Here are some methods used by hackers to hack a WiFi password.
PASS WIFI is the software able to hack any WiFi password for any device. It scans and decrypts the key (wep or wpa) and show you on the screen the password.
You may also like: How to hack a Facebook account ?
This video shows you how to hack a WiFi password thanks to PASS WIFI:
You may download PASS WIFI here:
– brute-force attack: it is the one that comes to mind, but it is used as a last resort because it takes a lot of time. Indeed, this method consists in testing all the possibilities of passwords one by one by creating them with all the characters.
– attack using a list or dictionary: This method is widely used and works in more than 50% of cases, because users often choose existing words or first names.
– hybrid attack: Many users reinforce their passwords by adding, for example, the birth date of a child. The hybrid attack, will use the words of the list by adding numbers such as: paris1998.
These programs are often used in companies to test the passwords of employees. In this case, the software directly compares the result of an encrypted password, to the password also encrypted. If the result is the same, then we can consider having found the password. Those whose password is too weak or too easy to find will have to change it. For your information, here are some famous software: “L0phtCrack”, “John the Ripper”, “THC Hydra”, “Brutus” but there are many others.
If you’ve read the articles about services and ports on a server, you’ll easily understand that the exchanges between computers go through these ports. But connections also go through these ports.
There are a lot of tools that are used to scan open ports (those that the firewall allows). These ports are open for services to work and hackers will try to connect through one of these ports if it is left unintentionally or intentionally open. From the first scan, it is easy for the hacker to know what type of OS is installed (Linux, Windows, Mac…) and its version. From this information, he can try to use one of the security vulnerabilities of the concerned OS. (That’s why computers must be up-to-date: to fix security holes that are discovered every week).
Once it is connected, and if it has connected with the super-user (root under Linux, and administrator under Windows) it will have access to the whole machine (and to all servers in the network, if he has logged in with the domain administrator).
The hacker must try to leave no trace, and especially to provide a backdoor (backdoor), in case he wants to return. The hacker can return through this backdoor even if in the meantime the administrator of the network has closed the port by which the hacker had entered the first time.
To verify that you can not be hit by these attacks, do it like hackers and scan all open ports, and then:
– shut up all those who are useless,
– make sure that those that need to be open are secure.
Social engineering is a method to obtain information about the company that you want to attack, but unlike other methods, it attacks the human. The advantage of this method for hackers is that it does not necessarily require a lot of computer skills. Indeed, in computer security, the human factor is often forgotten by companies, so it is not a breach by which the pirates rush.
Social Engineering is the set of actions that will be set up to obtain confidential information or to enter a system. Here are some examples for you to better understand what it is:
A hacker may try to call the switchboard as another person in the company (if possible a very senior person, to impress the poor person at the switchboard) and try to retrieve important information.
– He may also try to impersonate someone in the IT department and ask a user for login and password.
– He could also try to pretend to be an IT provider who needs access to the network and needs to create a user account.
– Make a little charm to the person at the reception, and ask some confidential information, or try to connect to a local network.
– But the hacker wants to send an email containing an infected attachment to create a flaw to enter the system.
The list of possible scams is very long… I let you imagine a few.
In addition, there are toolboxes that allow you to use this system, take a look at “Social engineering toolkit”, including the tool “Set” that allows virtually anyone to become a hacker! This kind of tool can even recover (through fake websites such as fake Facebook) user credentials.
Social engineering is a flaw often ignored, only large companies try to train their employees to this threat.
To protect yourself from this kind of attack, you must try to understand all the mechanisms of the pirates, beware, and especially do not believe everything we are told.