Hack WiFi Passwords Automatically with Besside-ng on Kali Linux 2020

WiFi Passwords can be hacked using any of the many security tools out there. But in this tutorial, I will be demonstrating how to use Besside-ng, a lesser know but phenomenal tool that is part of the infamous Aircrack-ng suite of WiFi hacking tools.

Besside-ng can be used to hack ANY WiFi password when used in conjunction with a wireless network adapter capable of packet injection.

It cracks WEP encrypted WiFi networks straight-up and very easily. While for WPA and WPA2 networks, it first captures the WPA “handshake” containing the WiFi password, which is then fed to a brute-forcing tool like Aircrack-ng or Hashcat to be cracked using a password list.

This is pretty much how the other WiFi hacking tools are used to hack WiFi passwords, but Besside-ng is unique in that it is an incredibly aggressive and persistent WPA handshake mass-harvester and WEP cracker. It is also very easy to use and produces the needed results in seconds.

What You’ll Need

In order to be able to follow along this WiFi password hacking tutorial, you will need the following:

• A wireless network adapter that supports monitor mode. You can find a list of wireless cards to buy that supports monitor mode here.
• A Linux operating system. I am using Kali Linux for this tutorial, but you can also use ParrotSec or any other Linux distro.
• Aircrack-ng suite installed.

How to Hack WiFi Passwords Automatically:

Step 1: Install Besside-ng

If you have installed Kali Linux, then you most certainly will have the Aircrack-ng suite installed which bundles along Besside-ng. Otherwise, fire up a terminal window and type in the following commands to install it.

apt install aircrack-ng

Next, you want to type in the command besside-ng to confirm that you have it installed and working correctly.

Note: If you’re using Kali Linux 2020.2 and beyond, you should type sudo before you type the besside-ng command or switch to the root user on the terminal otherwise it would appear as though besside-ng is not installed.

Step 2: Connect & Identify your Attack Antenna

Plug in your wireless network adapter and type iwconfig to see the list of available antennas. Since I am doing this on a VirtualBox VM, I will attach the network card by clicking Devices > USB and then select the USB adapter.

The name of your network adapter should be something like wlan0 (for the internal adapter) and wlan1 (for the USB one you plugged in). But if you’re on a virtual machine like me, your antenna’s name would be wlan0 because it may be the only one attached.

Step 3: Scan & Attack available Targets

Besside-ng is dead simple to use. All you need to do is give it an antenna name and it would initiate a wide area WiFi attack against all wireless access points within range.

besside-ng wlan0

Besside-ng will automatically take care of putting your wireless card into monitor mode (the packet injection mode), and then scan all channels for available targets.

You will see the blazing speed at which Besside-ng goes through finding, prioritizing, and attacking all the networks.

Step 4: Automatically Crack Key of WEP WiFi Networks During an Attack

When Besside-ng is in operation and it detects a WEP network in range, it outrightly cracks the key because WEP encryption is very weak.

Besside-ng does this by collecting unique IVs to crack the WiFi network, and stores them (for as many WEP networks it finds) onto a single wep.cap file it creates on the home directory.

In another terminal window, you can run Aircrack-ng to simultaneously crack the wep.cap file using the following command.

aircrack-ng wep.cap

A list of all WEP captures by Besside-ng will be displayed.

Select the number of the target network you want Aircrack-ng to attack.

If the attack fails, Aircrack-ng will automatically attempt the attack again after every 5,000 IVs as Besside-ng captures more packets.

This will go on until the WEP encryption is broken and the WiFi key or password is obtained.

Step 5: Crack Passwords of WPA/WPA2 Encrypted WiFi Networks

Similarly to WEP, when Besside-ng is in operation, it gathers WPA handshakes into a wpa.cap file for all the WPA/WPA2 encrypted WiFi networks within range.

But unlike WEP, Besside-ng doesn’t directly crack the passwords of WPA/WPA2 WiFi networks. Once a handshake is captured, it can then be taken away and brute-forced using tools like Aircrack-ng or Hashcat to try a list of common passwords against the handshake.

When you have the WPA cap file at hand, run it through—in this case—Aircrack-ng, give it a password list, and choose the WiFi network you want to crack its password from the list of all WPA captures by Besside-ng.

Aircrack-ng will now go ahead and crack the WPA handshake for the WiFi password.

If the target was using a weak password to secure their WiFi network or using one contained in the password list used, then their WiFi password would be successfully hacked.

And judging from how people keep using shitty weak passwords, 90%-95% of captured handshakes are cracked this way successfully.

A Word of Caution

Besside-ng is a very “noisy” tool and does leave a ton of evidence. Like I mentioned before, it is a mass WPA handshake harvester that mercilessly knocks off every device off every WiFi network in range.

Using this tool in a high-density WiFi area is going to disrupt normal wireless network operations. And a well-defended target can find you out by triangulating your physical location as you are carrying out the attack.

Needless to say at this point that Besside-ng is a powerful tool and should not be used against wireless devices that you have no permission to break into.

Hope you enjoyed this tutorial, keep coming back for more hacking tutorials like this. If you have a question, you can ask me in the comments section below. And feel free to reach out to me @ojoiszy on Twitter and Instagram if you have tutorials you’ll love to see.