How to Hack Wi-Fi Passwords

[ad_1]

Chances are you have a Wi-Fi network at home. But maybe you forgot the password, or you don’t have neighbors willing to share their Wi-Fi goodness. Or you live close to one or more strong connections that taunt you whenever you boot up your laptop or look at the phone.

The problem is, if there’s a lock next to the network name (the SSID, or service set identifier), that indicates security is activated. Without a password or passphrase, you’re not going to get access to that network or the sweet, sweet internet that goes with it.

You could just go to a café, buy a latte, and use the “free” Wi-Fi there. Or download an app for your phone such as WiFi Map, and you’ll have a list of millions of hotspots with free Wi-Fi for the taking (including some passwords for locked Wi-Fi connections, if they’re shared by the app’s users).

But yes, there are other ways to get wireless connectivity. Some require such extreme patience that the café idea is going to start looking pretty good. Read on, if you can’t wait.


Our Top-Rated Routers


Windows Commands to Get the Key

This trick works to recover a Wi-Fi network password (or network security key) only if you’ve forgotten a previously used password.

It works because Windows creates a profile of every Wi-Fi network to which you connect. If you tell Windows to forget the network, it also forgets the password. In that case, this won’t work. But few people ever explicitly do that.

Go to a Windows Command Prompt with administrative privileges. Click the Start Menu, type “cmd” (no quotes), and the menu will show a Command Prompt; right-click that entry and select Run as administrator. That’ll open the black box full of text with the prompt inside—it’s the line with a right-facing arrow at the end, probably something like C:\WINDOWS\system32\>. A blinking cursor will indicate where you type. Start with this:

netsh wlan show profile

ADMIN CONTROL

(Credit: Eric Griffith/PCMag)

The results bring up a section called User Profiles—those are all the Wi-Fi networks (aka WLANs or wireless local area networks) you’ve accessed and saved. Pick the network you want the password for, highlight it, and copy it. At the prompt below, type the following, but replace the Xs with the network name you copied; you need the quotation marks only if the network name has spaces in it, as in “Cup o Joe Cafe.”

netsh wlan show profile name=”XXXXXXXX” key=clear

In the new data that comes up, look under Security Settings for the line Key Content. The word displayed is the Wi-Fi password or key you are missing. (If you don’t like the command line, third-party password recovering software such as Cain & Abel or WirelessKeyView do the same thing.)

In macOS, open up the Spotlight search (Cmd+Space) and type Terminal to get the Mac equivalent of a command prompt. Type the following, replacing the Xs with the network name.

security find-generic-password -wa XXXXX

For several more tips to view Wi-Fi passwords for networks you’ve attached to before, even on a smartphone, read How to View Saved Wi-Fi Passwords.


Reset the Router

This won’t work on someone else’s Wi-Fi network: You need physical access to the router for this. Before you do a full router reset simply to get on your own Wi-Fi, though, try to log into the router first. From there, you can easily reset a forgotten Wi-Fi password or passkey.

That’s not possible if you don’t know the password for the router. (The Wi-Fi password and router password are not the same, unless you went out of your way to assign the same password to both). Resetting the router works only if you have access via Wi-Fi (which we’ve just established you don’t) or physically, using an Ethernet cable.

If you have a router that came from your internet service provider (ISP), check the stickers on the unit before a reset: Your ISP might have printed the SSID and network security key on the device.

Here’s the nuclear option: Almost every router in existence has a recessed reset button. Push it with a pen or unfolded paperclip, hold for 10 seconds, and the router will return to factory settings.

Router Reset button

(Credit: arnet117/Shutterstock)

Once a router resets, you’ll need that other username-password combo to access the router itself. Again, do this via a PC attached to the router via Ethernet; resetting the router probably killed your Wi-Fi connection for the moment. The actual access is typically done with a web browser, though many routers and whole home mesh systems now can be controlled via an app.

Some routers may also have a sticker displaying the default Wi-Fi network name (SSID) and network security key (password), so you can go back on Wi-Fi after a reset.

The URL to type into the browser to access a router’s settings is typically 192.168.1.1 or 192.168.0.1 or some variation. Try them randomly; that generally works. To determine which one on a PC is connected to the router via Ethernet, open a command prompt and type ipconfig. Look among the gobbledygook for an IPv4 Address, which will start with 192.168. The other two spaces, called octets, are going to be different numbers between 0 and 255. Note the third octet (probably a 1 or 0). The fourth is specific to the PC you’re using to log into the router.

In the browser, type 192.168.x.1, replacing the X with the number you found in the ipconfig search. The 1 in the last octet should point at the router—it’s the number-one device on the network. (For full details, read How to Access Your Wi-Fi Router’s Settings.)

At this point, the router should ask for that username and password (which, again, is probably not the same as the Wi-Fi SSID and network security key). Check your manual, or go to RouterPasswords.com, which exists to tell people the default username and password on every router ever created. You’ll need the router’s model number in some cases.

