What is 'Handshake' and how to catch it?
(Taken from: https://www.turkhackteam.org/konular/handshake-nedir-ve-nasil-yakalanir.1982059/)
Nowadays, the concept of the network has become quite important. The concept of the network has also affected our daily lives. As an example, while you used to go to your workplace for a job interview, now job interviews are done with the help of the internet. We can give many examples of this kind of situations.
Internet networks have existed since the day they came to the homes of people who enter and use the Internet network without permission. These people can do anything legal or illegal using your internet! In a possible occurrence of a bad event, you may get dizzy and anxious since you are the network owner. To counter such situations or if you think someone has hacked into your network, you can capture a handshake. Before catching a handshake, let's learn its general definition.
What is a Handshake?
It is the authentication protocol between the access point and the devices connected to the network. This protocol shake hands with devices connected to the network. For every device connected to a network, a handshake authenticates us. After verification, the device connects to the network. If there is no handshake, meaning we cannot connect to the network unless there is a handshake.
I will give you an example to make you understand the concept of a handshake better. When you try to connect to WiFi with your phone at home or elsewhere, a notification called "authenticating" appears, and after a few seconds, a notification that says "connected to the network" appears. Which Handshake applies the authentication process. If Handshake does not work correctly or does not work at all, a text such as "A problem occurred in the authentication." will appear after the text "authenticating" when trying to connect to the network.(Taken from: https://www.turkhackteam.org/konular/handshake-nedir-ve-nasil-yakalanir.1982059/)
Nowadays, the concept of the network has become quite important. The concept of the network has also affected our daily lives. As an example, while you used to go to your workplace for a job interview, now job interviews are done with the help of the internet. We can give many examples of this kind of situations.
Internet networks have existed since the day they came to the homes of people who enter and use the Internet network without permission. These people can do anything legal or illegal using your internet! In a possible occurrence of a bad event, you may get dizzy and anxious since you are the network owner. To counter such situations or if you think someone has hacked into your network, you can capture a handshake. Before catching a handshake, let's learn its general definition.
What is a Handshake?
It is the authentication protocol between the access point and the devices connected to the network. This protocol shake hands with devices connected to the network. For every device connected to a network, a handshake authenticates us. After verification, the device connects to the network. If there is no handshake, meaning we cannot connect to the network unless there is a handshake.
What does it mean to catch a Handshake?
The term handshake capture differs a little from its meaning. So we know that handshake is an authentication protocol. It can look a bit absurd when it comes to catching an authentication protocol instead of catching a handshake. Don't worry, the term handshake capture is used to crack the passwords found on WiFis.
There is an application that we need to use to capture handshakes which is called Wifislax. This application can be used on Linux and Windows operating systems. This application cracks the password by making a Brute Force attack on the target WiFi network. There are also mobile applications or pc applications similar to Wifislax. However, most of these applications either do not work, come out with malware or require root privileges.
To use the Wifislax application, we need to write itself to the flash memory and then boot the device. In order to write Wifislax to the flash memory, we need to download Rufus. As understood, it is a difficult job.
How to catch a Handshake?
I mentioned that we can capture handshakes with Wifislax. This is the most popular and the most troublesome way to capture handshakes. I'll do it with another popular way, Aircrack.
First, let's start our Linux terminal and turn on our Wireless card in monitor mode to start our process with the following command:
After switching the wireless card to the monitor mode, let's look at the wireless network cards. So it will be seen whether we are good to go.
Monitor mode is now switched, let's find the WiFi networks around us.
After this process, we will see the nets. Let's find the mac address of our mouth from here.
After we find the mac address of our network, we will try to find the handshake.
After this operation, you can capture a handshake as long as you do not turn off the terminal. It can take hours to detect the person connecting to the network. So I'm going to disconnect from the network by doing a deauth attack so we'll see a handshake that the network has been left. To do this attack, we create a new tab and type the following command.
After waiting for a while, it will conduct a deauth attack for the number of times you set. This process varies according to the number of attacks.
After the attack happens, we check the open tab to catch the handshake. If there is one, it will be caught.
Today we learned how we can capture a handshake. Capturing a real handshake will come in handy if you suspect your WiFi has been hacked.
See you in the other tutorial.
Kod:
airmon-ng start wlan0After switching the wireless card to the monitor mode, let's look at the wireless network cards. So it will be seen whether we are good to go.
Kod:
iwconfigMonitor mode is now switched, let's find the WiFi networks around us.
Kod:
airodump-ng wlan0monAfter this process, we will see the nets. Let's find the mac address of our mouth from here.
After we find the mac address of our network, we will try to find the handshake.
Kod:
airodump - -bssid ağınızın mac adresi - -channel [ağınızın kanal numarası - -write sonuçları yazmak istediğiniz dosya adı wlan0monAfter this operation, you can capture a handshake as long as you do not turn off the terminal. It can take hours to detect the person connecting to the network. So I'm going to disconnect from the network by doing a deauth attack so we'll see a handshake that the network has been left. To do this attack, we create a new tab and type the following command.
Kod:
aireplay-ng - -deauth yapılmak istenen saldırı sayısı -a ağın mac adresi wlanm0nAfter waiting for a while, it will conduct a deauth attack for the number of times you set. This process varies according to the number of attacks.
After the attack happens, we check the open tab to catch the handshake. If there is one, it will be caught.
Today we learned how we can capture a handshake. Capturing a real handshake will come in handy if you suspect your WiFi has been hacked.
See you in the other tutorial.
