Do you want to test your network security? It used to be that you needed
a desktop OS such as Windows or Linux installed on a computer with a
specific wireless network card.
Now, however, you can also use certain Android devices to scan and crack wireless networks.
These tools are available for free as long as
your device is compatible. Hacking routers
without permission is illegal. These steps are provided to test the security of your own network.
Method
*******WPA2 WPS Router*******
1) Root
a compatible device. Not every
Android phone or tablet will be able
to crack a WPS PIN. The device must
have a Broadcom bcm4329 or bcm4330
wireless chipset, and must be Rooted . the Cyanogen ROM will provide the best
chance of success.
Now, however, you can also use certain Android devices to scan and crack wireless networks.
These tools are available for free as long as
your device is compatible. Hacking routers
without permission is illegal. These steps are provided to test the security of your own network.
Method
*******WPA2 WPS Router*******
1) Root
a compatible device. Not every
Android phone or tablet will be able
to crack a WPS PIN. The device must
have a Broadcom bcm4329 or bcm4330
wireless chipset, and must be Rooted . the Cyanogen ROM will provide the best
chance of success.
2) Download and install bcmon
. tool enables Monitor Mode on your
. tool enables Monitor Mode on your
Broadcom chipset, which is essential for
being able to crack the PIN. The bcmon
APK file is available for free from the
bcmon page on the Google Code website.
- To install an APK file, you will need
to allow installation from unknown
sources in your Security menu.
3) Run bcmon. After installing the APK
file, run the app. If prompted, install
the firmware and tools. Tap the "Enable
Monitor Mode" option. If the app crashes,
open it and try again. If it fails for a third
time, your device is most likely not
supported.
-Your device must be rooted in order
to run bcmon.
4) Download and installReaver. Reaver
is a program developed to crack the
WPS PIN in order to retrieve the WPA2
passphrase.
5) Launch Reaver. Tap the Reaver for
Android icon in your App drawer.
After confirming that you are not using it
for illegal purposes, Reaver will scan for
available access points. Tap the access
point you want to crack to continue.
-You may need to verify Monitor Mode
before proceeding. If this is the case,
bcmon will open again.
-The access point you select must
accept WPS authentication. Not all
routers support this.
6) Verify your settings. In most cases
you can leave the settings that
appear at their default. Make sure that the
"Automatic advanced settings" box is
checked.
7) Start the cracking process. Tap the
"Start attack" button at the bottom of
the Reaver Settings menu. The monitor
will open and you will see the results of
the ongoing crack displayed.
-Cracking WPS can take anywhere
from 2-10+ hours to complete, and it
is not always successful.
Attention:
Hacking of networks is illegal
without having the permission of the
owner! i am "NOT" responsible
for any damage etc. this app could
cause.
This software is only intended to show a
big security hole, not to be able to surf in
the neighbours Wifi;)
****Method Two of Two:*****
WEP Routers
1). Run bcmon. After installing the APK
file, run the app. If prompted, install
the firmware and tools. Tap the "Enable
Monitor Mode" option. If the app crashes,
open it and try again. If it fails for a third
time, your device is most likely not
supported.
-Your device must be rooted in order
to run bcmon.
2). Tap "Run bcmon terminal". This will
launch a terminal similar to most
Linux terminals.Type airodump-ng and
tap the Enter button. AIrdump will load,
and you will be taken to the command
prompt again. Type airodump-ng
wlan0 and tap the Enter button.
3) Identify the access point you want to
crack. You will see a list of available
access points. You must select am access
point that is using WEP encryption.
4) Note the MAC address that appears.
This is the MAC address for the
router. Make sure that you have the right
one if there are multiple routers listed. Jot
this MAC address down.
-Also note the Channel that the
access point is broadcasting on.
5) Start scanning the channel. You will
need to collect information from the
access point for several hours before you
can attempt to crack the password. Type
airodump-ng -c channel# --bssid
MAC address -w output ath0
and tap Enter. Airodump will begin scanning.
You can leave the device for a while as it
scans for information. Be sure to plug it in
if you are running low on battery.
--Replace channel# with the channel
number the access point is
broadcasting on (e.g. 6).
--Replace MAC address with the MAC
address of the router (e.g
00:0a:95:9d:68:16)
--Keep scanning until you reach at
least 20,000-30,000 packets.
6) Crack the password. Once you have a
suitable number of packets, you can
start attempting to crack the password .
Return to the terminal and type
aircrack-ng output*.cap
and tap
Enter.
7) Note the hexadecimal password when
finished. After the cracking process
is complete (which could take several
hours), the message KEY FOUND! will
appear, followed by the key in
hexadecimal form. Make sure that
"Probability" is 100% or the key will not
work. [2]
--When you enter the key, enter it
without the ":". For example, if the
key was 12:34:56:78:90, you would
enter 1234567890 .
Hacking a router you are not authorized to
access is illegal :-) :-)
****Method Two of Two:*****
WEP Routers
1). Run bcmon. After installing the APK
file, run the app. If prompted, install
the firmware and tools. Tap the "Enable
Monitor Mode" option. If the app crashes,
open it and try again. If it fails for a third
time, your device is most likely not
supported.
-Your device must be rooted in order
to run bcmon.
2). Tap "Run bcmon terminal". This will
launch a terminal similar to most
Linux terminals.Type airodump-ng and
tap the Enter button. AIrdump will load,
and you will be taken to the command
prompt again. Type airodump-ng
wlan0 and tap the Enter button.
3) Identify the access point you want to
crack. You will see a list of available
access points. You must select am access
point that is using WEP encryption.
4) Note the MAC address that appears.
This is the MAC address for the
router. Make sure that you have the right
one if there are multiple routers listed. Jot
this MAC address down.
-Also note the Channel that the
access point is broadcasting on.
5) Start scanning the channel. You will
need to collect information from the
access point for several hours before you
can attempt to crack the password. Type
airodump-ng -c channel# --bssid
MAC address -w output ath0
and tap Enter. Airodump will begin scanning.
You can leave the device for a while as it
scans for information. Be sure to plug it in
if you are running low on battery.
--Replace channel# with the channel
number the access point is
broadcasting on (e.g. 6).
--Replace MAC address with the MAC
address of the router (e.g
00:0a:95:9d:68:16)
--Keep scanning until you reach at
least 20,000-30,000 packets.
6) Crack the password. Once you have a
suitable number of packets, you can
start attempting to crack the password .
Return to the terminal and type
aircrack-ng output*.cap
and tap
Enter.
7) Note the hexadecimal password when
finished. After the cracking process
is complete (which could take several
hours), the message KEY FOUND! will
appear, followed by the key in
hexadecimal form. Make sure that
"Probability" is 100% or the key will not
work. [2]
--When you enter the key, enter it
without the ":". For example, if the
key was 12:34:56:78:90, you would
enter 1234567890 .
Hacking a router you are not authorized to
access is illegal :-) :-)