Website for Router Passwords

(Credit: RouterPasswords)

You’ll quickly discern a pattern among router makers of defaulting to “admin” as the username and “password” as (you guessed it) the password. Since most people are lazy and don’t change the default password, try those options even before hitting the reset button. Once you’re in the Wi-Fi settings, turn on the wireless network(s) and assign strong-but-easy-to-recall passwords. After all, you don’t want to share with neighbors without your permission.

Make that Wi-Fi password easy to type on a mobile device, too. Nothing is more frustrating than trying to get a smartphone connected to Wi-Fi with some impossible-to-key-in-via-thumbs nonsense, even if it is the most secure password you’ve ever created.


Crack the Code

You didn’t come here because the headline of the story is “How to Reset Your Router,” though. You want to know how to crack the password on a Wi-Fi network.

Searching for “Wi-Fi password hack” or variations nets you a lot of links—mostly for software on sites where adware, bots, and scams proliferate. The same goes for the many, many YouTube videos and TikToks promising you ways to crack a password by visiting a certain website on your phone.

Download those programs or visit those sites at your own risk. Many are phishing scams at best. We recommend using a PC you can afford to mess up a bit if you go that route. When I tried it, multiple tools were, thankfully, deleted by my antivirus before I could even try to run the EXE installation file.


Pentest Gear

Pentest is short for “penetration testing”—a form of offensive-approach security, where you examine a network for any and all possible paths of a breach. It requires the right gear, not just what came with your consumer laptop.

You can find such items to help online, such as Hak5’s WiFi Pineapple, a $119.99 piece of equipment that does full Wi-Fi network auditing. The $199.99 Tactical version will look at both 2.4 and 5GHz Wi-Fi networks.

If you’re big into the Raspberry Pi, some people convert those to have the same abilities. The Flipper Zero, a $169 pentest tool that looks like an antique gaming handheld, also has a rep now as a Wi-Fi hacker, but it requires some extras like a Wi-Fi Deve Board to make that happen.

Recommended by Our Editors


Kali Linux

You can create a PC system just for pentesting. Or you can dual-boot into a separate operating system to do it, without losing your main system. Kali Linux is a Linux distribution built for just that purpose. You probably saw it used on Mr. Robot. Check out the video tutorial below.

You can run Kali Linux from a CD or USB key without even installing it on your PC’s hard drive; there are even images you can run in VMWare or VirtualBox. It’s free and comes with all the tools you’d need to crack a network. It even has an app for Windows in the Windows App Store so you can try a minimal installation.

Here’s a list from StationX of favorite Wi-Fi adapters to use with Kali Linux.


Cracking WEP

If you don’t want to install an entire OS, then check out the tried-and-true tools of Wi-Fi hackers. Aircrack has been around for years, going back to when Wi-Fi security was based only on WEP (Wired Equivalent Privacy). WEP was weak even then; it was supplanted in 2004 by WPA (Wi-Fi Protected Access).

Aircrack-ng is labeled as a “suite of tools to assess Wi-Fi network security,” so it should be part of any network admin’s toolkit; it can take on cracking WEP and WPA-PSK keys. It comes with full documentation and is free, but it’s not simple.

To crack a network, you need to have the right kind of Wi-Fi adapter in your computer, one that supports packet injection. You have to be comfortable with the command line and have a lot of patience: Your Wi-Fi adapter and Aircrack must gather a lot of data to get anywhere close to decrypting the passkey on the network you’re targeting. It could take a while.

Here’s a how-to on doing it using Aircrack installed on Kali Linux and another on how to use Aircrack to secure your network. Another similar option on the PC using the command line is Airgeddon for Linux.


Cracking WPA/WPA2

Cracking the much stronger WPA/WPA2 passwords and passphrases is the real trick. Reaver-wps is the one tool that appears up to the task. You’ll need that command-line comfort again to work with it. After four to 10 hours of brute-force attacks, Reaver should be able to reveal a password—but it’s going to work only if the router you’re going after has both a strong signal and WPS (Wi-Fi Protected Setup) turned on.

WPS is the feature that lets you push a button on the router and another button on a Wi-Fi device, and they then find each other and link auto-magically with a fully encrypted connection. It’s the “hole” through which Reaver crawls.

Even if you turn off WPS, sometimes it’s not completely off. But deactivating it is your only recourse if you’re worried about hacks on your own router via Reaver. Or you could get a router that doesn’t support WPS.

Another tool is Hashcat, for those who are comfortable running binary files on their PC. It’s a free way to get several attack modes (dictionary, combinator, brute-force, and association attacks, for example).

Hacking Wi-Fi over WPS is also possible with some tools available on Android, which will only work if the Android device has been rooted. Check out Wifi WPS WPA TesterReaver for Android, and Kali Nethunter as options.


When you really need Wi-Fi, cracking the code will probably take too long. But you can almost always turn your smartphone into an instant hotspot, which is a lot easier in the short term.

PCMag Logo How to Hack Wi-Fi Passwords

Like What You’re Reading?

Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.

This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.



[ad_2]

Leave a Comment