Protocol WPA2-PSK (Wi-Fi Protected Access 2 with a pre-shared key) has been the standard method for securing wireless networks for over 15 years. Its security is based on an algorithm AES-CCMP, which, when properly configured, provides a high level of security. However, dozens of "guides" on how to supposedly "hack your neighbor's Wi-Fi" using protocol vulnerabilities or brute-force attacks still circulate online. Most of them are either outdated or contain dangerous half-measures that could lead to serious legal consequences.
In this article we will discuss:
- 🔍 Real-World Vulnerabilities of WPA2-PSK (including KRACK attack and weak passwords)
- ⚖️ Legal risks in Russia and other countries (articles of the Criminal Code of the Russian Federation, fines, liability)
- 🛡️ How to protect your network from similar attacks (router settings, password selection, monitoring)
- 💻 Technical limitations modern hacking methods (time, equipment, complexity)
It is important to understand: Any unauthorized access to other people's networks is a crime under Article 272 of the Criminal Code of the Russian Federation ("Unauthorized access to computer information")This article is for educational purposes only and is intended to demonstrate why hacking attempts are futile and dangerous.
1. How WPA2-PSK Security Actually Works
Protocol WPA2-PSK uses four-way handshake (4-way handshake) for authenticating devices on the network. When you connect to Wi-Fi, the router and client exchange encrypted packets, resulting in a unique PTK (Pairwise Transient Key). This key encrypts all traffic between the device and the access point.
Key security elements:
- 🔐 PMK (Pairwise Master Key) — is calculated from the network password and its SSID using the function
PBKDF2(about 4096 hashing iterations). - 🔄 4-way handshake — exchange of packets for generation
PTK(uses AES or TKIP). - 🛡️ MIC (Message Integrity Code) — protects packages from counterfeiting.
Theoretically, to “crack” WPA2-PSK, you need to either:
- Intercept
handshakeand guess the password using brute force. - Exploit vulnerabilities in protocol implementation (e.g. KRACK).
- Use social engineering (phishing, fake access points).
⚠️ Attention: Modern routers (for example, ASUS RT-AX88U, TP-Link Archer C5400) support protection against brute-force attacks by blocking devices after several unsuccessful connection attempts. This makes password guessing virtually useless.
2. Myths about "easy" Wi-Fi hacking
The internet is full of “instructions” promising to hack Wi-Fi in 5 minutes using Kali Linux or mobile apps like Wifi WPS WPA TesterLet's figure out why this doesn't work:
| Myth | Reality |
|---|---|
| "You can hack any Wi-Fi using Aircrack-ng» | Aircrack-ng Brute-force passwords using a dictionary. With a complex password (12+ characters, mixed case, numbers), the chances are close to zero. On a modern GPU, brute-forcing would take years. |
| WPS vulnerability allows password bypass | WPS (Wi-Fi Protected Setup) actually had a critical vulnerability (Pixie Dust), but since 2014 all serious manufacturers have disabled it by default. |
| Mobile apps hack Wi-Fi | Apps like Wifi Master Key They use databases of open access points (hotels, cafes) or password leaks. They do not crack WPA2-PSK. |
| "The KRACK attack breaks any WPA2" | KRACK (Key Reinstallation Attack) allows traffic to be decrypted but the password cannot be discovered. The vulnerability has been fixed in firmware updates since 2017. |
Another popular myth is that "neighbors use a simple password." Even if this is true, modern routers limit the number of connection attempts, and ISPs can block MAC addresses after suspicious activity.
3. Technical Methods of Attacking WPA2-PSK (and Why They Don't Work)
Let's look at real attack vectors and their limitations:
3.1. Handshake interception and brute force
Algorithm:
- Launch
airodump-ngto scan networks. - Select the target and wait for the client to connect (or force it to disconnect using
aireplay-ng --deauth). - Intercept
handshake(4 packages:Auth,Assoc Req,Assoc Resp,EAPOL). - Launch
aircrack-ngwith a password dictionary.
Problems:
- 🕒 Time: For a password of 12 characters (a-z, A-Z, 0-9) you will need hundreds of years even on a top-end GPU (NVIDIA RTX 4090).
- 🔌 Energy: Overkill consumes a huge amount of electricity (the electricity bill will exceed the cost of the Internet).
- 🚨 Detection: Modern IDS systems (eg Snort) Detect deauthentication and brute force.
3.2. Dictionary Attack (Rainbow Tables)
Rainbow Tables — these are pre-computed password hashes. For WPA2-PSK, they are practically useless because:
- 🔑 SSID affects hash: Same password in networks with different SSID will give different
PMK. - 📦 Table size: For 8-character passwords you will need petabytes data.
3.3. Exploitation of vulnerabilities (KRACK, Dragonblood)
Vulnerabilities like KRACK (CVE-2017-13077) or Dragonblood (in WPA3) theoretically allow traffic to be decrypted, but:
- 🔄 Most devices received patches back in 2017–2019.
- 🛡️ The attack requires physical proximity to the target and does not provide access to the password.
- 📡 Modern routers (for example, MikroTik RB4011) support WPA3-SAE, which is resistant to such attacks.
Details of the KRACK attack
The vulnerability is related to reuse nonce In a 4-way handshake, the attacker can nullify the encryption key and intercept traffic, but this requires being within range of the network and waiting for the victim to connect. In real-world situations, this is extremely difficult to achieve without detection.
