How to hack unknown WIFI router


You need OS Kali Linux
You can download from here https://www.kali.org/downloads/

Start:

Setup a router with WPA or WPA2 for encryption and give it a password. Enable WPS if it is not already and connect to it wirelessly with a separate device (laptop, smartphone) simulating a real environment.

The first thing we need to do is enable the wireless USB adapter.

Run the command “airmon-ng” to see if Kali recognizes your wireless USB adapter. It should show “Wlan0” along with the chipset, if it doesn’t then some troubleshooting will have to be done until it does.

Once the wireless USB adapter is working we need it enabled. To do this run the following command “airmon-ng start wlan0”

If all goes well the screen will scroll by with some information then say enabled on mon0.

Finding a WPS enabled router is the next step this used to be hard to do until the “wash” command came along. Before the “wash” command every router would have to be found and then tested to see if WPS was enabled. The “wash” command will list only WPS enabled routers.

The “wash” command has been notorious for having problems and not working correctly. Basically the “wash” command goes out and tells you if a router has WPS enabled, so you don’t waste your time running Reaver. I believe I have found a fix that has been working for me on both Backtrack 5 and Kali Linux.

First make a directory like this.
“mkdir /etc/reaver”
Then run the wash command
“wash -i mon0 -C”
(That is a capitol C)

Copy the BSSID, to paste it when needed later, then press CTRL+C to stop the terminal window using the wireless USB adapter.

If nothing comes up then no WPS enabled router is within reach. Run the following command to see all access point within your reach. “airodump-ng mon0”. Only do this if the wash command finds nothing.

Now we can get to using Reaver. Be sure the terminal window running the “wash” command is not actively using the wireless USB adapter by pressing CTRL+C inside of it. You can copy and paste the BSSID.

In the second terminal window run the following command.
“reaver -i mon0 -b (Target BSSID) –vv”
(The -vv is two V not a W)

Reaver should start to run.

Reaver will now run and start a brute force attack against the Pin number of the router. It will run until it finds the wireless password usually 2-10 hours.