How it works: (if I'm not mistaken) he simply collects some packages and then starts a list attack. Means he tries a thousand passwords from a txt-file. :/

it's nice, you have no screen recorder :D but you took it legit and had music in the background

right, i'm trying to crack my own access point, so my access point has two separate names like: Accesspoint 1234, and it's encrypted in WPA, what do i need to put before, between or after these words in order to get a handshake?

I would flag this, but it's informational, it's something I'm interested in, and it might help improve future security measures if the creators see how this hack is done. Have fun while you can ;)

How secure is a 32 character password with numbers?

@mikendog it will take no more then a minute to aircrack-ng

@mikendog

i want your help///can you hack this wifi

OTE866fe0

@TheNekropolitis yes, he can if your network is in range to his wifi antenna

damn it im still downloading backtrack... i sooo want to play xbl with my hacked network lol

noob

is it a dictionary attack???

If the password is a mobile number so if the number is only if it is in the dictionary then only it will work right??

you stupid MF if I wanted music i'll look for that. Expalin the damn thing.

whats the a good cheap usb router to use that is fully compatible for injection and stuff? i know the site has them all, but which one should i get?

What do i have to press after typing "airodump-ng -w test ath0"? After that step i can't go on writing. And then my pc shuts down...

the link is dead

you can hack wpa/wpa2 but u can give us a shit good video

Creating a fake MAC address doesn't make you unidentifiable (if there is such word in English :D).

Nope but it sure makes it harder to be traced. In windows you can mac spoof you connect to a network it logs your mac address and that is the only trace

@rbaleksandar incognito?

Usually penetrating into something (in our case wlan with wpa) goes along with staying undetected. This methode doesn't provide this. Imagine that your neighbour suddenly decides to check where packages are going and coming from. :D

were do i get backtrack v3

google

no se entiende

oh yay much skill another dictionary program.

I would hope that people using WPA2 encryption would have a better passphrase, like say a 256-bit hex key, than a single word :/

no, it's fun, to hack them :)

because you use a dictionary and brute force?

no its not its simple wireless if you know what your doing any wireless takes only 1omins at max to hack. if your good it takes 5 mins. depends on your connection and how long it takes to capture the password

noooob

without having somone online in the net you dont have a chance.. right?

@Freizeitschranzer yes, because they dont send any packets, u see, when someone is connected to the internet he is constantly receiving and sending packages. this packages contain the wep key but encrypted, aircrack-ng decrypts it but it needs at least 20k+ packets. dont worry, 20k+ packets are easily reached when someone is surfing on the internet. greetz

@Freizeitschranzer sometimes the network sends out a few packets for some reason, you only need 4 packets to crack wpa. If it doesn't send packets you would only need the client to browse a few web pages.

thanks so now we all know your password lol

you shouldnt use airodump-ng with the write option until you've specified BSSID, well it wont hurt but it's of no use neither

english isn't the only language on the internet. welcome to earth.

if you can read, there is a english pdf online... yfi

hi! i can't read it well... can you send me the link of your english pdf? thanks in advance.....

Its in the fucking description

@ghosti66 lmao

@Timb0NZ dont be a fucken nazi

What about?! Strong password, something like "][5643][d[rfo/.,,'l\=_3+"

You know that you'll never find it!!

dam why did you wrote my password , know ive got to change it thanks a lot

@dccdvb it could take years with brute force. letters only is easiest, numbers make it considerably more time consuming also.

where is the link?

why is it that everyone who ever posts one of these videos is EXTREMELY FUCKING SLOW AT TYPING>?!??!??!

skiddie anyone?

you ever thought that mab its to save time for the person using the video to be able to read it with out having to pause all the time ???

Its probably so every can read it smart one

you can't see anything...

RedVirus80, as you can see the ethernet adapter is ath0, which means definitely not Intel, but most probably Atheros ;)

Yeah this works Reeaal great if your target uses something like BARTHOLOMEUS for a passkey. yeah no numbers or anything and wow, it didnt take a millenium to brute force something like it actually would in real life, provided you had a neverending database to search from as well.

