Your intensions when cracking a Wi-Fi password are no doubt noble—we trust you—so here's how to do it.
Chances are you have a Wi-Fi network at home, or live close to one (or more) that tantalizingly pops up in a list whenever you boot up the laptop.
The problem is, if there's a lock next to the network name (AKA the SSID, or service set identifier), that indicates security is activated. Without the password or passphrase, you're not going to get access to that network, or the sweet, sweet internet that goes with it.
Wifi Password Recovery PRO 2 Crack + APK Free Download Wanted to connect to your unit that is brand new or desired to use your wifi however you don’t keep in mind the password. Now don’t worry, we shall fetch your password which used for connecting with wifi network. WiFi WEP WPA WPA2 WPS Cracker Software. With Portable Penetrator you can recover WiFi Passwords WEP, WPA, WPA2, and WPS PINs. This way you can secure your WiFi network and make sure attackers can not break in with WPA Cracker software. Most powerful user friendly WiFi Security Recovery Software & WPA Cracker Capability.
Perhaps you forgot the password on your own network, or don't have neighbors willing to share the Wi-Fi goodness. You could just go to a café, buy a latte, and use the 'free' Wi-Fi there. Download an app for your phone like WiFi-Map (available for iOS and Android), and you'll have a list of over 2 million hotspots with free Wi-Fi for the taking (including some passwords for locked Wi-Fi connections, if they're shared by any of the app's 7 million users).
SEE ALSO: The Best Cheap Internet and Hotspots for Students
However, there are other ways to get back on the wireless. Some require such extreme patience and waiting that the café idea is going to look pretty good. Read on if you can't wait.
Windows Commands to Get the Key
This trick works to recover a Wi-Fi network password (aka network security key) only if you've previously attached to the Wi-Fi in question using that very password. In other words, it only works if you've forgotten a previously used password.
It works because Windows 8 and 10 create a profile of every Wi-Fi network to which you attach. If you tell Windows to forget the network, then it also forgets the password, so this won't work. But most people never explicitly do that.
It requires that you go into a Windows Command Prompt with administrative privileges. To do so, use Cortana to search for 'cmd' and the menu will show Command Prompt; right-click that entry and select 'Run as administrator.' That'll open the black box full of white text with the prompt inside—it's the line with a > at the end, probably something like C:WINDOWSsystem32>. A blinking cursor will indicate where you type. Start with this:
netsh wlan show profile
The results will bring up a section called User Profiles—those are all the Wi-Fi networks (aka WLANs, or wireless local area networks) you've accessed and saved. Pick the one you want to get the password for, highlight it, and copy it. At the prompt below, type the following, but replace the Xs with the network name you copied; you only need the quotation marks if the network name has spaces in it.
netsh wlan show profile name='XXXXXXXX' key=clear
In the new data that comes up, look under Security Settings for the line 'Key Content.' The word displayed is the Wi-Fi password/key you are missing.
On macOS, open up the Spotlight search (Cmd+Space) and type terminal to get the Mac equivalent of a command prompt. Type the following, replacing the Xs with the network name.
security find-generic-password -wa XXXXX
Reset the Router
Before you do a full router reset just to get on the wireless, try to log into the router first. From there, you can easily reset your Wi-Fi password/key if you've forgotten it.
Hack Wifi Password Mac
That's not possible if you don't know the password for the router, either. (They're not the same thing unless you set it up that way). Resetting the router only works if you have access. That access could be over Wi-Fi (which we've just established you don't have) or physically utilizing an Ethernet cable.
Or that access can simply be that you are in the same room as the router. Almost every router in existence has a recessed reset button. Push it with a pen or unfolded paperclip, hold it for about 10 seconds, and the router will reset to the factory settings.
If you've got a router that came from your internet service provider (ISP), check the stickers on the unit before a reset—the ISP might have printed the router and Wi-Fi key right on the hardware.
Once a router is reset, you need another password (plus a username) to access the router itself. Again, you can do this via a PC attached to the router via Ethernet—you'll need that since the reset probably killed any potential Wi-Fi connection you had going in. The actual access is typically done with a web browser.
The URL to type is either 192.168.1.1 or 192.168.0.1, or some variation. Try them randomly; that generally works. To figure out which one, on the PC connected to the router, open a command prompt and type 'ipconfig' without the quotes. Look among the gobbledygook for an 'IPv4 Address,' which will start with 192.168. The other two spaces, called octets, are going to be different numbers between 0 and 255. Note the third octet (probably a 1 or 0). The fourth is specific to the PC you're using to log into the router.
In the browser, type 192.168.x.1, replacing the X with the number you found in the ipconfig search. The 1 in the last octet should point at the router—it's the number one device on the network.
At this point, the router should then ask for a username and password. You can check your manual, but you probably lost it or threw it away. So instead, go to RouterPasswords.com, which exists for one reason: to tell people the default username/password on every router ever created.
