Fern WiFi cracker, The name says about it. It's a GUI based WiFi security auditing tool that written on Python. Fern WiFi cracker can crack and recover WEP/WPA/WPS keys and also run other network based attacks on wireless or Ethernet based networks. Fern created by Saviour Emmanuel Ekiko.
Here we discuss on the basics without diving deeper technological terms. We know that when we connect our device to a new protected WiFI we need the password. But from the second time we don't need the the password, Why? Because the password stored in our device for that WiFi network. It stores the hash value of password (not the plain text).
When we try to connect for second time the device sends the password in hash format to the WiFi router and asks to connect (handshake). The router checks everything is correct and allow it to connect.
This tool sends de-authentication packets to the router using our special WiFi adapter.(That's why we need a WiFi router that supports packet injection). For the de-authentication packets all the connected devices with the router got disconnected and as we know after this those disconnected devices again try to connect with the target router.
Whenever the devices try to connect with the router our fern tool will catch the handshake file with the password hashes.
Now these passwords are encrypted and we need a list of password and our tool with match this hash one by one from our given passwordlist (wordlist or dictionary file). This is brute-force attack. If the password will be in our list then we can get it easily. Bigger size of wordlists can increase provide us higher success rate. Come on almost everyone uses common passwords, because these kind of passwords are easy to remember.
When we click on the "Attack" button it starts sending de-authentication packets to the Wi-Fi network. Then "Fern WiFi cracker" starts to crack the password from our given wordlist.
The total process requires at least one active WiFi user on the network otherwise we don't get the handshake file.
Fern WiFi cracker spoofs our Mac address so attacker's devices original identity will be hidden. To know more about Mac spoofing read our this article.
----------------
Fern WiFi cracker comes pre-installed with Kali Linux latest full version. We can run it from the Kali Linux application menu Wireless Attacks > fern wifi cracker.
Here we discuss on the basics without diving deeper technological terms. We know that when we connect our device to a new protected WiFI we need the password. But from the second time we don't need the the password, Why? Because the password stored in our device for that WiFi network. It stores the hash value of password (not the plain text).
When we try to connect for second time the device sends the password in hash format to the WiFi router and asks to connect (handshake). The router checks everything is correct and allow it to connect.
This tool sends de-authentication packets to the router using our special WiFi adapter.(That's why we need a WiFi router that supports packet injection). For the de-authentication packets all the connected devices with the router got disconnected and as we know after this those disconnected devices again try to connect with the target router.
Whenever the devices try to connect with the router our fern tool will catch the handshake file with the password hashes.
Now these passwords are encrypted and we need a list of password and our tool with match this hash one by one from our given passwordlist (wordlist or dictionary file). This is brute-force attack. If the password will be in our list then we can get it easily. Bigger size of wordlists can increase provide us higher success rate. Come on almost everyone uses common passwords, because these kind of passwords are easy to remember.
When we click on the "Attack" button it starts sending de-authentication packets to the Wi-Fi network. Then "Fern WiFi cracker" starts to crack the password from our given wordlist.
The total process requires at least one active WiFi user on the network otherwise we don't get the handshake file.
Fern WiFi cracker spoofs our Mac address so attacker's devices original identity will be hidden. To know more about Mac spoofing read our this article.
----------------
Fern WiFi cracker comes pre-installed with Kali Linux latest full version. We can run it from the Kali Linux application menu Wireless Attacks > fern wifi cracker.