Below are method to setup your ordinary usb wifi adapter and transform it into fake access point (gateway) ready to intercept password key by broadcasting far and wide a fake login page.
Using this method, you NEED NOT have to capture any WPA or WPA2 'handshake' and use dictionary or brute force to crack the WPA password key.
Just present the fake WPA page (or any other login page to your liking) via your fake ap and wait for victims to go after your bait. At the same time, the script will do DOS (Denial Of Service) attack to the real ap and render it useless. This is totally new concept to hack WPA (or any other) password key!
Requirement:
(A) Backtrack 4 (final or R1 version) but not (Pre or Beta version)
(B) Do not run Backtrack 4 using vmware
(C) USB wifi adapter with either Ralink, Realtek or Zydas chipset as fake ap.
Do the following:
i) Download script below and put them on your Bt 4 desktop:
'fakeap.tar.gz'
ii) Open konsole and type:
tar {leave a space} -xvzf {leave a space} /root/fakeap.tar.gz
A blue folder 'fakeap' will be created
iii) Open konsole and type in the following 2 line command:
chmod {leave a space} +x {leave a space} /root/fakeap/wpa_no_dic.sh
THEN
/root/fakeap/wpa_no_dic.sh
Thats it. You are done! It takes less than 2 minute (really) to setup from start to finish, effortlessly!
Sample: Fake WPA login page (replaceable as you wish) that victims will see.
The best part is you don't need to have internet service to setup your fakeap and yet your victims will be able to 'see' your fake login page and got owned, anywhere and anytime especially if your 'wifi' is the only one available around.
Once you able to execute the trial version, email me for the full version where you can change the SSID wifi network name (such as enticing 'freeNet', 'Public_wifi' etc), broadcast channel (1-14) of your fake ap to your liking plus the DNS poison window period to intercept password is NOT limited to 15 minute (trial default period).
STOP WONDERING! Why not give it a try?. Its free, lethal, fun and effective all rolled into one small program! BTW, this is a knowledge base website and DO NOT condone any illegal activities.
Compose an email with the following format for full version of 'HACK WPA WITHOUT USING DICTIONARY' (click to see the request code):