When we are out and about, it is tempting to use public WiFi networks, almost always free and free (i.e., not password protected). But it is best to be careful. There are major security risks. With smartphones and, more generally, mobile devices, we exchange a large amount of personal and confidential data. So often containing sensitive work and company information. In this article, we will give you a complete guide about hack WiFi password online.
For an attacker, exploiting these connections to carry out hack WiFi password online operations with the intent of spying on our data traffic is simple. Even within reach of those who do not have particular computer skills. After this small but necessary promise. Let’s see what the tools available to test a WiFi network against possible attacks are. Before continuing, it is useful to do some glossary, to know new terms:
- SSID: is the name of the network, which appears when we do a WiFi scan with our device
- MAC: is a code that identifies a device within a network, better known as BSSID.
- Channel: WiFi networks communicate on the 2.4 GHz and 5 GHz frequencies and in different channels. Which vary according to the legislation of the country where you are located.
- Wardriving: is an activity that consists of mapping the WiFi networks present in a geographical area. Through a device with a wireless card and GPS module for localization.
How to scan for WiFi networks
One of the first steps to obtain information about the WiFi network in the area is to search through software. There are several applications available on the store, especially for the Android world. Where it is possible to launch this procedure. This allows you to collect information. Such as the router’s GPS location, the name of the WiFi network, type of protection, transmission channel, and if the WPS is active.
Here are the main tools that are used:
The data generated by this software are easily exportable and analyzable.
Hack WiFi password online: WEP WiFi networks
WiFi WEP networks are the older ones, and as they are becoming disused, they are less frequent when searching. So in the sense that through the collection of a certain number of packets (typically more than 10,000). It is possible to find the password, which protects the network. The tools available to proceed with an attack on a WiFi network protected by WEP are the following:
- Fern WiFi Cracker
This software is quite simple to use, as it has guided interaction with the user and, as in the case of Fern WiFi Cracker, a real graphical interface. Which improves its usability. And the default password of the network. Therefore, through the name of the WiFi network. This attack works with WiFi networks of routers before 2014. Such as Alice, Telecom, Fastweb, Libero, etc …, or providers and others. Which are subject to this type of attack.
One of the most popular programs is WPA Tester, which is very simple to use for Android.
Hack WiFi password online: the most used tools
For example, a user logs in via the free WiFi connection of an airport, hotel, or shopping center. To do all this, just a simple device. But in reality, the purposes are quite different and less legitimate.
The latest version is also available with a nice camouflage case (Nano Tactical) to hide it better. It connects to a computer, and with the help of some special software, it allows to “sniff” the data packets it intercepts. Kali Linux is generally used (it is a Linux distribution that includes all the tools to overcome the protections of wireless networks), in combination with Wireshark, which is software for protocol analysis or “packet sniffer” (literally packet sniffer) used for solving network problems. Another used packet sniffer is Fire sheep.
How an attack on WiFi networks happens
Pineapple can connect to an existing WiFi network (open or whose password is known) as a client. So it can surf the internet and, via a bridge, can provide transparent connectivity to clients. Our smartphones – by default – automatically connect to free WiFi networks (which do not require access passwords). Therefore Pineapple manages to deceive them.
In practice, the device interposes itself transparently between the user’s device and the regular access point (acting as a “bridge”). So it seems (and intercepts) all the data packets transmitted and received. To do this, the attacker must physically be within range of the victim’s WiFi. Alternatively, if an unknown password protects the public WiFi network, hack WiFi password online&the hacker can create a fake access point with Pineapple (therefore another “free” and malicious network, naturally with a similar name to the existing one), to which the unwitting users will connect, automatically and with great pleasure.
Let’s think about our (distracted …) habits: if in a public place our smartphone finds a “free” network, perhaps with the word “free” clearly evident in the name SSID (Service Set IDentifier) of the network, who has doubts about security, before connecting? We will find ourselves connected (automatically) without having asked ourselves any questions. The interception of an unencrypted data packet could have a further consequence. If this packet transmits cookies, the attacker can take over the victim’s session. So it could assume the identity of the “snorted” victim.
Open WiFi networks at risk: tips for defending yourself
A good rule of thumb to defend yourself is to avoid or block your smartphone’s ability (or computer) to connect to open WiFi networks. When browsing under a free WiFi network: in these cases, we would find ourselves in a free, unencrypted, uncontrolled space where our passwords, our digital identity, and our movements, in general, can be easily captured and decrypted.
So it is dangerous to do any banking operation, enter your card number or CCV, and make payments via PayPal and check your bank statement. For the same reason, avoid entering passwords to access social networks, e-mails, or shared accounts (Dropbox, Google Drive, or others). So as not to allow strangers to steal our credentials. Rather, it is better to use the 4G network of your smartphone or make sure that the site is in HTTPS. This protocol integrates the standard HTTP protocol with a Transport Layer Security (SSL / TLS) encryption mechanism. This avoids the MITM attack, with the risks listed above.
