Hello to all
Today I want to show you guys how it can be done to find the password of a Wi-Fi Access Point configured with WEP encryption
For this tutorial I'm using Linux Kali
To install and configure the Kali Linux in Virtual Box you can follow our tip
Remember that if you are using the Virtual Box, u will need a network card Wi-Fi USB and add it in the menu “Devices/USB Devices” and select the USB card so that it can be recognized by the VM, Now if u are running directly on the metal then he will recognize the card itself that you have on your PC or Note.
Terminal Type a ifconfig to check what your wireless network card in our case is the wlan0 then enter the following:
# airmon-ng start wlan0
This will put the card into monitor mode note that will create a new interface in the case mon0, after this type:
# airodump-ng -i mon0
You will see a screen similar to this
In the screenshot above you can see all the networks in range in case you want is to have cripotografia WEP and should take note of the following information BSSID Channel is where you like CH and the ESSID what is the name of the network.
With this information in hand we run the next command:
# airodump-ng --ivs -w wep --channel 6 -bssid 00:00:00:00:00:01 mon0
Where u should replace wep the name you want, this is just the prefix of the file that will be generated, ex: wep-01.ivs, wep-02.ivs etc...
Replace the value in –channel by the number of its channel obtained in the field CH the first command that was executed
Replace the value in –bssid by the number of its BSSID BSSID field obtained in the primero command that was executed
If everything is correct u see a screen similar to the one below:
The next step is to stop running the above command and generate some traffic so we can make the break password, We can simulate some tentative association with the AP and generate some traffic with commands:
# aireplay-ng -1 0 -e dlink-test-a 00:00:00:00:00:01 -h 00:00:00:00:00:02 mon0
# aireplay-ng -3 -b 00:00:00:00:00:01 -h 00:00:00:00:00:02 mon0
Not first command replaces the value of -and the value of their ESSID obtained in the first command
Where is the value -a u will put the BSSID Access Point and the value of -h u will put your MAC Address.
Not second command replaces the value of -b by its BSSID and the amount of -h u will put your MAC Address.
Let the second aireplay-ng running time to generate data sufficient to break the encryption
Will be more or less well
Now comes the best part, to discover the password of wi-fi after taking some time, in my case a 5min. just run the following
# aircrack-ng -a 1 wep-01.ivs
Where of course u should change wep-01.ivs by ivs file that generated vc, then the password will be seen in the following way:
In the above case the password is 12345
Only one way to safeguard against this, nunca jamais use WEP!!!
How to find the password of any wifi router that has WPS activated regardless of the type of encryption used
How to find the password of the wifi router with WPA2 encryption enabled see this hint here
I hope you enjoyed.
Do not forget to share and subscribe to our blog.
Hugs and until the next