How To Crack WEP In Linux
3 replies
HandsomeDon
2014/06/14 04:38
How To Crack WEP In Linux
Im using Ubutnu 8.10, but all the commands are compatible with all other Linux Distros.
1. Open terminal Sudo -s (Enter Password) apt-get install aircrack-ng (Here shows lots of cool shenanigans in verbose mood, just enjoy) Note: it might prompt you with something like "this file will take 8995kb.. do u wish to install [Y/N]" (Correct Answer Being Y for yes) Alright, you have just installed aircrack-ng on your computer, congratulations! 2. Ifconfig wlan0 down this command puts your wireless card into "monitor mode." if this line doesnt work for you, try "ifconfig ath0 down" or the connection type you are using. im going to continue using wlan0 as that applies to me, you will just replace wlan0 with your specific device code. OR iwconfig wlan0 mode monitor if neither of the above work for you. once again, depends on your computer. 3. Your goal now is to find your target, my goal is my roommates wireless router which is using WEP encryption, how convenient! first, for educational purposes, type airodump-ng into terminal, this shows all the commands airodump is capable of, very important if you want to go after something a tad different or specific We want to find the target, type airodump-ng --showack wlan0
HandsomeDon
2014/06/14 04:39We see that the target Essid is "Rob and Big" the encryption type is WEP, the BSSID number is "00:22:15:23:6E:E2", and finally the channel number is 11 you must know the enemy well if you want to hack it successfully. know that we know all this very important information, we shall begin our attack! airodump-ng -w First --showack --berlin 3000 --bssid 00:22:15:23:6E:E2 -C 11 wlan0 holy shnap! that was alot!, here is what we just did. -w ->saves all the important stuff to a file (first being the file name) --showack ->shows some cool information, idk, i like it just cause its always changing, not really necessary --berlin 3000 -> keeps the cool numbers on the screen even longer, like i said, not totally important, but defiantly looks cool! (3000 being the time the numbers are kept on the screen) --bssid ->defines to the program what bssid (the router) you want to specifically capture packets from -C -> Defines what channel the program to stay on (instead of surfing all 12, it just monitors one now) wow! amazing, tons of cool numbers pop up and entertain us! whooo hooo!
HandsomeDon
2014/06/14 04:41what is actually happening is that the program is capturing packets and saving them to the file you defined above (First) so break out a can of chef boyardee and chow away, cause its going to be awhile. You are actually wanting for the number under #Data at the time to reach ~ 10000 to 100000, the more data is being transfered over the network, the faster this will go. --Dude! that number is not going up very fast / or, very very very slow! Skip to the bottom, i will explain and how to 'fix that' -Fantastic! you have ~ 10000 packets and a full stomach, what now? you have all this information, now you need to decipher it (more commonly know as 'cracking'
KEEP THE AIRODUMP-NG TERMINAL OPEN! open a new terminal and type sudo -s (enter password) aircrack-ng -a 1 -b 00:22:15:23:6E:E2 First.cab Cool! what did i just do? aircrack-ng -> cracking program, can crack WEP and WPA passcodes -a -> Set the attack mode to WEP (2 is WPA) -b -> is the network we are attacking (the bssid is 00:22:15:23:6E:E2) First.cab -> the
KEEP THE AIRODUMP-NG TERMINAL OPEN! open a new terminal and type sudo -s (enter password) aircrack-ng -a 1 -b 00:22:15:23:6E:E2 First.cab Cool! what did i just do? aircrack-ng -> cracking program, can crack WEP and WPA passcodes -a -> Set the attack mode to WEP (2 is WPA) -b -> is the network we are attacking (the bssid is 00:22:15:23:6E:E2) First.cab -> the
HandsomeDon
2014/06/14 04:42apt-get install macchanger stop the airodump-ng from working. (i just hit ctrl+c and it stops) ifconfig wlan0 down >> the top half of the screen of the terminal of the airodump tell you the network you are gathering packets for, the bottom half lists mac addresses. important! with the picture above, im going to use the mac address 00:22:3F:7B
5:2C so, macchanger -m 00:22:3F:7B5:2C wlan0
Now, your mac address is the same as a computer already accepted by the router! oooo... aww www.. now, we get to play with a program called aireplay-ng! aireplay-ng -3 -b 00:22:15:23:6E:E2 -h 00:22:3F:7B5:2C wlan0 -What just happened? aireplay-ng works buy injecting packets into the router so u get more traffic btwn the computers. (speeds up the packet retrieval on the airodump-ng side) -3 is the attack type '00:22:3F:7B5:2C' i just explained what i did above -b is the enemy bssid '00:22:15:23:6E:E2' -h is your spoofed (faked) mac addresss '00:22:3F:7B5:2C' now, it will start injecting packets.. now start up airodump again and wait some more! airodump-ng -w First --showack --berlin 3000 --bssid 00:22:15:23:6E:E2 -C 11 wlan0 (just in case you lost it) WOW! that, is how to crack a WEP key. i hoped you enjoyed this tut.
5:2C so, macchanger -m 00:22:3F:7B5:2C wlan0
Now, your mac address is the same as a computer already accepted by the router! oooo... aww www.. now, we get to play with a program called aireplay-ng! aireplay-ng -3 -b 00:22:15:23:6E:E2 -h 00:22:3F:7B5:2C wlan0 -What just happened? aireplay-ng works buy injecting packets into the router so u get more traffic btwn the computers. (speeds up the packet retrieval on the airodump-ng side) -3 is the attack type '00:22:3F:7B5:2C' i just explained what i did above -b is the enemy bssid '00:22:15:23:6E:E2' -h is your spoofed (faked) mac addresss '00:22:3F:7B5:2C' now, it will start injecting packets.. now start up airodump again and wait some more! airodump-ng -w First --showack --berlin 3000 --bssid 00:22:15:23:6E:E2 -C 11 wlan0 (just in case you lost it) WOW! that, is how to crack a WEP key. i hoped you enjoyed this tut.
#69 Phones/PCs/Apps
For phones, computing, consoles, gadgets, & internet talk, plus share apps & other files.