -c 6 was unnecessary. Notice that instead of ARP replay, the fragmentation attack was used, using -frag) -

 Hacking WPS wasn't fast (it took hours), but it was easy and didn't require you to do anything but wait.
 Note, the limitation that many reader on my blog are beginners forbid me from introducing too many attacks. I made a tutorial about ARP replay attack, and that too was detailed as hell. However, Wifite makes it possible for you to use any method that you want to use, by just naming it. As you saw in the screenshot above, the fragmentation attack was carried out just by typing -frag. Similarly, many other attacks can be played with. A good idea would be to execute the following-
wifite -help
This will tell you about the common usage commands, which will be very useful. Here is the list of WEP commands for different attacks-
    WEP
-wep         only target WEP networks [off]
-pps <num>   set the number of packets per second to inject [600]
-wept <sec> sec to wait for each attack, 0 implies endless [600]
-chopchop   use chopchop attack      [on]
-arpreplay   use arpreplay attack     [on]
-fragment   use fragmentation attack [on]
-caffelatte use caffe-latte attack   [on]
-p0841       use -p0841 attack        [on]
-hirte       use hirte (cfrag) attack [on]
-nofakeauth stop attack if fake authentication fails    [off]
-wepca <n>   start cracking when number of ivs surpass n [10000]
-wepsave     save a copy of .cap files to this directory [off]
As you can see, its the same thing as is there on the help screenshot. Play around with the attacks and see what you can do. Hacking WPA without WPS wouldn't be that easy, and while I don't usually do this, I'm providing a link to an external website for the tutorial . This is the best WPA cracking tutorial I've seen, and I can't write a better one. It's highly detailed, and I'm just hoping I don't lose my audience to that website. Here is the tutorial - Cracking Wifi WPA/WPA2 passwords using pyrit cowpatty in Kali Linux

Troubleshooting

Wifite quits unexpectedly, sating "Scanning for wireless devices. No wireless interfaces were found. You need to plug in a wifi device or install drivers. Quitting."
You are using Kali inside a virtual machine most probably. Virtual machine does not support internal wireless card. Either buy an external wireless card, or do a live boot / side boot with Windows. Anything other than Virtual machine in general.

Another attack automating script : Fluxion

Wifite is cool and all, but doesn't do much against the invincible WPA-2 networks. Using a combination of evil-twin and man in the middle sort of attacks, fluxion tries to fool a client into giving you the key to the WPA-2 protected access point. Sounds interesting? Take a look.

    102 comments:

    1. The wifite I am using on Kali linux asks me to use a dictionary so it can use to attack. How do I write the command to achieve this ? Also why does wifite ask me to do this ?

      ReplyDelete
      Replies
      1. You are attacking a WPA network. Start with WEP.

        Delete
    2. I would like to add to my above statement. I think the material you have put together is fantastic. Well done. No easy task. Keep up the good work Shashwat.

      ReplyDelete
    3. Thanks Shashwat. You have helped me take a step forward. It's refreshing to find a good resource that is helpful. Great job.

      ReplyDelete
    4. Bout how long do you think ?
      I had success with Reaver.

      ReplyDelete
      Replies
      1. Wifite will take
        -as long as reaver for WPS
        -as long as aircrack+aireplay for WEP

        Delete
    5. Nice tutorial thanx
      http://beinghaxor.blogspot.com/
      http://beinghaxor.blogspot.com/2015/03/how-to-hack-wifiwpawpa2wep-in-single.html
      http://beinghaxor.blogspot.com/2015/03/top-10-hackers-tools.html

      ReplyDelete
    6. hi, i try your way, it start with WPS attack but later it says unable to complete successful try in 660 seconds.
      then it skipped the target and follow the wpa handshake capture, but also fail with error ; unable to capture handshake in timesent, the it quit. i wish i can upload the screenshots. pls help me on this. thank you.

