Master WPA/WPA2 password cracking using aircrack-ng. Dictionary attacks on captured handshakes. Learn to assess wireless network security through hands-on exploitation.
Aircrack-ng is a complete suite of tools to assess WiFi network security. It focuses on different areas of WiFi security including monitoring, attacking, testing, and cracking. The suite includes tools for capturing packets, deauthenticating clients, creating fake access points, and most importantly, cracking WEP and WPA/WPA2-PSK keys using captured handshakes.
Use airodump-ng to capture the 4-way WPA handshake when a client connects
Choose a password dictionary (e.g., rockyou.txt with 14M+ passwords)
Run aircrack-ng with the capture file and wordlist
aircrack-ng -w rockyou.txt -b [BSSID] capture.capAircrack tests each password until a match is found (can take hours/days)
Test passwords from a pre-compiled wordlist (fast but limited coverage)
Try all possible character combinations (thorough but extremely slow)
Apply transformation rules to wordlist entries (e.g., l33t speak)
Combine wordlist with character masks for better coverage
Cracking time depends on password complexity and computing power. A GPU-accelerated tool like Hashcat can crack passwords 10-100x faster than CPU-based aircrack-ng. Weak 8-character passwords can be cracked in hours, while strong 16+ character passwords could take centuries.