PDF download Download Article
Tips & tricks to crack your own wifi & test its security
PDF download Download Article

Do you want to test your network security? It used to be that you needed a desktop OS such as Windows or Linux installed on a computer with a specific wireless network card. Now, however, you can also use certain Android devices to scan and crack wireless networks. These tools are available for free as long as your device is compatible. Hacking routers without permission is illegal. These steps are provided to test the security of your own network.

Hacking Wi-Fi with an Android Device

  • Root your Android device and install bcmon.
  • Run bcmon and start scanning your network.
  • Let the program run until it cracks the password; this can take several hours.
Method 1
Method 1 of 2:

WEP Routers

PDF download Download Article
  1. Root a compatible device . Not every Android phone or tablet will be able to crack a WPS PIN. The device must have a Broadcom bcm4329 or bcm4330 wireless chipset and must be rooted. The Cyanogen ROM will provide the best chance of success. Some of the known supported devices include:
    • Nexus 7
    • Galaxy S1/S2/ S3 / S4 / S5
    • Galaxy y
    • Nexus One
    • Desire HD
    • Micromax A67
  2. This tool enables Monitor Mode on your Broadcom chipset, which is essential for being able to crack the PIN. The bcmon APK file is available for free from the bcmon page on the Google Code website. [1]
    Advertisement
  3. After installing the APK file, run the app. If prompted, install the firmware and tools. Tap the "Enable Monitor Mode" option. If the app crashes, open it and try again. If it fails for the third time, your device is most likely not supported.
    • Your device must be rooted in order to run bcmon.
  4. This will launch a terminal similar to most Linux terminals.Type airodump-ng and tap the Enter button. AIrdump will load, and you will be taken to the command prompt again. Type airodump-ng wlan0 and tap the Enter button.
  5. You will see a list of available access points. You must select an access point that is using WEP encryption.
  6. This is the MAC address for the router. Make sure that you have the right one if there are multiple routers listed. Jot this MAC address down.
    • Also note the Channel that the access point is broadcasting on.
  7. You will need to collect information from the access point for several hours before you can attempt to crack the password. Type airodump-ng -c channel# --bssid MAC address -w output ath0 and tap Enter. [2] Airodump will begin scanning. You can leave the device for a while as it scans for information. Be sure to plug it in if you are running low on battery.
    • Replace channel# with the channel number the access point is broadcasting on (e.g. 6).
    • Replace MAC address with the MAC address of the router (e.g 00:0a:95:9d:68:16)
    • Keep scanning until you reach at least 20,000-30,000 packets.
  8. Once you have a suitable number of packets, you can start attempting to crack the password. Return to the terminal and type aircrack-ng output*.cap and tap Enter. [3]
  9. After the cracking process is complete (which could take several hours), the message Key Found! will appear, followed by the key in the hexadecimal form. Make sure that "Probability" is 100% or the key will not work. [4]
    • When you enter the key, enter it without the ":". For example, if the key was 12:34:56:78:90, you would enter 1234567890 .
  10. Advertisement
Method 2
Method 2 of 2:

WPA2 WPS Routers

PDF download Download Article
  1. Not every Android phone or tablet will be able to crack a WPS PIN. The device must have a Broadcom bcm4329 or bcm4330 wireless chipset and must be rooted. The Cyanogen ROM will provide the best chance of success. Some of the known supported devices include:
    • Nexus 7
    • Galaxy Ace/S1/S2/S3
    • Nexus One
    • Desire HD
  2. This tool enables Monitor Mode on your Broadcom chipset, which is essential for being able to crack the PIN. The bcmon APK file is available for free from the bcmon page on the Google Code website. [5]
    • To install an APK file, you will need to allow installation from unknown sources in your Security menu.
  3. After installing the APK file, run the app. If prompted, install the firmware and tools. Tap the "Enable Monitor Mode" option. If the app crashes, open it and try again. If it fails for the third time, your device is most likely not supported.
    • Your device must be rooted in order to run bcmon.
  4. Reaver is a program developed to crack the WPS PIN in order to retrieve the WPA2 passphrase. The Reaver APK can be downloaded from the developers' thread on the XDA-developers forums. [6]
  5. Tap the Reaver for Android icon in your App drawer. After confirming that you are not using it for illegal purposes, Reaver will scan for available access points. Tap the access point you want to crack to continue.
    • You may need to verify Monitor Mode before proceeding. If this is the case, bcmon will open again.
    • The access point you select must accept WPS authentication. Not all routers support this.
  6. In most cases you can leave the settings that appear at their default. Make sure that the "Automatic advanced settings" box is checked.
  7. Tap the "Start attack" button at the bottom of the Reaver Settings menu. The monitor will open and you will see the results of the ongoing crack displayed.
    • Cracking WPS can take anywhere from 2-10+ hours to complete, and it is not always successful. [7]
  8. Advertisement

Community Q&A

Search
Add New Question
  • Question
    What is the best app to use to root an Android?
    Community Answer
    Kingroot; download it directly at kingroot.net. The file should be in APK format.
  • Question
    Could I get caught while I am hacking someone else's Wi-Fi?
    Community Answer
    Not only you could get caught, but you could also get in some serious trouble if the Wi-Fi owner finds out and reports it.
  • Question
    What should I do if I can't enable WiFi when I enable monitor mode?
    Community Answer
    This is normal, as you only have one network chip, and it can only do one thing at a time. Simply turn off monitor mode after finding the WiFi password.
See more answers
Ask a Question
      Advertisement

      Warnings

      • Hacking a router you are not authorized to access is illegal.
      • In U.S and U.K, where hacking WiFi connections is considered illegal, causing anyone getting involved in these activities to be fined or arrested.
      Advertisement

      Tips

      • A person hacking a WiFi router can not be prosecuted under the prevailing law of computer hacking (Netherlands), because a WiFi router does not fit into the computer definition dictated by the law in the Netherlands.
      Submit a Tip
      All tip submissions are carefully reviewed before being published
      Name
      Please provide your name and last initial
      Thanks for submitting a tip for review!
      Advertisement

      About This Article

      Thanks to all authors for creating a page that has been read 4,210,359 times.

      Reader Success Stories

      • Anonymous

        Aug 24, 2016

        "The step-by-step guide with pictures is more than adequate for anyone either researching or attempting this. ..." more
      Share your story

      Is this article up to date?

      Advertisement