Key Takeaways
- Monitor Mode: To hack Wifi, you need a special adapter that can listen to "Monitor Mode." This allows you to see all traffic in the air, not just traffic meant for you.
- Deauthentication Attack: A hacker can kick you off your WiFi by sending a "Deauth" packet. When your device tries to reconnect automatically, it sends the password hash (Handshake).
- Offline Cracking: The hacker captures the Handshake and walks away. They then use a powerful GPU at home to guess millions of passwords per second against that handshake.
Your WiFi password is not sent in plain text. But the cryptographic proof of it is. If your password is weak ("12345678"), it will be cracked in seconds.
WPA2 vs WPA3
WPA2 (The Standard)
Vulnerable to offline Dictionary Attacks. Once the hacker has the handshake, they can try every word in the dictionary without interacting with the router anymore.
WPA3 (The New Standard)
Introduces "Dragonfly" (SAE - Simultaneous Authentication of Equals). It prevents offline dictionary attacks. Even if the hacker captures the packets, they cannot guess the password offline. They must interact with the router live, which is slow and detectable.
Tools: Aircrack-ng & Hashcat
Aircrack-ng is the suite used to capture the data. Hashcat is the tool used to crack it using your graphics card (GPU). Hashcat on an RTX 4090 can guess billions of passwords per second.
The Evil Twin Attack
Instead of cracking the password, a hacker creates a fake hotspot with the same name as your WiFi but no password. Your phone might connect to it automatically. Then, they show you a fake login page: "Router Firmware Update: Please enter WiFi password."
Frequently Asked Questions (FAQ)
This concludes Phase 2. Protecting your Privacy is next.
Read De-Google Guide