Fern Wifi Cracker – Automated WPA Password Cracking

Fern Wifi Cracker is a Wireless security auditing and attack software program written using the Python Programming Language and the Python QT Gui Library, the program is able to crack and recover WEP/WPA/WPS keys and also run other network based attacks on wireless or ethernet based networks.

Fern Wifi Cracker currently supports the following features:

  • WEP Cracking with Fragmentation,Chop-Chop, Caffe-Latte, Hirte, ARP Request Replay or WPS attack
  • WPA/WPA2 Cracking with Dictionary or WPS based attacks
  • Automatic saving of key in database on successful crack
  • Automatic Access Point Attack System
  • Session Hijacking (Passive and Ethernet Modes)
  • Access Point MAC Address Geo Location Tracking
  • Internal MITM Engine
  • Bruteforce Attacks (HTTP,HTTPS,TELNET,FTP)
  • Update Support

First step, make sure your card is capable of packet injection read here and here  here for compatible wireless cards. If not there’s no need to follow the instructions below you’ll never crack any wifi password without using compatible cards. Then let’s check your cards interface to use type airmon-ng, mine is wlan1 with ath9k driver. After all let’s kill processes that can intervene with your cards driver type airmon-ng check kill

Screenshot from 2016-08-19 20-54-24

Run Fern Wifi cracker and choose from the drop down tab the wifi card it will automatically enable the card in monitor mode. See the green text Monitor mode enabled on wlan1mon.

Screenshot from 2016-08-19 20-56-12

Next click the Scan for Access Points to look for target APs if it detects WEP the wep button will be highlighted if not the WPA, in my case a WPA access point was detected. Now just click the WPA button to open the attack panel where you’ll fulfill your dream of being a wifi hacker.

Screenshot from 2016-08-19 20-56-59

Select your target access point, tick if it’s regular or wps attack (for wps enabled routers), upload your wordlist to be used in password cracking then click Wifi attack and this tool will magically do everything for you as if you’re having magic wand.

Screenshot from 2016-08-19 20-58-54

All wifi cracking tools follow these steps – deauth connected clients, capture the handshake and crack the password against your wordlist – wait! here’s the catch, if your wordlist contains the password you can get the password, if not, either get a bigger wordlist or buy faster machine that can bruteforce it without relying on wordlist. The length of time cracking WPA/WPA2 depends on how big is your wordlist and your luck, unlike cracking WEP which depends on IVs captured.

Screenshot from 2016-08-19 21-01-59

That’s it, the WPA password! There’s a lot of tool in Linux that can crack WPA/WPA2 but Fern Cracker is the easiest to use, thanks to its user friendly GUI.

Advertisements

DMitry – Deepmagic Information Gathering Tool

DMitry (Deepmagic Information Gathering Tool) is a UNIX/(GNU)Linux Command Line Application coded in C. DMitry has the ability to gather as much information as possible about a host. Base functionality is able to gather possible subdomains, email addresses, uptime information, tcp port scan, whois lookups, and more.

The following is a list of the current features:

  • An Open Source Project.
  • Perform an Internet Number whois lookup.
  • Retrieve possible uptime data, system and server data.
  • Perform a SubDomain search on a target host.
  • Perform an E-Mail address search on a target host.
  • Perform a TCP Portscan on the host target.
  • A Modular program allowing user specified modules

Source: http://mor-pah.net/software/dmitry-deepmagic-information-gathering-tool/

Installing the tool is not a problem DMitry is built-in Kali Rolling just type dmitry -h to see the options you can use against your target website.

d1

Type dmitry -isep example.com , i only use the basic commands you have the option if you want to gather more information type dmitry -winsep example.com   

d2

Valuable info on your target website just keep on flowing…

d3

And flowing… The last part will usually include the emails gathered and ports scanned. There you go such a vast amount of information you can use on your future attacks on the target host.

d4