You'll need the router's model number, but that's easy enough to find on the back or bottom. You'll quickly see a pattern among router makers of having the username of admin and a password of password. Since most people are lazy and don't change an assigned password, you could try those options before hitting the reset button. (But c'mon, you're better than that—change the password when you access the router's settings via your web browser.)
Once you've accessed the router interface, go to the Wi-Fi settings, turn on the wireless networks, and assign strong but easy-to-recall passwords. After all, you don't want to share with neighbors without your permission.
Make that Wi-Fi password easy to type on a mobile device, too. Nothing is more frustrating than trying to get a smartphone on Wi-Fi with some cryptic, impossible to key-in-via-thumbs nonsense, even if it is the most secure.
Crack the Code
You didn't come here because the headline said 'reset the router,' though. You want to know how to crack the password on a Wi-Fi network.
Searching on 'wi-fi password hack,' or other variations, nets you a lot of links—mostly for software on sites where the adware and bots and scams are pouring like snake oil. Download them at your own risk, for Windows PCs especially. It's best to have a PC that you can afford to get effed up a bit if you go that route. I had multiple attempts with tools I found just get outright deleted by my antivirus before I could even try to run the EXE installation file.
You could create a system just for this kind of thing, maybe dual-boot into a separate operating system that can do what's called 'penetration testing'—a form of offensive approach security, where you examine a network for any and all possible paths of a breach. Kali Linux is a Linux distribution built for just that purpose. You can run Kali Linux off a CD or USB key without even installing it to your PC's hard drive. It's free and comes with all the tools you'd need to crack a network. It even now comes as an app for Windows 10 in the Windows App Store! If you're only after a Wi-Fi network, the Wifislax distro is a Live CD targets them directly.
If you don't want to install a whole OS, then try the tried-and-true tools of Wi-Fi hackers.
Aircrack has been around for years, going back to when Wi-Fi security was only based on WEP (Wired Equivalent Privacy). WEP was weak even back in the day and was supplanted in 2004 by WPA (Wi-Fi Protected Access).
Aircrack-ng—labeled as a 'set of tools for auditing wireless networks,' so it should be part of any network admin's toolkit—will take on cracking WEP and WPA-PSK keys. It comes with full documentation, but it's not simple. To crack a network you need to have the right kind of Wi-Fi adapter in your computer, one that supports packet injection. You need to be comfortable with the command line and have a lot of patience. Your Wi-Fi adapter and Aircrack have to gather a lot of data to get anywhere close to decrypting the passkey on the network you're targeting. It could take a while. Here's a how-to on doing it using Aircrack installed on Kali Linux. Another option on the PC using the command line is Airgeddon.
If you prefer a graphical user interface (GUI), there is KisMAC for macOS. It's mainly known as a 'sniffer' for seeking out Wi-Fi networks. It's the kind of thing we don't need much of these days since our phones and tablets do a pretty good job of showing us every Wi-Fi signal in the air around us. But, it can crack some keys with the right adapter installed. Also on the Mac: Wi-Fi Crack. To use those, or Aircrack-ng on the Mac, you need to install them using MacPorts, a tool for installing command-line products on the Mac.
Cracking the much stronger WPA/WPA2 passwords and passphrases is the real trick.
Reaver-wps is the one tool that appears to be up to the task. You'll need that command-line comfort again to work with it. After two to 10 hours of brute force attacks, Reaver should be able to reveal a password... but it's only going to work if the router you're going after has both a strong signal and WPS (Wi-Fi Protected Setup) turned on. WPS is the feature where you can push a button on the router, another button on a Wi-Fi device, and they find each other and link auto-magically, with a fully encrypted connection. It's also the 'hole' through which Reaver crawls.
(Even if you turn off WPS, sometimes it's not completely off, but turning it off is your only recourse if you're worried about hacks on your own router via Reaver. Or, get a router that doesn't support WPS.)
Hacking Wi-Fi over WPS is also possible with some tools on Android, which only work if the Android device has been rooted. Check out Wifi WPS WPA Tester, Reaver for Android, or Kali Linux Nethunter as options.
Next Article
Last week's feature explaining why passwords are under assault like never before touched a nerve with many Ars readers, and with good reason. After all, passwords are the keys that secure Web-based bank accounts, sensitive e-mail services, and virtually every other facet of our online life. Lose control of the wrong password and it may only be a matter of time until the rest of our digital assets fall, too.
Take, for example, the hundreds of millions of WiFi networks in use all over the world. If they're like the ones within range of my office, most of them are protected by the WiFi Protected Access or WiFi Protected Access 2 security protocols. In theory, these protections prevent hackers and other unauthorized people from accessing wireless networks or even viewing traffic sent over them, but only when end users choose strong passwords. I was curious how easy it would be to crack these passcodes using the advanced hardware menus and techniques that have become readily available over the past five years. What I found wasn't encouraging.
First, the good news. WPA and WPA2 use an extremely robust password-storage regimen that significantly slows the speed of automated cracking programs. By using the PBKDF2 key derivation function along with 4,096 iterations of SHA1 cryptographic hashing algorithm, attacks that took minutes to run against the recent LinkedIn and eHarmony password dumps of June would require days or even weeks or months to complete against the WiFi encryption scheme.