      ReplyDelete
      Replies
      1. go into terminal and type:
        wifite -wpst -wpstime 0

        Delete
    7. [#] Drone Hijacking With Maldrone — Drone Malware

      http://beinghaxor.blogspot.com/2015/05/drone-hijacking-with-maldrone-drone.html

      ReplyDelete
    8. hi tank you for Many nice training

      but i need yours help for hack my bank account
      iam live in iran Because Issues security iam not hack pls help me for hack my bank account for me

      I really need the money

      I want you to hack my bank account if I got arrested for some, but if you hack Iran Hksh you do not have to.
      You can do this for me? Or someone you know who do this for me my Emil bikas2baroon@yahoo.com

      ReplyDelete
      Replies
      1. Wtf. learn english

        Delete
      2. This is exactly why I hate that tutorials like this exist on the web. Not only does this guy not have the mental capacity to learn, he doesn't even try but instead asks a stranger to do it for him. To the author of this post, you should be ashamed of yourself for helping these people to learn tools that are meant for pen testing professionals. One day you are going to be the resource a terrorist needs to kill innocent people or ruin lives. -KYS!

        Delete
      3. Yeah, you read "Iran" and your first thought is "terrorist attack". That guy bikas2baroon is a moron, yes, and should be deleted, but the real problem with pretty much any online blog is that racist dickheads feel legitimated to share their anti-intellect. Really, the world doesn't need you...

        Delete
    9. You can also send cap file to http://wpa-plc.com and wait for password.

      ReplyDelete
    10. i have the wifi chipset driver inbuilt, so reply with my above qn !!!!!!!!!

      ReplyDelete
    11. how troubleshooting problem will solve?

      ReplyDelete
    12. IS TP-LINK TL-WN727N USB WIRELESS ADAPTER IS COMPATIBLE FOR WIFI HACKING ?

      ReplyDelete
    13. how do you do a live boot/side boot with windows

      ReplyDelete
    14. This is really useful if you are on youre phone and have kali nethunter installed. Then just vnc to your phone with the vncviewer from google play and use your phone as kali linux!

      ReplyDelete
    15. Just says failed to associate on everything i try it on.

      ReplyDelete
    16. sir i am using this this method but attck is succesful but i dont no what to do forward so you can explain me what to do after when targert is succesful

      ReplyDelete
    17. May i know the problem ? :(
      i am using kali linux 2.0 with pendrive boot.
      and i have : http://www.tendacn.com/in/product/W311M.html

      http://i.imgur.com/y8kj6KR.jpg

      Help needed :(
      Regards.

      ReplyDelete
    18. Hello there! How do I go about hacking a WPA wifi with bruteforce?

      ReplyDelete
    19. I am trying it out now as it progresses does it reach 100%it only at .25%now 25/57
      anonsuffersociety

      ReplyDelete
    20. I was testing hacking my own network, and it was say 150/370 succeeded, do I just continue to let it run? Does it automatically stop and say the password when its done or how do I know when to stop it, I hit cntrol+c and it stopped completely

      ReplyDelete
    21. I was testing hacking my own network, and it was say 150/370 succeeded, do I just continue to let it run? Does it automatically stop and say the password when its done or how do I know when to stop it, I hit cntrol+c and it stopped completely

      ReplyDelete
    22. can anyone hack wps off networks. it is possible from kali linux???

      ReplyDelete
    23. 1. Is this processes sped up by a faster computer? I heard brute forcing requires a fast GPU. I'm on a laptop core i7-36010QM, 16gb ram, geforce gt750m
      2. Will installing kali on the hard drive speed things up? I'm using Oracle VM Virtualbox on Win7 64bit since I can't seem to get the installation working.

      ReplyDelete
    24. When I start wifite it asks me which device I want to put in monitor mode. I choose my adapter then it says "done" and asks same question again. Endlesly...
      I have no idea what to do.

      ReplyDelete
      Replies
      1. Put your adapter into monitor mode before opening wifite and it should automatically choose it on startup.

        Delete
    25. hi,what tool do i need to know if the users in one SSID are present using it or none is using it?

      ReplyDelete
    26. it's forever stuck on trying to enable monitor mode. i enabled the monitor mode manually by using airmon-ng. but it didn't seem to help

      ReplyDelete
      Replies
      1. You should install driver for your interface card then start with airmon-ng

        Delete
    27. please I have a question : it is not possible to crack a wifi with kali linux installed in virtual machine and without external wireless card ??

      ReplyDelete
    28. for some reason my ctrl key on my phone doesn't work. some help PLEASE!!!!!!!!!

      ReplyDelete
    29. how can i do the live boot / side boot with Windows.

