Hacking WPS Networks with Wifite
Objective
Learn how to use Wifite, an automated wireless attack tool, to target WPS-enabled networks and understand how to secure such networks against attacks.
Purpose
WPS (Wi-Fi Protected Setup) is a feature that simplifies connecting devices to wireless networks but often contains vulnerabilities that can be exploited. Wifite automates the process of attacking WPS-enabled networks to demonstrate the risks of leaving WPS enabled.
Tools Required
- Kali Linux (or any Linux distribution with Wifite installed).
- A Wi-Fi adapter capable of monitor mode and packet injection (e.g., Alfa AWUS036NHA).
- A test wireless network with WPS enabled.
Lab Topology
- Kali Linux: Running Wifite.
- Target Wi-Fi Network: A WPS-enabled test network.
Walkthrough
Task 1: Setting Up Wifite
- Verify Wifite Installation:
- Wifite is pre-installed on Kali Linux. To check:
wifite --help
- If not installed, install it using:
sudo apt update && sudo apt install wifite -y
- Wifite is pre-installed on Kali Linux. To check:
- Enable Monitor Mode:
- Identify your Wi-Fi adapter:
iwconfig
- Enable monitor mode using airmon-ng:
sudo airmon-ng start <interface>
Replace
<interface>
with your adapter name (e.g.,wlan0
).
- Identify your Wi-Fi adapter:
Task 2: Scanning for WPS Networks
- Launch Wifite:
- Start Wifite:
sudo wifite
- Start Wifite:
- Scan for Networks:
- Wifite will scan for nearby wireless networks.
- Look for networks with WPS enabled.
- Select Target:
- Choose a WPS-enabled network from the list by entering its number.
Task 3: Attacking the Target Network
- Initiate WPS Attack:
- Wifite will automatically attempt to brute-force the WPS PIN of the target network.
- Monitor the progress in the terminal.
- Capture WPA Key:
- If successful, Wifite will display the WPA passphrase for the target network.
- Example output:
[!] WPA PSK: "password123"
- Handle WPS Lock:
- If the WPS PIN attack locks the router:
- Wait for the lock to reset.
- Restart Wifite with throttled requests:
sudo wifite --wps-time 300
- If the WPS PIN attack locks the router:
Task 4: Securing WPS Networks
- Disable WPS:
- Access the router’s administrative interface and disable WPS entirely.
- Use Strong WPA2/3 Passwords:
- Ensure the network password is strong and unique.
- Update Router Firmware:
- Regularly update firmware to patch known vulnerabilities.
- Monitor for Suspicious Activity:
- Use router logs or network monitoring tools to detect unusual activity.
Best Practices
- Use Authorized Targets Only:
- Ensure you have explicit permission to test the network.
- Combine Tools for Comprehensive Testing:
- Use Wifite alongside tools like Aircrack-ng and Reaver for detailed assessments.
- Educate Users:
- Train users on securing home and enterprise networks.
- Regularly Audit Networks:
- Conduct periodic assessments to ensure networks remain secure.
Key Takeaways
- Wifite automates the exploitation of WPS vulnerabilities.
- Disabling WPS is the most effective way to secure networks against these attacks.
- Strong passwords and updated firmware enhance network security.
Troubleshooting Tips
- No Networks Detected:
- Ensure the Wi-Fi adapter is in monitor mode.
- Verify the adapter supports packet injection.
- WPS Lock Issues:
- Wait for the lock to reset and use throttled requests.
- Wifite Crashes:
- Update Wifite to the latest version:
sudo apt update && sudo apt upgrade wifite
- Update Wifite to the latest version:
By completing this lab, you now understand how to use Wifite to exploit WPS vulnerabilities and how to secure networks against such attacks.