What's more, WPA and WPA2 passwords require a minimum of eight characters, eliminating the possibility that users will pick shorter passphrases that could be brute forced in more manageable timeframes. WPA and WPA2 also use a network's SSID as salt, ensuring that hackers can't effectively use precomputed tables to crack the code.
That's not to say wireless password cracks can't be accomplished with ease, as I learned firsthand.
I started this project by setting up two networks with hopelessly insecure passphrases. The first step was capturing what is known as the four-way handshake, which is the cryptographic process a computer uses to validate itself to a wireless access point and vice versa. This handshake takes place behind a cryptographic veil that can't be pierced. But there's nothing stopping a hacker from capturing the packets that are transmitted during the process and then seeing if a given password will complete the transaction. With less than two hours practice, I was able to do just that and crack the dummy passwords 'secretpassword' and 'tobeornottobe' I had chosen to protect my test networks.
Brother, can you spare a deauth frame?
To capture a valid handshake, a targeted network must be monitored while an authorized device is validating itself to the access point. This requirement may sound like a steep hurdle, since people often stay connected to some wireless networks around the clock. It's easy to get around, however, by transmitting what's known as a deauth frame, which is a series of deauthorization packets an AP sends to client devices prior to it rebooting or shutting down. Devices that encounter a deauth frame will promptly rejoin an affected network.
Using the Silica wireless hacking tool sold by penetration-testing software provider Immunity for $2,500 a year, I had no trouble capturing a handshake established between a Netgear WGR617 wireless router and my MacBook Pro. Indeed, using freely available programs like Aircrack-ng to send deauth frames and capture the handshake isn't difficult. The nice thing about Silica is that it allowed me to pull off the hack with a single click of my mouse. In less than 90 seconds I had possession of the handshakes for the two networks in a 'pcap' (that's short for packet capture) file. My Mac never showed any sign it had lost connectivity with the access points.
I then uploaded the pcap files to CloudCracker, a software-as-a-service website that charges $17 to check a WiFi password against about 604 million possible words. Within seconds both 'secretpassword' and 'tobeornottobe' were cracked. A special WPA mode built-in to the freely available oclHashcat Plus password cracker retrieved the passcodes with similar ease.
It was the neighborly thing to do
Cracking such passcodes I had set up in advance to be guessed was great for demonstration purposes, but it didn't provide much satisfaction. What I really wanted to know was how much luck I'd have cracking a password that was actually being used to secure one of the networks in the vicinity of my office.
So I got the permission of one of my office neighbors to crack his WiFi password. To his chagrin, it took CloudCracker just 89 minutes to crack the 10-character, all-numerical password he used, although because the passcode wasn't contained in the entry-level, 604 million-word list, I relied on a premium, 1.2 billion-word dictionary that costs $34 to use.
My fourth hack target presented itself when another one of my neighbors was selling the above-mentioned Netgear router during a recent sidewalk sale. When I plugged it in, I discovered that he had left the eight-character WiFi password intact in the firmware. Remarkably, neither CloudCracker nor 12 hours of heavy-duty crunching by Hashcat were able to crack the passphrase. The secret: a lower-case letter, followed two numbers, followed by five more lower-case letters. There was no discernible pattern to this password. It didn't spell any word either forwards or backwards. I asked the neighbor where he came up with the password. He said it was chosen years ago using an automatic generation feature offered by EarthLink, his ISP at the time. The e-mail address is long gone, the neighbor told me, but the password lives on.
No doubt, this neighbor should have changed his password long ago, but there is a lot to admire about his security hygiene nonetheless. By resisting the temptation to use a human-readable word, he evaded a fair amount of cutting-edge resources devoted to discovering his passcode. Since the code isn't likely to be included in any password cracking word lists, the only way to crack it would be to attempt every eight-character combination of letters and numbers. Such brute-force attacks are possible, but in the best of worlds they require at least six days to exhaust all the possibilities when using Amazon's EC2 cloud computing service. WPA's use of a highly iterated implementation of the PBKDF2 function makes such cracks even harder.
Besides changing the password every six months or so and not using a 10-digit phone number, my neighbors could have taken another important step to improve their WiFi security. WPA allows for passwords with 63 characters in them, making it possible to append four or five randomly selected words—'applesmithtrashcancarradar' for instance—that are easy enough to repeat to guests who want to use your wireless network but are prohibitively hard to crack.
Yes, the gains made by crackers over the past decade mean that passwords are under assault like never before. It's also true that it's trivial for hackers in your vicinity to capture the packets of the wireless access point that routes some of your most closely held secrets. But that doesn't mean you have to be a sitting duck. When done right, it's not hard to pick a passcode that will take weeks, months, or years to crack.
Wifi Password Cracker For Mac Os X Download
With odds like that, crackers are likely to move onto easier targets, say one that relies on the quickly guessed 'secretpassword' or a well-known Shakespearean quote for its security.