D
DevynCJohnson
Guest
WEP is a common WiFi security algorithm that has been found to have many security flaws. This security algorithm is so weak that it can be hacked in about fifteen minutes or less. Since Linux and most of its software is open-source, this makes it easy for anyone to hack WEP WiFi hotspots.
Keep in mind that Kali Linux (formerly called "Backtrack") is not needed for hacking. Linux users can use their preferred distro. Also, hacking can be helpful when people must find or prove the existence of security flaws. This tutorial can also prove to people that they should switch from WEP to WPA2 if possible. Please use all of this knowledge for good and not evil. In addition, get permission from the Wifi before hacking.
NOTE: All of these commands in this tutorial should be run with Root privileges.
Obtaining the Tools
To begin, install the needed packages. Some distros contain the needed tools in the default repos and others do not. If they are not in the Ubuntu repos, users may need to add the "ppa:darklordpaunik8880/kalibuntu" PPA by typing "apt-add-repository ppa:darklordpaunik8880/kalibuntu". Once the repos are add, then on Debian-based systems, users can type "apt-get install aircrack-ng". The "aircrack-ng" package adds many WiFi hacking tools and the package's dependencies provide additional utilities.
Hacking
Once the utilities are obtained, open a terminal and type "airmon-ng". This will display a list of detected WiFi devices on the local system that support monitoring (this feature is needed). Then, type "airmon-ng start INTERFACE" where "INTERFACE" is the desired wireless device (such as "wlan0") that supports monitoring. The terminal should display a monitor interface name (such as "mon0").
Next, type "airodump-ng MONITOR-INTERFACE". This will display various information about the detected WiFi signals. Look for an ESSID that is using WEP as the encryption (ENC) and cipher. Write down the ESSID, BSSID, and channel (CH). Also, remember the wireless interface and monitoring interface.
With the gathered information, type a command in the form "airodump-ng –w DIRECTORY –c CHANNEL –bssid BSSID MONITOR-INTERFACE". The directory is used to store files on your computer for data that this process will need. After many packets have been captured, type "aircrack-ng FILE.cap" where "FILE.cap" is the pathname of the "*.cap" file in the directory you have previously chosen.
The cracking process has now begun. When finished, the terminal will return a failure or a "KEY FOUND!" message containing the WEP password. Since WEP uses hexadecimal keys, if a ten-digit hex number is given, then that is the password (without the colons ":").
Conclusion
WEP is very easy to crack. Obviously, people should switch to WPA2, but many people have legitimate reasons for using WEP and are unable to migrate. However, such people should enable an additional security feature called "MAC address filtering" which is supported by many wireless routers.
If you would like to see more content from me and be notified of released articles, follow me on Google+ ( https://plus.google.com/ DevynJohnson/ ) or Twitter ( https://twitter.com/DevynCJohnson ). Also, follow Linux.org's Google+ account ( https://plus.google.com/u/0/111301317258533720785 ).
Further Reading
Keep in mind that Kali Linux (formerly called "Backtrack") is not needed for hacking. Linux users can use their preferred distro. Also, hacking can be helpful when people must find or prove the existence of security flaws. This tutorial can also prove to people that they should switch from WEP to WPA2 if possible. Please use all of this knowledge for good and not evil. In addition, get permission from the Wifi before hacking.
NOTE: All of these commands in this tutorial should be run with Root privileges.
Obtaining the Tools
To begin, install the needed packages. Some distros contain the needed tools in the default repos and others do not. If they are not in the Ubuntu repos, users may need to add the "ppa:darklordpaunik8880/kalibuntu" PPA by typing "apt-add-repository ppa:darklordpaunik8880/kalibuntu". Once the repos are add, then on Debian-based systems, users can type "apt-get install aircrack-ng". The "aircrack-ng" package adds many WiFi hacking tools and the package's dependencies provide additional utilities.
Hacking
Once the utilities are obtained, open a terminal and type "airmon-ng". This will display a list of detected WiFi devices on the local system that support monitoring (this feature is needed). Then, type "airmon-ng start INTERFACE" where "INTERFACE" is the desired wireless device (such as "wlan0") that supports monitoring. The terminal should display a monitor interface name (such as "mon0").
Next, type "airodump-ng MONITOR-INTERFACE". This will display various information about the detected WiFi signals. Look for an ESSID that is using WEP as the encryption (ENC) and cipher. Write down the ESSID, BSSID, and channel (CH). Also, remember the wireless interface and monitoring interface.
With the gathered information, type a command in the form "airodump-ng –w DIRECTORY –c CHANNEL –bssid BSSID MONITOR-INTERFACE". The directory is used to store files on your computer for data that this process will need. After many packets have been captured, type "aircrack-ng FILE.cap" where "FILE.cap" is the pathname of the "*.cap" file in the directory you have previously chosen.
The cracking process has now begun. When finished, the terminal will return a failure or a "KEY FOUND!" message containing the WEP password. Since WEP uses hexadecimal keys, if a ten-digit hex number is given, then that is the password (without the colons ":").
Conclusion
WEP is very easy to crack. Obviously, people should switch to WPA2, but many people have legitimate reasons for using WEP and are unable to migrate. However, such people should enable an additional security feature called "MAC address filtering" which is supported by many wireless routers.
If you would like to see more content from me and be notified of released articles, follow me on Google+ ( https://plus.google.com/ DevynJohnson/ ) or Twitter ( https://twitter.com/DevynCJohnson ). Also, follow Linux.org's Google+ account ( https://plus.google.com/u/0/111301317258533720785 ).
Further Reading
- Linux Reading Guide (Cryptography) - http://www.linux.org/threads/cryptography-reading-guide.6231/
- Linux Reading Guide (Security) - http://www.linux.org/threads/security-reading-guide.6356/
- Official Aircrack-NG Website - http://www.aircrack-ng.org/
- Aircrack-ng Source - https://github.com/aircrack-ng/aircrack-ng
- Backbox - http://www.backbox.org/ (PPA: ppa:backbox/four)
Attachments
Last edited:
