Wep Crack.ps

7/27/2019 Wep Crack.ps

http://slidepdf.com/reader/full/wep-crackps 1/8

WI-FI

How to Crack a Wi-FiNetwork’s WEP Password with BackTrack

You already know that if you want to lock

down your Wi-Fi network, you should opt for

WPA encryption because WEP is easy to

crack. But did you know how easy? Take a

look.

If the network you want to test is running

the more popular WPA encryption, see our guide to cracking a Wi-Fi network's WPA password

with Reaver instead.

Today we're going to run down, step-by-step, how to crack a Wi-Fi network with WEP security

turned on. But first, a word: Knowledge is power, but power doesn't mean you should be a jerk,

or do anything illegal. Knowing how to pick a lock doesn't make you a thief. Consider this post

educational, or a proof-of-concept intellectual exercise.

Dozens of tutorials on how to crack WEP are already all over the internet using this method.

Seriously—Google it. This ain't what you'd call "news." But what is surprising is that someone

like me, with minimal networking experience, can get this done with free software and a cheap

Wi-Fi adapter. Here's how it goes.

What You'll Need

Unless you're a computer security and networking ninja, chances

are you don't have all the tools on hand to get this job done. Here's

what you'll need:

A compatible wireless adapter—This is the biggest

requirement. You'll need a wireless adapter that's capable of packet

injection, and chances are the one in your computer is not. After

consulting with my friendly neighborhood security expert, I

purchased an Alfa AWUS050NH USB adapter, pictured here, and it

set me back about $50 on Amazon. Update: Don't do what I did.

Get the Alfa AWUS036H, not the US050NH, instead. The guy in

OCT 28, 2011 9:30 AMBY GINA TRAPANI

3,603,269 467

Like351766 likes. Sign Up to see what

your friends like.

FOLLOW LIFEHACKER

3kLike

TOP STORIES

to Crack a Wi-Fi Network's WEP Password with BackTrack http://lifehacker.com/5305094/how-to-crack-a-wi+fi-networks-w

01/12/2012 0



below is using a $12 model he bought on Ebay (and is even selling his router of

plenty of resources on getting aircrack-compatible adapters out there.

A BackTrack 3 Live CD. We already took you on a full screenshot tour of how to install

and use BackTrack 3, the Linux Live CD that lets you do all sorts of security testing and

tasks. Download yourself a copy of the CD and burn it, or load it up in VMware to get

started. (I tried the BackTrack 4 pre-release, and it didn't work as well as BT3. Do yourself a

favor and stick with BackTrack 3 for now.)

A nearby WEP-enabled Wi-Fi network. The signal should be strong and ideally people

are using it, connecting and disconnecting their devices from it. The more use it gets while

you collect the data you need to run your crack, the better your chances of success.

Patience with the command line. This is an ten-step process that requires typing in

long, arcane commands and waiting around for your Wi-Fi card to collect data in order to

crack the password. Like the doctor said to the short person, be a little patient.

Crack That WEP

To crack WEP, you'll need to launch Konsole, BackTrack's built-in command line. It's right there

on the taskbar in the lower left corner, second button to the right. Now, the commands.

First run the following to get a list of your network interfaces:

airmon-ng

The only one I've got there is labeled ra0. Yours may be different; take note of the label and

write it down. From here on in, substitute it in everywhere a command includes (interface).

Now, run the following four commands. See the output that I got for them in the screenshot

below.

airmon-ng stop (interface)

ifconfig (interface) down

macchanger --mac 00:11:22:33:44:55 (interface)

airmon-ng start (interface)

TIPS AND DOWNLOADS FOR

GETTING THINGS DONE

LOGIN

MOST POPULAR25,034CURRENTLY READING

883ARDUINO

How to Start Making Your OwElectronics with Arduino andOther People’s Code

712WINDOWS DOWN

Amazon’s Send toKindle App Makes SendingDocuments to Your Kindle asEasy as Right-Clicking

…

589INFOGRAPHICS

The Best Tech-Friendly Airpoand Airlines

568ASK LIFEHACKER

How Can I Protect MyComputers and Data WhenSomeone Else Is Using MyNetwork?

472ASK LIFEHACKER

How Often Should I ChargeGadget’s Battery to Prolong ItLifespan?

379CROWDHACKER

Is There an Easy Way toMeasure the Height of a Tree

MORE STORIES...


01/12/2012 0



If you don't get the same results from these

commands as pictured here, most likely your

network adapter won't work with this

particular crack. If you do, you've

successfully "faked" a new MAC address on

your network interface, 00:11:22:33:44:55.

airodump-ng (interface)

To see a list of wireless networks around you. When you see the one you want, hit Ctrl+C to stop

the list. Highlight the row pertaining to the network of interest, and take note of two things: its

BSSID and its channel (in the column labeled CH), as pictured below. Obviously the network you

want to crack should have WEP encryption (in the ENC) column, not WPA or anything else.

Like I said, hit Ctrl+C to stop this listing. (I

had to do this once or twice to find the

network I was looking for.) Once you've got

it, highlight the BSSID and copy it to your

clipboard for reuse in the upcoming

commands.