      ReplyDelete
    30. you can find more information about a Wi-Fi Protected Access on the website http://wlan-wifi.com/wpa

      ReplyDelete
    31. To the author; shame on you for helping these degenerates to become pseudo hackers, 90% of these people have bad intentions that go beyond just using their neighbors bandwidth. You will be the cause of death or destruction in the near future and you WILL be punished for it. This website and any others you are associated with will be taken down if you do not remove this content. All of your personal info will than be made public in forums that you would never want your info posted.

      ReplyDelete
    32. I entered the "wifite" command, then it noticed "select number of device to put into monitor mode(1-2)".
      No matter what I selected, it shows "enabling monitor mode on wlan0... done", and ask for select again, like the notice before.
      any one knows how to solve thanks.

      ReplyDelete
      Replies
      1. - you need a wireless adapter that support monitor mode and install driver for it.
        - put it into monitor mode before run wifite :
        Ifconfig wlan1 up && airmon-ng start wlan1
        wlan0 is internal wireless most of devices not support monitor mode.

        Delete
    33. Google is your friend, so why don't you mouth breathing retards at least research before asking Google it. Thank you for your time.

      ReplyDelete
    34. Google is your friend, so why don't you mouth breathing retards at least research before asking Google it. Thank you for your time.

      ReplyDelete
    35. Wifite quits unexpectedly, sating "Scanning for wireless devices. No wireless interfaces were found. You need to plug in a wifi device or install drivers. Quitting."

      i am getting the error same as troubleshooting, you mentioned to do live boot with windows , could you tell me how to do live boot ?

      ReplyDelete
    36. I got this after the process was done Unable to carry out hirte attack: no clients

      ReplyDelete
    37. Help me please i have a tp-link wn722n router. when i use wifite it keeps on sending deauthentication to victim and listens for handshake but it keeps on repeating the process no sucess.At the end it states disabling and quitting monitor mode o/1 wpa attacks succeeded.I have installed kali linux 2.0 in vmware.

      ReplyDelete
    38. What a bunch of ridiculous questions!

      ReplyDelete
    39. Thanks a lot, great script

      ReplyDelete
    40. Hey lecturer I know u have plenty of comments to reply so I'll make it straight to the point.
      I can't test Wifite nor Aircrack-ng on myself because my WPS is permanently locked/there's no such button on router and no such option on router setup site.
      However I can do that to people around me, I wanna ask u about risks of using both tools on others.
      Not sure if it should be like that but when I tried to hack my network my wlan connection went down on other devices, its not much of a sign, but always something.
      Other thing is that if I connect to other's wlan I'll probably end up in their client table in their router setup site (with my mac address at least).
      So how do you defend yourself from being discovered when you hack and what else can help them in identifying me? I really wanna test this things out but don't want to get discovered.
      PS. Amazing site providing very good smooth start.

      ReplyDelete
      Replies
      1. I'm not aware of any tool that could do that. However, you could log in into the route wirelessly (if the router permits it) and delete your MAC from the dchp table.

        Delete
      2. use the --mac flag in wifite

        Delete
      3. Sorry I didn't notice this question before. It may be too late to reply, but still, it might help others:
        1) Devices are getting disconnected probably because the attack you are performing involves sending de-auth packets to all clients on that network.
        2) There are many ways to spoof your MAC. However, spoofing MAC doesn't mean that if you do something illegal (illegal enough for anyone to spend their resources on forensics) you would be untraceable. However, for most practical purposes, it's enough.

        Delete
    41. is tp link wl-725n compatible with kali linux 2.0?

      ReplyDelete
    42. Can i know how to cracking WPA2/WPA wifi pass?

      ReplyDelete
      Replies
      1. Wifite does it for you. However, blackmoreops has some good tutorials.
        https://www.blackmoreops.com/2014/03/10/cracking-wifi-wpawpa2-passwords-using-pyrit-cowpatty/
        https://www.blackmoreops.com/2014/03/27/cracking-wpa-wpa2-with-hashcat-kali-linux/

        In my website I have two tutorials, which are slower than the above methods, but much simpler-
        http://www.kalitutorials.net/2014/06/hack-wpa-2-psk-capturing-handshake.html
        http://www.kalitutorials.net/2015/10/wpawpa-2-cracking-using-dictionary.html

        Delete
    43. [!] ERROR: wifite must be run as root
      [!] login as root (su root) or try sudo ./wifite.py


      plese halp

      ReplyDelete
      Replies
      1. Use the command sudo wifite.
        If you are on some distribution other than Kali, and have downloaded the script, then use - sudo ./wifite.py

        Delete
    44. Hi all,

      When I select the number of device to put into monitor mode it enters in a loop and ask e for the number of device to put in monitor mode over and over again.
      Anyone has the same problem?

