How to Check Wi-Fi for Security
Wi-Fi technology is a very convenient thing. Isn’t it cool to pay for one internet service that covers all your devices at home? It is also very convenient to transmit information via Wi-Fi over a local network without a wired connection.
Naturally, having brought home a brand-new Wi-Fi router, we don’t really think about security, because we want to connect everything as soon as possible and enjoy our purchase.
However, among ordinary users, few people know that Wi-Fi networks have many vulnerabilities that a hacker can use to get a password from the network without much effort.
As a result, having access to the private network, the hacker can engage in phishing, interception and substitution of traffic, and many other undesirable activities. All that is required is a laptop with a Wi-Fi module and Kali Linux installed. And, of course, some knowledge of hacking, which we will now provide you with.
How to protect your Wi-Fi. Read our guide here.
What tools are needed?
The first and most important thing is a laptop with a built-in Wi-Fi module. Naturally, you can use a PC, but for this, it must necessarily have a Wi-Fi module.
Next, Kali Linux is needed for convenience. We are sure that you have known for a long time what Linux itself is. But what is Kali Linux?
In a nutshell, this is one of the OS families based on the Linux kernel, which was created in 2006 and is still being updated. The creators are Max Moser and Mati Aharoni. The true purpose of the operating system is to conduct information security tests.
For greater convenience, the system has a lot of built-in modules, each of which has its own purpose. So, the module package includes tools for spoofing, traffic interception, password recovery by their hashes, and much more.
Kali Linux is designed to conduct cybersecurity tests, although it can also be used as a good hacking tool. In principle, many hackers just use Kali Linux as a multifunctional hacker tool.
Sadly, however, it reminds us of the story of the Tor Browser, which was originally developed as a tool for accessing a decentralized anonymous network, only after draining the sources, the Dark Net and Deep Web were born.
Is Tor a secure and safe tool to use? Find out more here.
Now we are not talking about the “onion browser,” but about the operating system, which everyone interested in cybersecurity should know about. It should be noted that the user does not have to install Kali Linux on the hard disk since it can be operated from a USB flash drive.
What’s the difference between the Dark and Deep Webs? Learn more here.
What else will you need?
We will use a package called WiFite to check for the security (or hacking) of the Wi-Fi network.
- WiFite is a shell for various tools from the Aircrack-ng kit, as well as modules like iw, which, iwconfig, ifconfig.
The main difference of WiFite is the full automation of all actions, which has already been honed literally to the ideal. The utility itself sends deauthentication packets, captures the handshake, selects pins, and decrypts the handshake using dictionaries or a selection of combinations, as well as much more.
The user only has to indicate in the terminal interface which network the attack will be made on and which dictionaries to use to decrypt the handshake.
- A handshake is a kind of “documentation” of information exchanged between the client and the access point at the time of connection. It has a lot of useful information that can be used during password selection.
It is best to hack networks with WPA and WPA2 encryption since they use the distribution of “keys” to all devices that can be connected to them.
Naturally, WPA2 is somewhat more reliable, since it uses more advanced AES encryption, as well as the SSMR block encryption protocol. However, this is not so important.
What is a Wi-Fi security key? Learn more here.
How to check Wi-Fi for security
So, we can proceed to the most interesting part – the practical part.
1. First you need to download the Kali Linux distribution, and install it on your hard disk, or boot into it using a USB flash drive. The installation instructions are very simple and are in the public domain.
2. After starting the OS, you need to log in to WiFite (it is already preinstalled in Kali Linux.)
3. Launch WiFite through the terminal (pre-launch it from ROOT.)
To start the program, you must enter into the terminal:
4. Then the program starts and immediately asks you which Wi-Fi module to use. If you have one module, this item will not appear.
5. At the next stage, the scanning of available Wi-Fi networks begins, and the results are displayed on the screen.
6. After scanning the networks, we see something like this picture:
So, under the number 1 we have hidden the names of the networks. However, you can see that they are numbered. Next, under the number 2 we see the channel on which the network operates. Number 3 shows the type of encryption. Number 4 is signal strength. Numbers 5 and 6 show the availability of WPS and the number of users already connected to the network, respectively.
When the network of interest is found, we press CTRL+C and finish scanning.
7. The next step is to select the network to be attacked. Just enter the network number. Or we can choose several numbers; in that case, they will need to be separated by commas.
8. From that moment, deauthentication and capture of the “handshake” begins. If the network is vulnerable (which happens in most cases), the handshake will be successfully captured, and we can safely decrypt it. To do this, we will need a dictionary.
The dictionary is a .dic file that contains many password options (in our case from a Wi-Fi network). Dictionaries should be selected manually. There are dictionaries with names, dates, combinations of numbers and other things. You can find them on the internet.
9. To start password selection, you need to place the dictionary file in the folder with the utility, and enter the command into the console (having already previously entered the utility folder through the console):
./wifite – – dict ‘address to the dictionary, including its name’
10. Next, the program will again offer to choose which network to attack. Do the previous manipulation again. As a result, password selection begins. It should be noted that the standard selection is done with the help of processor power. So it may take some time.
11. If the selection was successful, a file will appear in the wifite folder cracked.txt, which will contain your cherished password, as well as additional information on the hacked network. If the selection was unsuccessful, you should change the dictionary.
Note: Different commands may be used for different versions of WiFite and Kali Linux, and their interfaces may differ. Therefore, before using the utility, carefully read the documentation on it.
That’s all! Test and check your Wi-Fi for security.