I followed all the commands to the letter, The only problem is that I can't generate any packets!! and no packets mean no I'vs im 10 feet away from the networks. The Network names are (2wire) I get alot of beacons but no data. No data means no Ivs. Oh, and I have to do it the slow way cause my card is not supported. Please help. You will fall into my good graces if you help me.

i have wpa2 psk and i cant crack it ;) i guess i'm secured alright

lol he cant even type the commands correctly.

this video only show for you and nothing for the people take out you video crack wpa you no good teacher dont show nothig

next time make sure your video is clear

hey i like your video but i need your help with some commands when you type aircrack-ng -0 x2 -w then the next words i can seet it thanks for your help and you time to explain

What's the muzic dudet?

LOL 150 PACKS AND HACKK ZUHAHAHA

When i type in " aireplay-ng -1 0 -a (BBSID) -h 00:11:22:33:44:55 - (EESSID)

I get this massege:

Waiting for beacon frame (bbssid: on channel 10

sending authentication request (open system [ACK]

AP rejects the source MAC address (00:11:22:33:44:55) ? Authentication failed (code 1)

What can i do ?

Hey thats when you want to authenticate for injections for wep

use want to boot a client so when it logs back on you receive the HANDSHAKE from there you will run aircrack with your wordlist to crack it

aireplay-ng -0 5 -a 00:00:00:00:00 -c 00:00:00:00:00 ath1

-0 de auth (5) how many times to want to send

-c will be a client thats already on the bssid

ath1 is the wifi device your useing(might be diffrent)

can u tell me what's cause to start a wifi0 after command such as stop ath0.

WPA is using two card, isn's right?

airmon-ng start wifi0

and no just one card not 2

this video is done most likely with a onboard intel card

sweet job, i bet you planted the Valid KEY though ? in an actual attack it can take many days if not weeks to crack with a very large dictionary (mine is about 4,6 GB)

Sitecom cards are they compatible?

hy , i waiting for 20 minuts and my pack ivs is soo small 150 pack , and to you in 2 second the your data is 10000000 , why ?

because the w.modem is right next to him ;)

Why?!

You tube shows u how for FREE !!!! OMG for FREE !

good... have fun with your brute force..

that song pwnz

niccccceeeeeeeeeeeeeeeeeeeeeee­

i use ediamax (reltek rausb0/rt73) and it rocks as got the external antenna on roof and can get about 30-40 AP's !! (depending on weather) with about 400 packet rate (injection)

LOL, nice, thankfully i dont live near you, or i would need a radius server.

what USB adapter ,with atheros chipset ,do you USE ??

You don't ;)

Atheros USb do NOT work. Now learn to GooGle !

neet, but only an idiot would choose a dictionary word as their WPA PSK

damn, I totally agree with you. This video is bullshit

how put the dictionary in the live cd backtrack i dont know please help me i download the dictionary but i dont know how put into the live cd need comand

use a  usb flash ...

mount it like

mkdir usb

mount /dev/sda1 /usb

google will help you how to use a USB Flash Drive in linux.

impossible to crack it with only 187 data!!

you don't need data to hack a WPA.

WPA is NOT WEP !

You need only a Handshake... rtfm.. Good Luck

lol, utube4evernever, you have no clue what you're talking about.

why say celly and no back track why can i download this celly crack from your webside please helpe where is the dictionary o worldlist i cant do it help please

that is the current user logged in.

hmm i will change mine to wpa2 with 16 keys seeing how when i check my network theres another pc thats always connected its realy irratating that they managed to hack the wpa hey i have en i think its a loner who lives a few doors down

wpa2 in uncrackable if set up right, with at least 16 characters (using special characters as well)

thnx ghosti66 :)) i will buy netgear wg111v2

thnx man :)

1) WHICH USB-CARDS IS COMPATIBLE WITH BACKTRACK 3?

2) I HAVE BACKTRACK BUT FROM WHERE CAN I DOWNLOAD AIREPLAY-NG AND AIRCRACK? ( i dont know if is allredy on backtrack)

3) AND HOW CAN I INSTALL THEM?

i wait ur answer

THNX

1) I dont know. I working only with PCMCIA Atheros Cards. (Read my website)

2)you don't need to download anything. all is included in backtrack (watch my video)

3) you don't need to install. It is a live CD. (read the comments)

just buy a cheap wg111 v2 pcmcia card on ebay is like 5 bucks i have a belkin wireless G plus mimo usb network adapter and it works with bactrack 3 final

Hi,

isn't so simple. If the router has the filter on mac address and the DHCP off, you sucks. You need to discover the MAC and the subnet.

