If you haven’t enabled root logins in Kali and are using KDE or GNOME, run sudo apt install kali-root-login at the prompt. [1] X Research source Once installed, you can set a root password by running sudo password (no username) and entering a new root password. At that point, you can log in to the desktop as root.
In most cases, simply attaching the card to your computer will be enough to set it up. Check the instructions for your Wi-Fi card to be sure. If you’re not sure if your Wi-Fi card supports monitoring, it doesn’t hurt to try these next few steps.
If you don’t see an interface name, your Wi-Fi card doesn’t support monitoring.
If you see a message that says “Found processes that could cause trouble,” run airmon-ng check kill to kill them.
Make sure the router is using WPA or WPA2 security. If you see “WPA” or “WPA2” in the “ENC” column, you can proceed.
airodump-ng -c number –bssid xx:xx:xx:xx:xx:xx -w /root/Desktop/ mon0 Replace the word number with the channel number you saw, and the xx:xx:xx:xx:xx:xx with the BSSID. As long as this command stays running, you’ll be monitoring for all connections and new handshakes.
If you already see a line with the tag “WPA handshake:” followed by a MAC address in the output of the airodump-ng command, skip to Step 5—you have what you need to crack the password and don’t need to send deauth packets. Remember—use these tools for ethical purposes only.
This command will send 2 deauth packets to disconnect the client from the network. [2] X Research source Don’t try to send more than this—sending too many packets could prevent the client from reconnecting and generating the handshake. As long as you’re close enough to the target client, they’ll be disconnected from the router and forced to reconnect with a handshake. If this doesn’t work, move closer to the client. As soon as the client reconnects, all of the information you’ll need to crack the password will be available.
You won’t be able to crack the password if it’s not in the wordlist. You can always try one of the other wordlists if rockyou. txt doesn’t crack the password.
Depending on the strength of the password and the speed of your CPU, this process can take anywhere from a few hours to a few days. If you’re cracking static WEP key network instead of a WPA/WPA2-PSK network, replace -a2 with -a1. [4] X Research source