Now that we've successfully walked through setting up our router as a WEP access point and cracked it on the Aircrack/WEP Cracking page, let's try attacking a WPA encrypted network.

Note that WPA and WPA2 are different. See below for notes.

The Background

As with the WEP attack we covered, this attack will use aircrack-ng to capture lots and lots of packets, then use those packets to brute-force guess the wireless network's passphrase.

WPA or WPA2?

The two are actually different, and as you'd guess, WPA is the weaker one, WPA2 is stronger and improved. However, as with anything in security, the chain is only as strong as the weakest link, which means that routers with WPA or WPA2 enabled are still vulnerable to WPA attacks.

In fact, my wireless router even recommends that I use a WPA-WPA2 mixed mode!

The Hardware

The hardware will consist of:

• a router/wireless access point - this router controls the wireless network being attacked
• a laptop running Kali Linux - this is where the attack is being launched from
• a third party on the network - not sure if this is necessary

The Software

You'll need a laptop running Kali, which will have aircrack-ng installed. That should be all the software you need.

The Procedure

Set Router to WPA

Before doing anything else, we'll change the wireless security protocol of the router to WPA2 encryption.

Check Wireless Devices

Switch Wireless Device to Monitor Mode

Connect Third Party to Network

Begin Attack

Analysis

Online Analysis

Offline Analysis