Ha ha if you can't figure that out then I doubt backtrack will of much use to you. You have to also keep in mind that most people just use the default setup, and if they do use encryption they don't go as far as to use static IP's

Yeah, many ppl use the default config and crap password to protect the wifi connection. But if you set your router with the right parameters and use a 63 chars passphrase on wpa2-aes proto, is impossible to break. I tried to crack my wifi using btack and airo*** for days, result: failure.

Cya.

true

hey ive tried and had no luck with cracking the wpa near my place...was wondering if i can send u the capture file and you doing the honours for me,maybe you have luck because i left my password list running for few days but no luck..plz help

ich find dein video klasse ;)

was meinst.. 22 zeichen wpa-tkip passwort.. wie lang braucht man für sowas ca ?

.. bin bisschen paranoid *lol*

do you have to be online to do this hacking?

damn, so many hackers around, and they all do what others did before. great job dude.

:-) thnx

it was sarcasm, man.

xD xD jaja

Den ganzen Tag scheisse erzählen kann jeder. Aber es mal besser machen ? Dafür hat wohl keiner richtige Eier! Man muss langsam aufpassen , ob man der Menschheit etwas Wissen weitergeben will. Man wird von allen Seiten angepisst, aber wenn es darum geht, was anzupacken, dann haben alle die Hosen voll. ha ha ha . Ne grosse Klappe haben, das kann ja wohl jeder.

Ok, hab es eingesehen. Du bist schlichtweg der bessere.

are you a uber pr0 l33tz0r pwnz0r 1337 h4xx0r?

Can i ask you for a favor ? the hole time you write bad things about other people posts, why you dont make a video better then i ? should i tell you why ? ? . . .

i am not understand your video its not clear and dont have details? you canot make it better? sorry but thanks.. chao

Exactly. WPA2 with a strong 72 character password is virtually uncrackable, no matter what.

try to hack a key like %7As$_$HiT. it will never find the word if the password is well chosen

You do know this is possible with multiple computers (PS3 cluster anyone?)

you can use each cluster (i read somewhere). But the Chance to hack is not very big. remember: TKIP not AES , Simple Password from a directory ...

auditor and backtract are awsome!

so remember: never use a word from a dictionary

Right man!

fuck i can't not see ur video clearly

RTFM ! w w w . s e m t e x . c h !

still 8 characters , I mean if aircrack gets the handshake and tries every combination on a

keyboard with brute force Im pretty sure it can

crack in maybe even a month I mean 8 characters

is nothing , 50 is a lot of combinations that

might take 316 years, some people use wpa but they use dictionary words , thats easy.

nice video! i cracked my mates wpa in minutes! btw whats that song called?

Good job !  :-) freestylers weekend song... you can find it in youtube.

plz can u send me a link where i can download that program backtracker:p later homie

it's not a program it's a Linux distro

nice ghosti , I just got backtrack 3 and with spoonwep haacking wep has never been so easy,

but do you think my wifi is secure with WPA 2 AES with a 50 character number , letter and mixed symbol password , Im pretty sure thats unchrackable, but spoonwep fragmentation and forge attack seems to be the fastest.

To hack a WPA2 AES 8 characters Password with Bruteforce methode you need a core2duo 3 Ghz and 316 years... so with 50 characters you are very safe. Take care that you cant find the password in a dictionary.. mix it with numbers and characters and special characters like +! etc... then you are safe for sure.

8 characters in 316 years , Im pretty sure with all the combinations done with only 8 characters it should be way shorter, if thats true it would take a trillion years to get mine.

but in 10 years I bet they are going to find a fast wpa cracking program and then we would need another source of encryption.

at this time a core2Duo with 3 GHz crack 420 key/s ... so you need 316 years... no way shorter... but ur right... maybe in 10 years new programs , new technology... then maybe ... for now you are safe.

ghost, in order to capture the 4way handshake i take it you need a client associated with the AP. What if there was no client associated at the time of crack? Is it still possible? Could you use aireplay fakeauth and deauth to replicate the 4way handshake yourself?

no chance without a real connected client. sorry

I'm good with this up to the next to the last

entry. I have backtrack 3, where do I get

the Dictionary File in backtrack? I downloaded

en-us.dic but don't know how to use this file

with backtrack 3

thanks

RTFM ! You can download a Step by Step howto written in german and in English on my webpage! w w w . s e m t e x . c h

thats why WPA2's with a key thats just weird and uncommon are so secure. i wish there was a better way to crack WPAs then a fucking wordlist

Right man!

