Fern is a python based Wi-Fi cracker tool used for security auditing purposes. The program is able to crack and recover WEP/WPA/WPS keys and also run other network based attacks on wireless or ethernet based networks. The tool is available both as open source and a premium model of the free version. In this article we’ll be demonstrating a WPA dictionary attack using the open source version. You can check the link to download it here.
First step is to launch the tool.
If you have installed all of the requirements mentioned, you’ll be able to see
the following screen.
Now, here in the first option, the user can select the wireless interface from the drop down menu. Here, we have selected the Wlan0 interface. As you can see that fern here has automatically put the Wlan0 interface on monitor mode.
Monitor Mode: NIC cards by default are designed to only capture packets that are destined to be reached to a specific device. Monitor mode is essentially a promiscuous mode for wireless networks that allows Wi-Fi adapters to capture Wi-Fi management, data and control packets without having to associate with that access point first. Hence, by definition we can understand that raw pcap files can be captured by a wireless adapter in monitor mode and can be used for auditing and/or hacking purposes.
Once we have chosen the interface,
we’ll need to scan for access points now.
Here, observe that we have scanned a total of 18 access points.
Access Point: It is a
device that sends out wireless signals. Essentially the internet connection
from a router runs down to an access point and allows users to access the
internet using IEEE 802.11 protocol (commonly known as Wi-Fi). In our day to
day usage scenario, we have a Wi-Fi router set up at home which also serves as
a wireless access point.
SSID: Service Set
IDentifier is the name given to an access point for simplicity.
Launching the attack: Now
we can click on the discovered access point, choose a dictionary file and click
on launch attack with our chosen dictionary. It is that simple! As you can see
that we have a matched credential and received the SSID password down below.
Please note that this program is
only able to crack WPA/WEP/WPS keys only. For tools that work on stronger
encryption like WPA2 please refer to the latest article on wireless penetration
testing on Hacking Articles. Thanks for reading.
0 comments:
Post a Comment