Now we're going to watch what's going on with that network you chose and capture that

information to a file. Run:

airodump-ng -c (channel) -w (file name) --bssid (bssid)

(interface)

Where (channel) is your network's channel, and (bssid) is the BSSID you just copied to

clipboard. You can use the Shift+Insert key combination to paste it into the command. Enter

anything descriptive for (file name). I chose "yoyo," which is the network's name I'm cracking.

You'll get output like what's in the window in the background pictured below. Leave that one be.

Open a new Konsole window in the foreground, and enter this command:

aireplay-ng -1 0 -a (bssid) -h 00:11:22:33:44:55 -e (essid)


GETTING THINGS DONE

LOGIN


883ARDUINO


712WINDOWS DOWN


…

589INFOGRAPHICS


568ASK LIFEHACKER


472ASK LIFEHACKER


379CROWDHACKER


MORE STORIES...


01/12/2012 0



(interface)

Here the ESSID is the access point's SSID name, which in my case is yoyo. What you want to get

after this command is the reassuring "Association successful" message with that smiley face.

You're almost there. Now it's time for:

aireplay-ng -3 -b (bssid) -h

00:11:22:33:44:55 (interface)

Here we're creating router traffic to capture

more throughput faster to speed up our

crack. After a few minutes, that front window

will start going crazy with read/write

packets. (Also, I was unable to surf the web

with the yoyo network on a separate

computer while this was going on.) Here's the part where you might have to grab yourself a cup

of coffee or take a walk. Basically you want to wait until enough data has been collected to run

your crack. Watch the number in the "#Data" column—you want it to go above 10,000. (Pictured

below it's only at 854.)

Depending on the power of your network (mine is inexplicably low at -32 in that screenshot,even though the yoyo AP was in the same room as my adapter), this process could take some

time. Wait until that #Data goes over 10k, though—because the crack won't work if it doesn't. In

fact, you may need more than 10k, though that seems to be a working threshold for many.

Once you've collected enough data, it's the moment of truth. Launch a third Konsole window and

run the following to crack that data you've collected:

aircrack-ng -b (bssid) (file name-01.cap)

Here the filename should be whatever you entered above for (file name). You can browse to your

Home directory to see it; it's the one with .cap as the extension.

If you didn't get enough data, aircrack will fail and tell you to try again with more. If it succeeds,

it will look like this:


GETTING THINGS DONE

LOGIN


883ARDUINO


712WINDOWS DOWN


…

589INFOGRAPHICS


568ASK LIFEHACKER


472ASK LIFEHACKER


379CROWDHACKER


MORE STORIES...


01/12/2012 0



FEATURED ALL START A NEW THREADDISCUSSION THREADS

Contact Gina Trapani: COMMENT

RELATED STORIES

The Best Tech-Friendly Airports and Airlines

How to Crack a Wi-Fi Network's WPA Password with Reaver

If You Don't Need LTE, Motorola's Taking Wi-Fi Xyboard Pre-Orders and Shipping in Two Weeks GIZMODO

Download Password Manager

Never Forget Your Passwords Again. Over 50 Million Downloads To Date!www.RoboForm.com/PasswordManager

The WEP key appears next to "KEY

FOUND." Drop the colons and enter it to log

onto the network.

With this article I set out to prove that cracking WEP is a relatively "easy" process for someone

determined and willing to get the hardware and software going. I still think that's true, but

unlike the guy in the video below, I had several difficulties along the way. In fact, you'll notice

that the last screenshot up there doesn't look like the others—it's because it's not mine. Even

though the AP which I was cracking was my own and in the same room as my Alfa, the power

reading on the signal was always around -30, and so the data collection was very slow, and

BackTrack would consistently crash before it was complete. After about half a dozen attempts

(and trying BackTrack on both my Mac and PC, as a live CD and a virtual machine), I still

haven't captured enough data for aircrack to decrypt the key.

So while this process is easy in theory, your mileage may vary depending on your hardware,

proximity to the AP point, and the way the planets are aligned. Oh yeah, and if you're on

deadline—Murphy's Law almost guarantees it won't work if you're on deadline.

To see the video version of these exact instructions, check out this dude's YouTube video.

Got any experience with the WEP cracking courtesy of BackTrack? What do you have to say

about it? Give it up in the comments.

evilegg2000 25 Oct 2010 1:09 PM

My wi-fi is completely open. It makes my life easier and I figure I would notice the guy sitting on


GETTING THINGS DONE

LOGIN


883ARDUINO


712WINDOWS DOWN


…

589INFOGRAPHICS


568ASK LIFEHACKER


472ASK LIFEHACKER


379CROWDHACKER


MORE STORIES...


01/12/2012 0



promoted by freedomweasel

my lawn.

: You computer can save your wifi passwords. You only need to type it in once.

: Enjoy that kiddie porn that a random person driving by your house uploads to

your computers right before they call the FBI.

: It's really easy to put a password on your router, and as freedomweasel

mentioned, that's all you'll ever have to do.

paravorheim @evilegg2000

@evilegg2000: Right now, as we speak, I can access the router from 2 houses down from me.