Dude why did you not keep playing the ff7 sephiroth song at the begining oh well good video anyways thanks.

Well, i thing i was to slow to click Record :-)

i am the one, who think "so simple as you can". in this case it means , there was a laptop next to me on which one i play the music and my Cell Phone records the video and the tone from the speakers ... i dont like video editing. simplest way. btw. thnx for the compliment.

has anyone cracked a WPA/WPA2 without faking it ? When i say faking, i mean without "implanting" the key in the dic/wordlist !! of there own access point (AP)

hi Jack... yes ... one ... on guy write on my blog he has cracked the neighbourhoods internet Axx.

is that done on an eee?

same wlan card,

celly = celleron?

good video, good to see you showed how to enter monitor mode.

rtfm on w w w . s e m t e x . c h

there you can find a english howto.

celly is my name... :-)

Do you need to install the BT3 beta, or can it work off the live CD to crack WPA?

live CD is ok. works fine.

My liveCD BT3 did not include a wordlist that I know of (however if you find one on the .iso in your future endeavors, please tell me) so you may want to download one before you burn the disk.

Nah you don't need to install it for it to work. I use the USB version and I can still use airodump-ng, aireplay-ng, and aircrack-ng etc. I'm pretty sure that the same applies for the CD version.

(password starting with 'B'). Do you "hacked" your own wireless network? pretty easy, ha?

...sure!

lol, im really new to linux, like a complete newbe and took 2 days to figure out how to install it correctly with all the drivers working and all (and thats with ubuntu :() anyway, anyone know some tutorial that will help me get used to linux? im only 13 but i learn pretty damn fast with a 4.02 and have way to much interest in computers :)

well you can read tons of tutorials and ebooks but this will not help you at all... all that i can suggest you is: "keep trying"

Read the howto in on my webpage

w w w . s e m t e x . c h

It's not in english!

it is! Read the first line written : Click here to download the english version... open your eyes ;-)

Sorry for that. My mistake (-: .

By the way, what's the song?

reopen your eyes again and read the comments... this one is from Freestylers weekendsong. you can find it in youtube. :-) tc

Perhaps I'm mistaken, but isn't this only for WPAK TKIP (i.e. WPA 1), and not WPA AES (i.e. WPA 2) as the title suggests?

Also, someone else posted a video ( watch?v=49twamB180o )where they use a USB Wireless card??!! I thought the Mad drivers don't support that?!

( I would love to use HawkingTech's HWDN1 !)

it is written in the howto.... only TKIP! rtfm. usb ? i hate it. i dont know how it works over usb.

you can use every .dic file

can is work even with (MAC) Media access control??

sure. rtfm

ps chek-out my vidz

thanks !

all very well using a complicated WPA key but you have to remember ppl are lazy and want a passphraze they can remember !!

after all "12345678" is simpler than !@#$%^&*H&^%&%^&%^& ay ?

one in english

whats link? to download ? the Backtrack?

you dont know google ? search it !

remote exploit backtrack

Nice vid, although it would be even better if it wasn't out of focus.

Anyways, what's the music? Me wanna...

Yes ... was a Cell phone... The Music ? Freestylers - Weekend Song (search in youtube...) you will get it.

If you wanna see youtube in hi rez add this code to the end of the url in your browser.

&fmt=18

Yeah this is hacking his own AP but it's just to prove that even WPA isnt secure!! obviously IF you know what WPA is, then your clued up 2 know that you wouldnt use WEP & it is useless & would use a key that isnt in a dictionary ..... OBVIOUSLY.... & use a very strong alphanumeric passpharase, OR proper WPA key

you told me nothing new...

how did you get the texting thing back after -airodump-ng -w test ?????

I believe if you deauthenticate a host when they recconect you can intercept a "handshack" between the host and wireless network. Then you can crack it i never tried if i might be wrong but if it did work i bet it would be faster:)