Kali Linuxis a security-focused operating system you could run off a CD or USB drive, anywhere.
With its security toolkit you might crack Wi-Fi passwords, create fake networks, and test other vulnerabilities.
Here’s how to use it to give your own a data pipe a security checkup.
Check out our evil week tag page.
Kali Linux is packed with a ton of software for testing security holes in your data pipe.
Remember: use these powers for good, not for evil.
Step One: Configure Your Wireless Card
First things first: disconnect from all wireless networks.
Then open up terminal.
to make it use Aircrack, you’ll need a wireless card that supports injections.
If you card doesn’t support injections, it won’t show up here.
Yours is likely listed under interface as wlan0, but it may depend on your machine.
Next, throw in in:
Replacewlan0with your card’s interface address.
You should get a message back saying that monitor mode was enabled.
throw in in:
You’ll see all the networks in your area.
Tap Ctrl+C to stop the process.
You should see four files pop up on the desktop.
Don’t worry about those now; you’ll need one of them later.
In this case, just open up a unit you own and connect to your Wi-Fi.
You should see it pop up as a new station.
Make a note of the station number, because you’ll need that in the next step.
Leave Airodump running and open up a new tab in Terminal.
Hop back over to the Airodump tab and you’ll see a new number listed after WPA Handshake.
If it does, you’ll get a message saying the key was found with the password.
If not, give another one of the password lists a try until you find one that works.
Depending on how good your password is, it either took you five minutes or five hours.
The best protection here is agood, strong passwordon your router.
The longer, weirder, and more complex it is, the better.
Likewise, verify you’re using the WPA2 security protocol and you don’t have WPS enabled.
This is amazingly easy to do with a tool in Kali Linux called Airbase.
Just like last time, you gotta set up your wireless card to monitor traffic.
Open up Terminal and punch in:
This lists all the wireless cards that support this crack.
Yours is likely listed under interface as wlan0.
Now you’re in monitor mode.
It’s time to find the online grid you want to spoof.
So, throw in in:
You’ll see all the networks in your area.
This is the router you’re going to spoof.
Tap Ctrl+C to stop the process.
It shouldn’t do any damage to the card as long as you don’t go higher than 27.
Once they do, it’ll be just like you’re both on the same data pipe.
That means you’re free to access whatever they’re doing pretty easily.
Here, you’ll intercept connection signals between a computer and a router without the computer realizing it.
We’ve shown you how to dopacket sniffingand today we’ll use ARP spoofing to gather this information.
Both sniffing spoofing are about listening in on conversations, but they work a little differently.
Sniffing captures traffic by monitoring a web link, spoofing pretends to be that web link.
key in this into the command line:
This will ensure all information is forwarded after it’s intercepted.
This tricks the computer and the router into thinking that your Wi-Fi adapter is a bridge.
When you successfully spoof, it’s possible for you to monitor all traffic between the devices.
If you’re more interested in images, you might capture any image traffic as well.
That said, turning on afirewall on your machinehelps as well.
Also, see to it you’re always usingHTTPS when it’s available.
When HTTPS is on, an ARP spoofer won’t capture anything you’re doing.
This is especially important when you’re on public Wi-Fi and can’t control a online grid’s security.
