Docsity
Log inSign up
Docsity
Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity

Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan

Guidelines and tips
Guidelines and tips
Sell on Docsity
Sell on Docsity
Log inSign up

Prepare for your exams

Study with the several resources on Docsity

Find documents

Prepare for your exams with the study notes shared by other students like you on Docsity

Search Store documents

The best documents sold by students who completed their studies

Search through all study resources
Docsity AINEW

Summarize your documents, ask them questions, convert them into quizzes and concept maps

Explore questions

Clear up your doubts by reading the answers to questions asked by your fellow students

Earn points to download

Earn points by helping other students or get them with a premium plan

Share documents
download point icon20 Points

For each uploaded document

Answer questions
download point icon5 Points

For each given answer (max 1 per day)

All the ways to get free points
Get points immediately

Choose a premium plan with all the points you need

Study Opportunities

Choose your next study program

Get in touch with the best universities in the world. Search through thousands of universities and official partners

Community

Ask the community

Ask the community for help and clear up your study doubts

University Rankings

Discover the best universities in your country according to Docsity users

Free resources

Our save-the-student-ebooks!

Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors

From our blog

Exams and Study
Go to the blog

Hacking WEP WiFi Passwords: A Step-by-Step Guide, Assignments of Database Management Systems (DBMS)

Indira Gandhi UniversityDatabase Management Systems (DBMS)

A comprehensive guide on hacking WEP WiFi passwords using Backtrack 3 and various tools like airodump-ng, aireplay-ng, and aircrack-ng. It covers preparing the victim network, gathering IVs, and cracking the password.

Typology: Assignments

2019/2020

Uploaded on 11/03/2020

jitender-garg-1
jitender-garg-1 🇮🇳

1 document

1 / 6

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Hacking WEP wifi passwords
1. Getting the right tools
Download Backtrack 3. It can be found here:
http://www.remote-exploit.org/backtrack_download.html
The Backtrack 4 beta is out but until it is fully tested (especially if you are a noob) I
would get the BT3 setup. The rest of this guide will proceed assuming you downloaded
BT3. I downloaded the CD iso and burned it to a cd. Insert your BT3 cd/usb drive and
reboot your computer into BT3. I always load into the 3rd boot option from the boot
menu. (VESA/KDE) You only have a few seconds before it auto-boots into the 1st
option so be ready. The 1st option boots too slowly or not at all so always boot from
the 2nd or 3rd. Experiment to see what works best for you.
2. Preparing the victim network for attack
Once in BT3, click the tiny black box in the lower left corner to load up a "Konsole"
window. Now we must prep your wireless card.
Type:
airmon-ng
You will see the name of your wireless card. (mine is named "ath0") From here on out,
replace "ath0" with the name of your card.
Now type:
airmon-ng stop ath0
then type:
ifconfig wifi0 down
then:
macchanger --mac 00:11:22:33:44:55 wifi0
then:
airmon-ng start wifi0
pf3
pf4
pf5

Partial preview of the text

Download Hacking WEP WiFi Passwords: A Step-by-Step Guide and more Assignments Database Management Systems (DBMS) in PDF only on Docsity!

Hacking WEP wifi passwords

  1. Getting the right tools Download Backtrack 3. It can be found here: http://www.remote-exploit.org/backtrack_download.html The Backtrack 4 beta is out but until it is fully tested (especially if you are a noob) I would get the BT3 setup. The rest of this guide will proceed assuming you downloaded BT3. I downloaded the CD iso and burned it to a cd. Insert your BT3 cd/usb drive and reboot your computer into BT3. I always load into the 3rd boot option from the boot menu. (VESA/KDE) You only have a few seconds before it auto-boots into the 1st option so be ready. The 1st option boots too slowly or not at all so always boot from the 2nd or 3rd. Experiment to see what works best for you.
  2. Preparing the victim network for attack Once in BT3, click the tiny black box in the lower left corner to load up a "Konsole" window. Now we must prep your wireless card. Type: airmon-ng You will see the name of your wireless card. (mine is named "ath0") From here on out, replace "ath0" with the name of your card. Now type: airmon-ng stop ath then type: ifconfig wifi0 down then: macchanger --mac 00:11:22:33:44:55 wifi then: airmon-ng start wifi

What these steps did was to spoof (fake) your mac address so that JUST IN CASE your computeris discovered by someone as you are breaking in, they will not see your REAL mac address. Moving on... Now it's time to discover some networks to break into. Type: airodump-ng ath Now you will see a list of wireless networks start to populate. Some will have a better signal than others and it is a good idea to pick one that has a decent signal otherwise it will take forever to crack or you may not be able to crack it at all. Once you see the network that you want to crack, do this: hold down ctrl and tap c This will stop airodump from populating networks and will freeze the screen so that you can see the info that you need. **Now from here on out, when I tell you to type a command, you need to replace whatever is in parenthesis with what I tell you to from your screen. For example: if i say to type: -c (channel) then dont actually type in -c (channel) Instead, replace that with whatever the channel number is...so, for example you would type: -c 6 Can't be much clearer than that...lets continue... Now find the network that you want to crack and MAKE SURE that it says the encryption for that network is WEP. If it says WPA or any variation of WPA then move on...you can still crack WPA with backtrack and some other tools but it is a whole other ball game and you need to master WEP first.

I've cracked some right at 5,000 and others have taken over 60,000. It just depends on how long and difficult they made the password. Now you are thinking, "I'm screwed because my IV's are going up really slowly." Well, don't worry, now we are going to trick the router into giving us HUNDREDS of IV's per second.

  1. Actually cracking the WEP password Now leave this Konsole window up and running and open up a 2nd Konsole window. In this one type: aireplay-ng -1 0 -a (bssid) -h 00:11:22:33:44:55 ath

This will generate a bunch of text and then you will see a line where your computer is gathering a bunch of packets and waiting on ARP and ACK. Don't worry about what these mean...just know that these are your meal tickets. Now you just sit and wait. Once your computer finally gathers an ARP request, it will send it back to the router and begin to generate hundreds of ARP and ACK per second. Sometimes this starts to happen within seconds...sometimes you have to wait up to a few minutes. Just be patient. When it finally does happen, switch back to your first Konsole window and you should see the number underneath the IV starting to rise rapidly. This is great! It means you are almost finished! When this number reaches AT LEAST 5,000 then you can start your password crack. It will probably take more than this but I always start my password cracking at 5,000 just in case they have a really weak password. Now you need to open up a 3rd and final Konsole window. This will be where we actually crack the password. Type: aircrack-ng -b (bssid) (filename)-01.cap Remember the filename you made up earlier? Mine was "wepkey". Don't put a space in between it and -01.cap here. Type it as you see it. So for me, I would type wepkey-01.cap Once you have done this you will see aircrack fire up and begin to crack the password. typically you have to wait for more like 10,000 to 20,000 IV's before it will crack. If this is the case, aircrack will test what you've got so far and then it will say something like "not enough IV's. Retry at 10,000." DON'T DO ANYTHING! It will stay running...it is just letting you know that it is on pause until more IV's are gathered. Once you pass the 10,000 mark it will automatically fire up again and try to crack it. If this fails it will say "not enough IV's. Retry at 15,000." and so on until it finally gets it.