4. Legal consequences in Russia and other countries
In the Russian Federation, unauthorized access to other people's networks is punishable under several articles:
| Article of the Criminal Code of the Russian Federation | Description | Punishment |
|---|---|---|
| Art. 272 | Unauthorized access to computer information | A fine of up to 200,000 rubles or imprisonment for up to 2 years. |
| Art. 273 | Creation, use and distribution of malware | A fine of up to 500,000 rubles or imprisonment for up to 4 years. |
| Art. 138 | Violation of privacy of correspondence (if traffic is intercepted) | A fine of up to 80,000 rubles or community service. |
Case study: In 2021, a student in Moscow was convicted of hacking his neighbor's Wi-Fi to download movies. He was fined 100,000 rubles and given a suspended sentence. The case was opened following a complaint from the provider, which had detected suspicious activity.
In other countries:
- 🇺🇸 USA: By Computer Fraud and Abuse Act (CFAA) — a fine of up to $250,000 or 10 years in prison.
- 🇪🇺 EU: Directive EU Network and Information Security (NIS) provides for fines of up to 2% of the company's annual income (for individuals - up to €50,000).
- 🇨🇳 China: Up to 7 years of imprisonment under Article 285 of the Criminal Code of the People's Republic of China.
⚠️ Attention: Even if you were "simply testing" your network, intercepting your neighbors' traffic could be considered a crime. Use only your own devices for testing in an isolated environment.
5. How to really protect your network from attacks
If you're concerned that your Wi-Fi might be hacked, follow these tips:
☑️ Wi-Fi Security
1. Updating the router firmware
Manufacturers regularly release patches for vulnerabilities. For example, in 2023, critical bugs in routers were fixed. TP-Link (CVE-2023-1389) and Netgear (CVE-2023-27361). Check the firmware version in the admin panel (192.168.1.1 or 192.168.0.1).
2. Setting up a password
Ideal password for WPA2-PSK:
- 🔢 Length: 15+ characters (minimum 12).
- 🔤 Combination: uppercase, lowercase letters, numbers, special characters (
!@#$%). - 🚫 Exclude: names, dates of birth, dictionary words.
Example of a strong password: 7x#pL9$kQ2!vR5*t.
3. Additional measures
- 🔄 Guest network: Separate your main and guest networks to restrict access to local devices.
- 📵 MAC filtering: Ineffective (MAC is easy to forge), but will make mass attacks more difficult.
- 🕒 Wi-Fi operating hours: Turn off the network at night when no one is using it.
4. Monitoring connected devices
In the router panel (DHCP Clients List) check the list of connected gadgets. Unknown MAC addresses may indicate unauthorized access. Examples:
Device 1: 00:1A:2B:3C:4D:5E (Your laptop)
Device 2: A4:B1:C2:D3:E4:F5 (Unknown!) → cause for concern
6. Alternatives to Hacking: Legal Ways to Get Internet Access
If you urgently need internet access, consider these options:
- 📶 Mobile Internet: Tariffs with unlimited traffic (for example, Tele2 "My Online" or MTS "Everything for Our Own") cost from 300–500 rubles/month.
- 🏢 Public Wi-Fi: Cafes, libraries, and shopping centers often have free access. Use VPN (For example, ProtonVPN) for safety.
- 🤝 Agreement with neighbors: Many agree to share the password for a nominal fee or mutual assistance.
- 📡 Satellite Internet: Starlink offers plans starting from 2,000 rubles/month with no traffic limits.
Cost of hacking equipment (adapter) Alfa AWUS1900 (8,000 rubles for a PC, 150,000 rubles for a powerful PC) is many times higher than the price of a legal connection. Moreover, the risk of being caught and fined is extremely high.
⚠️ Attention: Some "hacker" Telegram channels offer "Wi-Fi hacking services" for 500-1000 rubles. This is a scam: either they'll sell you outdated instructions, or you'll become a victim of extortion (after the "hack," they'll demand an additional fee).
7. Frequently Asked Questions (FAQ)
❓ Is it possible to hack WPA2-PSK if you know the router's MAC address?
No. MAC address It's used only to identify devices on the network and doesn't affect encryption. Knowing the MAC address doesn't help you crack the password or decrypt traffic. The most you can do is replace your MAC address with someone else's, but this won't allow access without the correct password.
❓ Why do apps like Wifi Master Key show passwords for some networks?
These apps use databases of open access points (hotels, restaurants, airports), where passwords are publicly distributed. They don't crack WPA2-PSK, but simply store known combinations. For example, on the network "Starbucks_WiFi" The password is often standard: coffee123.
❓ What happens if I just connect to an open network without a password?
Connecting to open network (without WPA2) is not a crime, but:
- The network owner can track your MAC address and file a complaint with the provider.
- Your traffic will be unencrypted — attackers can intercept logins/passwords.
- In some countries (such as Germany), even using someone else's open network can be considered an offense.
We recommend using VPN (For example, Windscribe or Mullvad) when connecting to public networks.
❓ Is it legal to test your Wi-Fi security?
Yes, but only on on your equipment and in compliance with the law. For testing, use:
- 🔧 Kali Linux in a virtual machine (VirtualBox).
- 📡 Specialized tools:
wifite,reaver(only for auditing your networks!). - 📖 Certification: Ethical Hacking Courses (CEH, OSCP) teach legal testing methods.
Important: Do not test other people's networks without the owner's written permission - this is illegal.
❓ Which routers are the most secure against hacking?
Top 5 Routers with the Best Security (2026):
- ASUS RT-AX86U — WPA3 support, AiProtection (attack blocking).
- Netgear Nighthawk RAXE500 — AES hardware acceleration, automatic firmware update.
- MikroTik RB5009 — flexible firewall settings, VPN support.
- TP-Link Archer AX11000 — DDoS protection, parental control.
- Ubiquiti UniFi Dream Machine Pro — professional level of security, integration with SIEM.
Even the most secure router is vulnerable if a weak password or outdated firmware is used.