      Cheers

      ReplyDelete
      Replies
      1. Well, I found the solution so here it is:
        All you have to do is to enable monitor mode with airmon-ng start and then start wifite.

        Delete
    45. Bro i have Nexus 5 and I install nethunter on it and I started wifite attack but not showing wlan1 option plzz help me����������

      ReplyDelete
    46. My name balveer choudhary nexus 5 device comment is my plzz help me

      ReplyDelete
    47. can you write simple tutorial? i dont understand

      ReplyDelete
    48. actually im using linux kali in my virtual box and ive installed the wlan driver (compat-wireless-2010-09-01-p.tar.bz2). after that when im typing wifite command it show to choose wlan0 or wlann1. i tried both of the option but its taking a lot of time scanning the target. why is this happening? what is the problem? please replay a solution. Thank you.

      ReplyDelete
    49. I successfully cracked my WEP network with wifite, but now it doesn't show up when wifite does a scan, even when I changed the network key. Other networks still show up, just not the one I already cracked. The only way I was able to do it again was when I replicated the process from a different computer, and now it doesn't show up in wifite scans on that computer either. Is their any way to fix this? I was hoping I could practace by doing it more than once. (btw I'm using virtualbox with a usb dongle so I still see wlan0 when I type ifconfig)

      ReplyDelete
    50. after using wifite
      system shows
      scaning wireless
      available
      1)phy0 wlan0 mac.....
      2)phy1 wlan1 mac.....
      select number of devices to put into monitor mode(1-2):1
      it repeats like this
      1)phy0 wlan0 mac.....
      2)phy1 wlan1 mac.....
      select number of devices to put into monitor mode(1-2):1


      what i should do now ???

      ReplyDelete
    51. after using wifite
      system shows
      scaning wireless
      available
      1)phy0 wlan0 mac.....
      2)phy1 wlan1 mac.....
      select number of devices to put into monitor mode(1-2):1
      it repeats like this
      1)phy0 wlan0 mac.....
      2)phy1 wlan1 mac.....
      select number of devices to put into monitor mode(1-2):1


      what i should do now ???

      ReplyDelete
    52. Hi there , thanks for you tutorial more than good . I'd like to ask you , my computer isn't capturing fast enough IVs. What can I do ? Thanks

      ReplyDelete
    53. thank you for this tutorial, i succedded get the PIN and the WPA key from my neighboor wifi, but I won't to be a coward. I just want to test. and my dream is to be white hat.

      ReplyDelete
    54. Hi sir I having problem for setting up two wireless cards on my kali linux machine for wifiphisher after making my company fully secured I want to be more agressive with evil twin AP attack I cant set up two of them together one is Intel-chipset which comes built-in and the other is TP link WN-727N you can help me here Love you all be blessed and live in peace!

      http://superuser.com/questions/1177166/setting-up-two-wi-fi-cards-on-a-device-for-using-wifiphisher-on-kali-linux?noredirect=1#comment1703093_1177166

      ReplyDelete
    55. Hi, Sir! Is there a 'basic theory' that we (newbie) have to learning to before we go to the practice section? (EX : Programming Language, Network Security, etc)

      (Just like Mathematics. You have to learn [+], [-], [/], [x] till you mastered it)

      Thank you, Sir. Sorry for my bad English :) I hope you understand.

      ReplyDelete
    56. when i write the command it says index error: list index out of range. how to fix it?

      ReplyDelete
    57. hi so i typed in wifite -wep and it ran normally until it asked to select number of device into monitor mode so i typed in 2 as its a ralink wifi usb adapter and the one built in for the pi3 (broadcom) inst supported so after that it says enabling monitor mode on phy1...done and then it asks to re-enter the select number of device into monitor mode over and over again plz help

      ReplyDelete
    58. It's worth trying different WiFi channels as that can sometimes make a big difference to signal strength. Some tips to increase the range
      this site

      ReplyDelete
    59. Wifi gives rapid network and speedier correspondence where links are not possible to introduce for instance in remote territories.topwifithermostat.info jim here

      ReplyDelete
    60. Hello everyone, i would have made the biggest mistake of my life marrying my former spouse but before the marriage after i saw his link from someones else testimonial. He is a professional that specializes in exposing cheating spouse
      and every other hacking and tracking related issues.He is truly a cyber genius , he helps catching cheating spouse by hacking and tracking their communications like call, whatsapp, Facebook, text, emails, Skype and many more.if you are having doubts in your affairs and relationship please i will advise you to contact him and know if He or she is true to you.
      contact: CYBERPROFESSIONALHACKER@GMAIL.COM

      ReplyDelete
    61. How would you hack a wpa2 network?

