Prove your security skills by hacking your own Wi-Fi network (or others)
There are any number of legitimate reasons you might want to hack into a wireless network. You might have forgotten the password to your own network and need to find your way back in. You might be testing the strength of your network’s security to make sure it’s hard for unsavory characters to break in. Whatever your reason, there are a few methods you can use to hack into Wi-Fi, and we’re going to show them to you. Just don’t do anything sketchy with your new-found hacking prowess.
Sneakernet
Sometimes the easiest way to break into a building is to just to walk in through the front door. These are known as “sneakernet” attacks, because instead of working across a network, you literally use your sneakers to walk somewhere.
If you really want to get on a network, and no one else is around to see you do it, you can simply plug your laptop into one of the Ethernet ports on the router. Not only will you immediately connect to the network without a password, but you can work your way into the router’s settings, since most people just use the router’s default admin username and password. From there you can change or view the password, manage connections, and even add your device’s MAC address to the whitelist so you can always join that network with no issues.
A lot of modern routers are often equipped with a feature called Wi-Fi Protected Setup, or WPS. If it’s enabled, it will allow you to join a wireless network simply by attempting to join from your device, then pressing an access button on the router and holding it until your system is connected. From here on out, you won’t have to enter a password to get onto the network, the router will automatically recognize your computer or device.
Getting sneaky
In most cases, you’re not going to be able to sit down next to the router for a few minutes with a laptop, but there are other options. If you just need Internet access and don’t care what network you get it from, you can use a method called “wardriving” where you simply drive (or walk, or bike) around looking for unsecured wireless networks.
If that isn’t quite what you’re hoping for, the good news is that many people still use WEP as a network security method, and it’s notoriously easy to crack. The downside is that the tools used for such cracking can themselves cause trouble for your system, since you may have to download them from less than reputable sources.
One solution is a lightweight Linux distribution, PHLAK, designed for testing the durability of a network. It is easily run from a CD or USB drive. Staying away from your own hard drive allows you to use software without leaving any trace of it at all on your system, as well as protecting your personal information.
Once you have PHLAK burned and mounted to a USB drive, simply restart your computer to boot into the temporary operating system. Once inside, you’ll find a number of tools and scripts that will help you test the security of your network.
Bash the door down
If none of the sneakier methods of getting onto a wireless network seem to be doing the trick, you can always use what hackers call “brute force” to pull it off. It’s the computing equivalent to your friend asking you to guess what number they’re thinking of, and you guessing 1, and then 2, and then 3, and so on until you get it right.
There are a few drawbacks to this method of hacking into a network. The first is that it requires a lot of processing power, and a lot of time. Your computer will have to run through a dictionary of words and phrases, permuting them as it goes and trying every combination until one takes.
Strong password construction can easily get in the way of this process, or at least make it unfathomably time-consuming. While text-only passwords are common, and make it easier to get in because of the reduced number of possible characters, a full alphanumeric password with no discernible words and punctuation can make brute forcing near impossible.
It’s also important to note that this sort of attack is very vulnerable to detection. Most modern routers that receive too many wrong passwords from a single source will automatically deny any attempts after that for a long period of time. If it’s an office or professional network, chances are a network administrator will also be warned of the possible attack.
No comments:
maheshcyberadvisor@gmail.com