How to Hack Wi-Fi WPS PIN to Get the Password with Bully

Step 1: Fire Up Kali

Let’s start by firing our favorite hacking Linux distribution, Kali. Then open a terminal that looks like this:


To make certain we have some wireless connections and their designation, we can type:

  • kali > iwconfig

As we can see, this system has a wireless connection designated wlan0. Yours may be different, so make certain to check.

Step 2: Put Your Wi-Fi Adapter in Monitor Mode

The next step is to put your Wi-Fi adapter in monitor mode. This is similar to promiscuous mode on a wired connection. In other words, it enables us to see all the packets passing through the air past our wireless adapter. We can use one of the tools from the Aircrack-ng suite, Airmon-ng, to accomplish this task.

  • kali > airmon-ng start wlan0


Next, we need to use Airdump-ng to see the info on the wireless AP around us.

  • kali > airdump-ng mon0

As you can see, there are several APs visible to us. I’m interested in the first one: “Mandela2.” We will need its BSSID (MAC address), its channel, and its SSID to be able to crack its WPS PIN.

Step 3: Use Airdump-Ng to Get the Necessary Info

Finally, all we need to do is to put this info into our Bully command.

  • kali > bully mon0 -b 00:25:9C:97:4F:48 -e Mandela2 -c 9

Let’s break down that command to see what’s happening.

  • mon0is the name of the wireless adapter in monitor mode.
  • –b 00:25:9C:97:4F:48is the BSSID of the vulnerable AP.
  • -e Mandela2is the SSID of the AP.
  • -c 9is the channel the AP is broadcasting on.

All of this information is available in the screen above with Airdump-ng.

Step 4: Start Bully

When we hit enter, Bully will start to try to crack the WPS PIN.


Now, if this AP is vulnerable to this attack, bully will spit out the WPS PIN and the AP password within 1 to 2 hours.



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s