      ReplyDelete
    62. I kind of encountered an error which was unrecognised arguments
      How do I go about it?

      ReplyDelete
    63. [!] Warning: Recommended app pyrit was not found. install @ https://github.com/JPaulMora/Pyrit/wiki
      [!] Warning: Recommended app hcxdumptool was not found. install @ https://github.com/ZerBea/hcxdumptool
      [!] Warning: Recommended app hcxpcaptool was not found. install @ https://github.com/ZerBea/hcxtools
      [!] Conflicting processes: NetworkManager (PID 447)
      [!] If you have problems: kill -9 PID or re-run wifite with --kill

      [+] Checking airmon-ng...
      [!] airmon-ng did not find any wireless interfaces
      [!] Make sure your wireless device is connected
      [!] See http://www.aircrack-ng.org/doku.php?id=airmon-ng for more info

      [!] Error: airmon-ng did not find any wireless interfaces

      [!] Full stack trace below

      [!] Traceback (most recent call last):
      [!] File "/usr/lib/python3/dist-packages/wifite/__main__.py", line 97, in entry_point
      [!] wifite.start()
      [!] File "/usr/lib/python3/dist-packages/wifite/__main__.py", line 51, in start
      [!] Configuration.get_monitor_mode_interface()
      [!] File "/usr/lib/python3/dist-packages/wifite/config.py", line 164, in get_monitor_mode_interface
      [!] cls.interface = Airmon.ask()
      [!] File "/usr/lib/python3/dist-packages/wifite/tools/airmon.py", line 310, in ask
      [!] raise Exception('airmon-ng did not find any wireless interfaces')
      [!] Exception: airmon-ng did not find any wireless interfaces

      [!] Exiting


      //THIS IS MY ERROR PLEASE HELP

      ReplyDelete
    64. https://mobile.facebook.com/mka.ra.7771?_rdc=1&_rdr

      ReplyDelete
      Replies
      1. https://mobile.facebook.com/mka.ra.7771?_rdc=1&_rdr

        Delete
    65. Another very similar legal form for business is called mini-GmbH, which is basically the same as a regular LLC in terms of limitations on shareholder liability and no restrictions on doing business. Meanwhile, this allows entrepreneurs to invest less capital when registering a company in Germany, thereby risking less money when starting a business. In fact, no minimum authorized capital is required. Instead, 25% of the profits generated by the company should be held in special reserves until the total of these reserves reaches 25,000 euros. When this happens, the company transforms into a regular LLC. Mini-GmbH allows young entrepreneurs to start their business with less capital at stake, thereby reducing risk and cost of capital until the business is successful and profitable. http://www.confiduss.com/en/info/blog/article/german-llc-application/

      ReplyDelete
    66. If you are blogger then you should know about the SEO website copywriting to understand each and everything.

      ReplyDelete
    67. Thank you for the post. I will definitely comeback. 192.168. 1.1

      ReplyDelete
    68. 192.168.1.1

      Wow great post! Thankyou for sharing the information, its very helpful.

      ReplyDelete

    69. 10.0.0.1

      10.0.0.1 is a default IP Address that is used by the Netgear and D-Link model routers.

      ReplyDelete
    70. 10.0.0.1 is a default IP Address that is used by the Netgear and D-Link model routers.

      http://router-tech.com

      ReplyDelete
    71. This website is really helpful for IP adress 192.168.1.1

      ReplyDelete
    72. Our guide explaining everything related to the 192.168.10.253 IP address ends here. We are expecting that you have extracted the maximum knowledge from this blog.

      ReplyDelete

    © Kali Tutorials, 2016. Unauthorized use and/or duplication of this material without express and written permission from this site’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to Shashwat Chaudhary and Kali Tutorials with appropriate and specific direction to the original content.
    Bitcoin: 1B5aLqJcMW7zznffTxQwta8JTZsxBDPguC