# WiFi Pentesting

## **Basic tools:**

### TPLink - WL722N v2/v3 

(update driver in kali --> <https://www.youtube.com/watch?v=tYnjMiTTdms>)

1. Check the version of WL722N (if you have v2/v3, continue)

```
└─$ lsusb               
Bus 001 Device 003: ID 2357:010c TP-Link TL-WN722N v2/v3 [Realtek RTL8188EUS]
```

2. Update and Upgrade

```
sudo apt update
sudo apt upgrade
```

3. Install additional tools

```
sudo apt install bc
```

4. Restart kali VM
5. Install additional software

```
sudo apt install build-essential
sudo apt install libelf-dev
sudo apt install linux-headers-`uname -r`
sudo apt install dkms


sudo rmmod r8188eu.ko
git clone https://github.com/aircrack-ng/rtl8188eus
cd rtl8188eus
sudo -i
echo "blacklist r8188eu" > "/etc/modprobe.d/realtek.conf"
```

6. Restart kali VM
7. Install driver

```
sudo apt update
cd rtl8188eus
sudo make
sudo make install
sudo modprobe 8188eu
```

### Alfa Network

* &#x20;\--> <https://www.youtube.com/watch?v=hEXwOkyYNL0>

1. Check the usb adapter

```
└─$ lsusb               
```

2. Update and Upgrade

```
sudo apt update
sudo apt upgrade
```

3. Install additional tools

   ```
   sudo apt install bc
   ```
4. Restart kali VM
5. Install additional software

```
sudo apt install build-essential
sudo apt install libelf-dev
sudo apt install linux-headers-`uname -r`
sudo apt install dkms
```

Then restart.

If it doesn't work, install the driver manually:

6. Install driver

```
sudo apt install realtek-rtl88xxau-dkms
```

7. Restart kali VM
8. Install the additional driver, make sure that <https://github.com/aircrack-ng/><mark style="color:red;">**rtl8814au**</mark>.git same as your adapter's chipset.

```
git clone https://github.com/aircrack-ng/rtl8814au.git
cd rtl8814au
make
sudo make install
```

6. Unplug and plug again the Alfa adapter
7. check with this command `iwconfig`

## **Check the adapter**

<pre class="language-bash"><code class="lang-bash">iwconfig
# output:
<strong># wlan0    unassociated  Nickname:"&#x3C;WIFI@REALTEK>"
</strong>#          Mode:Auto  Frequency=2.412 GHz  Access Point: Not-Associated   
#          Sensitivity:0/0  
#          Retry:off   RTS thr:off   Fragment thr:off
#          Power Management:off
#          Link Quality=0/100  Signal level=0 dBm  Noise level=0 dBm
#          Rx invalid nwid:0  Rx invalid crypt:0  Rx invalid frag:0
#          Tx excessive retries:0  Invalid misc:0   Missed beacon:0

# if it seems not like above, check using lsusb

lsusb
# output:
# Bus 001 Device 003: ID 2357:010c TP-Link TL-WN722N v2/v3 [Realtek RTL8188EUS]

sudo systemctl restart NetworkManager
</code></pre>

## **Check Adapater**

```
iw dev
iwconfig
```

##

## **Setup monitor mode**

### **Kill process**

This command stops network managers then kill interfering processes left:

```
sudo airmon-ng check kill
```

**Note**: It is very important to kill the network managers before putting a card in monitor mode!

ref: <https://www.aircrack-ng.org/doku.php?id=airmon-ng><br>

### **Monitor mode**

```
ip link set wlan0 down
iw dev wlan0 set type monitor
ip link set wlan0 up
```

```bash
sudo airmon-ng start wlan0

# output:
# PHY     Interface       Driver          Chipset
# phy0    wlan0           8188eu          TP-Link TL-WN722N v2/v3 [Realtek RTL8188EUS]
#                 (monitor mode enabled)

```

### Stop monitor mode

If you wanna change to the normal mode

```bash
sudo airmon-ng stop wlan0
```

## Monitor&#x20;

Make sure you have been set monitor mode.

### Deauth Attack

Open <mark style="background-color:blue;">**Wireshark**</mark> and set the filter.

```
(wlan.fc.type == 0) && (wlan.fc.type_subtype == 0x0c)
```

### Monitor handshake

```
wlan.ssid == "<ssid name>" && eapol

wlan.bssid == "<bssid number>" && eapol

```

## Wifite

The simple WiFi Attacking. Could detect active user on the network.

ref: <https://www.youtube.com/watch?v=OdFvNLdccWQ>

## Wifiphisher

### Installation

{% embed url="<https://github.com/wifiphisher/wifiphisher.git>" %}

```
git clone https://github.com/wifiphisher/wifiphisher.git
cd wifiphisher
python3 setup.py install
```

### Steps to deliver

<pre><code># monitor mode
sudo airmon-ng start wlan0

# run wifiphisher
wifiphisher --force-hostapd

# select the SSID

<strong># select scenarios
</strong>
</code></pre>

## WPA2-E phishing

<pre><code>sudo apt install hostapd-wpe
# /etc/hostapd-wpe/

<strong># copy the hostapd-wpe.conf and change something:
</strong>ssid and channel

sudo hostapd-wpe hostapd-wpe.conf
</code></pre>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://hacker-mind.gitbook.io/hacker-mind/wifi-pentesting.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.