WiFi connections with Captive Portal: how an attack happens
In many public places, especially in hotels, the WiFi network’s connection is free of charge but requires authentication through the Captive Portal system. It works: as soon as we connect to the WiFi network (which appears free, i.e., without a password). Generally, a welcome message is shown informing us of the access rules and inviting us to accept certain conditions (EULA: End User License Agreement).
For this reason, it is not possible to navigate through the smartphone applications if you have not previously gone through the browser page of the Captive Portal. This system is certainly safer but not without risks. It is known that access with Captive Portal can be attacked through a simple packet sniffer (such as the Wireshark software we talked about previously), through which the attacker can obtain IP and MAC addresses of other devices already authenticated and connected. At this point, with a spoofing technique, that is, by falsifying their credentials with those of authorized users. They will be able to connect, even if they do not have the authorization.
Hack WiFi password online: the right security measures
Protected WiFi networks may also be attacked, especially if we don’t take proper WiFi network security measures. Meanwhile, let’s say that wireless networks are equipped with different security protocols: WEP, WPA, and WPA2. Let’s see what these acronyms mean.
- WEP (Wired Equivalent Privacy): it is an obsolete security protocol that does not offer real protection (due to the weakness of the cryptographic algorithm used): a newly experienced attacker will be able to steal the access password and enter the network. To do this, you can use Aircrack-ng, a program to crack WEP passwords (recovering them from packet sniffing) and WPA-PSK (with the “brute force” technique). The Aircrack suite consists of several utilities: airmen-ng, airodump-ng (to monitor existing WiFi networks), airbase-ng.
- WPA (WiFi Protected Access): to overcome the weaknesses of WEP, in 2003, the new WPA standard was implemented by the WiFi Alliance. This is a little more secure than the previous one, security linked to the strength of the password used.
- WPA2 (WiFi Protected Access 2): released in 2004 with the IEEE 802.11i standard, it is currently the most secure protocol. However, in 2017 the news of its vulnerability to the KRACK attack (Key Reinstallation Attack) was published. WPA2 uses AES (Advanced Encryption Standard) encryption, which is, to date, the most secure symmetric (private key) encryption standard. Used as a standard by the US government and the NSA (National Security Agency) for Top Secret documents.
We protect our WiFi networks.
Let’s see, in conclusion, what to do to make our WiFi networks safe.
- As explained above, you will need to use the most advanced standard available, therefore WPA2. Today any router and access point implements it.
- Having chosen WPA2, let’s not negate its effectiveness. Therefore, to avoid intrusion into your wireless networks, it is extremely important to use a complex and strong security key (the WiFi network’s password), as explained in the article with the best practices for creating a secure password. We avoid trivial passwords, with references to personal information, if we do not want our neighbor to sneak into our WiFi (it happened!).
- Then I recommend disabling WPS (WiFi Protected Setup), a handy feature for quickly connecting devices to the access point. With a brute force attack, it is possible, in a few hours, to discover the security key used, as researcher Stefan Vie bock discovered in 2011.
- Network Access Control (NAC): create a WiFi Guest network in the company to which guests can connect not to enter the main corporate network. This convenient option is now also available in routers for home use: I therefore also recommend it for our home WiFi network.
- Finally, we come to the banalest and greatly underestimated error. Many commit it out of laziness or lack of awareness. The routers that we purchase, or that the Internet Service Provider (ISP) provides, come with standard credentials. So they could have a username and password, the “formidable” coupled “admin/admin” or “admin/password,” or other amenities.
WIFI networks with WPS technology: Hack WiFi password online
The WPS technology is very convenient. It allows a device and a router to exchange a key, taking advantage of the possibility of physically accessing the router by pressing a button.
WPS is not a network security technology, such as WEP, WPA / WPA2, but rather a help technology to connect to a network. For this reason, it is possible to crack a WiFi network using this exploit, with one of the following tools:
- Fern WiFi Cracker
- WPS Pixie
Guidelines for avoiding attacks
Here are some guidelines to avoid intrusion into your wireless network:
- Use WPA2 as the security level
- Try to use a password consisting of lowercase, uppercase, numbers, special characters, and long enough
- Try to change the password during the year
- Disable WPS
- Make updates to the router as much as possible
- Avoid entering your WiFi password on WEB pages
- Avoid giving the password of your network to friends. Better create a network specifically for a logo (Guest network)
In the world of IT security, it can be safely argued that getting access to any device. Such as a WiFi network is a matter of time and resources. The goal of computer developers/engineers is to make this time-space as long as possible. As for WiFi networks, there are different types of attacks. Which work depending on the security level of the WiFi network and who administers it. As already mentioned at the beginning, this guide has the sole purpose of giving an overview of the world of WiFi networks so that you can take steps to avoid intrusions.