Ubuntu Fern Wifi Cracker

[Tinisha]

Inthis article we will explore a pentesting tool called fern WiFi cracker. fern WiFi cracker is an easy to use GUI based WiFi hacker tool which anyone can use. There are no complicated terminal commands required to use this WiFi hacker tool. fern WiFi cracker comes preloaded with Kali Linux. You can also install this WiFi hacker tool in almost any Linux based distro.

fern WiFi Cracker is written in Python. It uses Python Qt GUI library. Program can crack and recover WEP/WPA/WPS keys and run other critical network based attacks on wireless or ethernet based networks as well.

A graphical interface for the tool will open up as shown below. Now first thing you need to do is select your network interface. As you select your network interface, it will enable monitor mode on the selected interface.

Now go ahead and hit browse button and look for password list file. In order to crack a WiFi password you need to have a password-list which you can use to brute-force the wireless network. You can easily get multiple password text-file on the internet.

So to create word list for our brute-force attack we will be using a program called crunch. crunch comes pre-installed in Kali. For any other distribution you can easily download it from the software repository.

We can shorten this process based on the acquired knowledge of the target. For instance if we somehow know that the target always uses number passwords between 6 and 8 characters? We could create a complete list of password possibilities meeting this criteria and save them to a file in our desired directory by running the following command.

You can generate much more complex word-lists in crunch to be used for this WiFi hacker tool depending upon your recon. But then it would require you to use large amount of processing power. Which will also increase the required time.

Fern WiFi cracker, The name says about it. It's a GUI based WiFi security auditing tool that written on Python. Fern WiFi cracker can crack and recover WEP/WPA/WPS keys and also run other network based attacks on wireless or Ethernet based networks. Fern created by Saviour Emmanuel Ekiko.

Every time we open fern it will check for update and if we have a updated version of Kali then it will ask us to use it's professional version. It is available for purchase in -pro.com. We are not going to buy it so we choose "No" and the main menu of Fern opens like the following screenshot:

Now we select the network interface. Usually our devices internal WiFi is the wlan0 interface and to use monitor modes from our external WiFi adapter we need to select wlan1 interface, as we did in the following screenshot:

Here we need a dictionary file. A dictionary file/wordlist is a text file that contains lots of passwords. Our attack will follow the brute-force method first it capture the handshake file from the WiFi network then it try to crack the handshake file by brute-force method from our given password file. We will discuss about how it works later.

Here we discuss on the basics without diving deeper technological terms. We know that when we connect our device to a new protected WiFI we need the password. But from the second time we don't need the the password, Why? Because the password stored in our device for that WiFi network. It stores the hash value of password (not the plain text).

When we try to connect for second time the device sends the password in hash format to the WiFi router and asks to connect (handshake). The router checks everything is correct and allow it to connect.

This tool sends de-authentication packets to the router using our special WiFi adapter.(That's why we need a WiFi router that supports packet injection). For the de-authentication packets all the connected devices with the router got disconnected and as we know after this those disconnected devices again try to connect with the target router.

Now these passwords are encrypted and we need a list of password and our tool with match this hash one by one from our given passwordlist (wordlist or dictionary file). This is brute-force attack. If the password will be in our list then we can get it easily. Bigger size of wordlists can increase provide us higher success rate. Come on almost everyone uses common passwords, because these kind of passwords are easy to remember.

Disclaimer: This tutorial is for educational propose. Attacking others devices considered as criminal offense. We don't support that. This is for spreading awareness that we should choose a very strong password for us. We have used this against our own network.

Love our articles? Make sure to follow us on Twitter and GitHub, we post article updates there. To join our KaliLinuxIn family, join our Telegram Group. We are trying to build a community for Linux and Cybersecurity. For anything we always happy to help everyone on the comment section. As we know our comment section is always open to everyone. We read each and every comment and we always reply.

3a8082e126