Crack WPA / WPA2-PSK with WiFiBroot

In this guide, we will look at a different method for breaking networks WPA/WPA2 with an open source python script, wifibroot.

Read also: Crack WPA2-PSK with Aircrack (dictionary method)

WifiBroot is a tool that helps you to break the wireless networks that use WPA and WPA2-PSK and is still under development.

WifiBroot Features - 

  • Easy hacking of WPA and WPA2 wireless networks
  • Built-in wireless Sniffer
  • Native package handling
  • Supports Verbose (–verbose) function
  • Save handshakes to a separate directory (No need to download over and over again for the same network)
  • Auto-detect EAPOL EAPOL and Auto-dissociation frames
  • Classification of clinets according to their reported strength

Installation of WifiBroot

You can use the WifiBroot tool with the help of git by typing the following command:

Command: git clone

WiFiBroot depends heavily on scapy . So, you will need a scapy installed. Almost every other library will probably already be installed on your system. To install scapy, you can use the following command:

Command: sudo pip install scapy

Before running WifiBroot, make sure your wireless interface (wlan0) is in monitoring mode (wlan0mon), which you can easily do with the command  . So in our case, it's the wlan0mon that we will use in further commands later.

To run wifibroot, type the following command:

Command: python -i wlan0mon –verbose -d /usr/share/wordlists/rockyou.txt


  • -i sets for wireless screen interface,
  • -d specifies the path to the dictionary file,
  • - overbose for verbose output that also prints hashes values ​​at the end of the process.

For more information, you can type directly " python wifiroot –help "

If you did not specify a dictionary path, then the tool has its own built-in dictionary located in /dicts/list.txt and works normally.

This tool will automatically scan all nearby wireless networks and print all the required information such as ESSID (Wireless network name), BSSID (Wireless Mac Address), Channel (No1 to 13), Encryption type (WEP, WPA or WPA2) and PWR (in dbm) value.

Based on your selection, (Press CTRL + C to stop monitoring) and just select the wireless network from the list you want to break as shown below:

So here, we chose (1) whose ESSID is "XXX" and BSSID is "0E: 9D: 92: F1: CE: 22".

After that, it will automatically search for all connected clients to download handshakes and the script will check them by default for 20 seconds. You can further set the timeout option to check clients with  .

Its the best feature WifiBroot is that, the script will automatically arrange all connected clients based on the range indicated by the interface, which increases the chances of creating a handshake in less time.

The verbose function will show you the live packages as soon as they are captured and will print the hexdumps from the calculated hashes. The hashes will include, PMK (Pairwise Master Key) , PTK (Pairwise Transient Key) in the upcoming years, while MIC (Message Integrity Code) .

To crack the code s, there is a built-in dictionary in the folder dicts which contains some of the most "stupid" passwords. Other than that, the wifiroot also checks the default passwords that increase the reliability of finding the correct hash.

At this stage, you can also enter your own dictionary or comma-separated string in -p such as  -p "password1, password2, password3".

Once it has identified all the connected clients, it will automatically send the signal death to all clients one by one, until they create a successful handshake.

After successfully creating the handshake, the script will automatically try to make bruteforce based on the dictionary value and will show you the password as normal text along with some calculated Hash values ​​(PMK, KCK and MIC) as shown below:

All handshakes for a specific wireless network will be stored in a separate directory, which in the future will not request the creation of new handshakes, as shown below: The Best Technology Site in Greecefgns

Subscribe to Blog by Email

Subscribe to this blog and receive notifications of new posts by email.

Written by Anastasis Vasileiadis

Translations are like women. When they are beautiful they are not faithful and when they are faithful they are not beautiful.

One Comment

Leave a Reply

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).