I'm fairly positive they can't see me on their lawn.

evilegg2000 @freedomweasel

@freedomweasel: I have to remember what it is when one of my friends stops by with his laptop,

iPod... and wants to go online.

freedomweasel @evilegg2000

@evilegg2000: Sticky note on the router. If you give out your password to everyone who asks, it

does no harm to have it written down on the router. It'll still keep the random neighbor from

hogging bandwidth.

aliskaba @evilegg2000

@evilegg2000: Sweet, time to go connect and try out firesheep!

blue_solace @evilegg2000

@evilegg2000: With the right antenna, a person can be more than a mile away and steal your

bandwidth.

senshikaze @freedomweasel

promoted by freedomweasel

@freedomweasel: also your traffic will be encrypted. the advantage to using wpa is not to keep

mooches off, it is to encrypt your traffic.

acutelyaware @evilegg2000

promoted by tchrman35

@evilegg2000: if you live on a property that has enough land for neighbours to not pick it up,

then yeah id keep it open. i hate the time i waste trying to remember the password for friends.

tkuhl87 @evilegg2000

@evilegg2000: and with WPA you can just create some easy to remember phrase like say your

address, or lyrics or something like that. Simple, easy to remember and very secure.

For fun I've accessed open routers and added a password, or blocked very specific websites like

Google...sick sense of humor I guess, but there are far more nefarious things someone could do.


GETTING THINGS DONE

LOGIN


883ARDUINO


712WINDOWS DOWN


…

589INFOGRAPHICS


568ASK LIFEHACKER


472ASK LIFEHACKER


379CROWDHACKER


MORE STORIES...


01/12/2012 0



guyston @evilegg2000

: Used to take this view and it is pretty good providing you live remotely but I

opted for a password recently because I was suspicious of my pesky neighbours.

: What about the guy that is 1 mile away siffing your traffic to steal your identity. I

does happen to real people. Secondly make it something easy like your phone number.

@evilegg2000

: Just set your WPA password to "EvilEgg2000" or something. It's secure, and

you'll always remember it.

tchrman35 @acutelyaware

@acutelyaware: People, if it's that much trouble to remember a short passphrase, and if sticky

notes aren't your thing, buy some printable Business Cards, throw down 100 of them, and put

them in a little business card holder in your kitchen junk drawer.

I think you can go overboard with security, but I still throw the deadbolt when I'm away orasleep. It doesn't mean I don't trust my neighbors. It does mean I am willing to believe there

might be people out there who care more about their wants/needs than about my

safety/property rights.

Just secure the network. Or be prepared to live with the consequences, should they bite you.

freedomweasel @senshikaze

@senshikaze: Very true. For some reason I always focus on people stealing bandwidth.

jeffeb3 @freedomweasel

@freedomweasel: I put it on my fridge. I large print that can be read from across the room. My friends still ask for the password (because they can't read I guess).

Joel @freedomweasel

@freedomweasel, et al: If you don't care about sharing internet, and just want encryption, and

don't want to forget the password, make the SSID something like PWis(Insert Password Here).

No stickies, no remembering, easy! And you can turn on AP isolation if you're not sharing across

the router. (Sorta - draw a network graph as always, helps you figure stuff out.)

zakany001 @evilegg2000

@evilegg2000: I hope you don't mind me changing your router's settings, because I will do so to

keep my children from bypassing my home network.

SmarchHare @xaronax

This comment shows up on any discussion of open wifi. Has this ever happened in the history of

ever?

belch @zakany001

Just because my wifi is open, does not mean my router is set to the default password. In fact it is

not.

If you want me to block your mac addresses, just let me know and I'll do it for you.


GETTING THINGS DONE

LOGIN


883ARDUINO


712WINDOWS DOWN


…

589INFOGRAPHICS


568ASK LIFEHACKER


472ASK LIFEHACKER


379CROWDHACKER


MORE STORIES...


01/12/2012 0



About Help Forums Jobs Legal Privacy Permissions Advertising Subscribe Send a tip

RossLH @evilegg2000

A friend showed me how to leave a network free of password protection, yet still protected from

unauthorized access. It was set up such that anyone could connect to the router, but they had no

access to the internet or the other computers on the network. When someone tried to connect,

the administrator would get a popup on their computer saying [computer name] is trying to

connect to [network name], and from there you could give them access or deny it. Once they had

Ours is too, but since we live in the woods a quarter mile away from anyone, I figured we were

safe. Alas, distance isn't a viable security strategy for everyone.

IAmMarchHare @SmarchHare

Edited by IAmMarchHare at 10/28/11 3:34 PM

@SmarchHare

[o.seattletimes.nwsource.com]


GETTING THINGS DONE

LOGIN


883ARDUINO


712WINDOWS DOWN


…

589INFOGRAPHICS


568ASK LIFEHACKER


472ASK LIFEHACKER


379CROWDHACKER


MORE STORIES...


Wep Crack.ps

Documents

Transcript of Wep Crack.ps