Yet another video on "How to crack WEP".
Links
Watch video on-line:
Download video: http://download.g0tmi1k.com/videos_archive/WEP-ARP-Client.mp4
Method
ARP beacon is needed (depending on the attack method), so this can be re‐injected back into the network. To get this packets the attacker needs to disconnect a connected client currently on the network (if the attacker keeps on repeating this part, it will be a DoS to the client).
Once the key beacon has been captured and enough data injected/collected, it is now an offline attack either by brute force or a dictionary attack. Then its just a question of waiting then the attacker will have the key (brute forcing WEP can be less than 60 seconds!)
From here, the attacker can use that key to decrypt the captured data from before, and now is able to 'read' it as well as join the network.
Tools
- Aircrack-ng suite
- WiFi card that supports monitor mode & injection
Software
Name: Aircrack-ng
Version: 1.0-rc3
Home Page: http://www.aircrack-ng.org/doku.php
Download Link: hxxp://download.aircrack-ng.org/aircrack-ng-1.0-rc3.tar.gz
Commands
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 |
|
Notes
- If you want WPA/WPA2 PSK (with a hidden SSID) - See: https://blog.g0tmi1k.com/2009/07/video-cracking-wifi-wpawpa2-hidden-ssid/ or https://blog.g0tmi1k.com/2010/02/video-cracking-wifi-wpawpa2-aircrack-ng/
Song: Mr. Oizo - Flat Beat
Video length: 03:50
Capture length: 07:23
Blog Post: https://blog.g0tmi1k.com/2010/03/cracking-wifi-wep-with-client/