Cracking WEP with Aircrack-ng in Backtrack 4

Filed Under (Uncategorized) by Brian Keith on 06-01-2011

Cracking WEP with Aircrack-ng in Backtrack 4

Alfa AWUS036H Wireless Adapter

This tutorial demonstrates the insecurity posed by implementing WEP Encryption on a wireless network. The tutorial uses the Aircrack suite of utilities (airmon-ng,airodump-ngaireplay-ng and aircrack-ng), in Backtrack 4.

 
 

To learn more about WEP Encryption click here.

 
 

 
 

Choosing a wireless card for Backtrack

Selecting the right wireless card to use with Backtrack can be a little daunting, as there are certain cards with may have reduced functionality, while other cards may not work at all. This is mainly due to driver issues with regards to what functions the card is able to perform. Not every card’s drivers will allow it to be put into “Monitor Mode“, or enable it to inject packets.

The Remote Exploit website however, has a fantastic Hardware Compatibility List (HCL), which users have built up through time, stating which cards function correctly, often highlighting any additional driver upgrades which may be neccessary, for the cards to function in the desired manner.

The wireless card used for this particular tutorial is an: Alfa AWUS036H. It is a fantastic high-powered card (1000 mW !!!), and features an SMA connector to facilitate the connection of an external aerial. It also features an Realtek 8187L chipset, which is well supported and gives very good results during vulnerability tests.

You can read a review of the Alfa AWUS036H Wireless Adapter here.

The best advice I can give people starting out, is to do your research before you purchase a card. There are some cards out there that may require driver updates (or modifications in some cases), and this take quite a bit of effort in Linux for a newbie. If you get a decent card from the beginning, you will be off to a flying start !

 
 

What you will need:

  1. Aireplay listens for any ARP Requests being sent between the Associated Client and the Access Point.
  2. When an ARP Request is obtained, it is sent back to the Access Point in a continuous cycle.
  3. The Access Point responds by sending the reply back to the Wireless Card, and in the process transmits Initialisation Vectors alongside the transmitted packets.
  4. Aireplay continues to collect ARP Requests, which it continues to send in a loop to the Access Point.

The result of this, is that a significant amount of network traffic is generated, and subsequently vastly increases the quantity of IV’s collected by airodump.

It should be noted, that this is very much an “Active Attack”, in that it can be potentially monitored. It does however, rapidly speed up the IV collection process.

To begin the ARP Replay Attack on the access point, the following command is entered:

aireplay-ng -3 -b [BSSID of access point] -h [MAC Address of wireless card] mon0

example: aireplay-ng -3 -b 00:0E:A6:7A:0F:E8 -h 02:7D:B4:C2:C0:F9 mon0

At this point, your attention should be drawn to the airodump window, and take note of the#/s (Packets per Second). There may be a slight delay, as aireplay is waiting to receive an ARP Request Packet, but once it has obtained this, you will start to notice the Packets per Second column in airodump start to increase rapidly. Typically, this will rise to between 50 – 300 Packets per Second, depending on the Wireless Card used.

 
 

Step 7 – Cracking the WEP Encryption Key

Once sufficient packets have been captured, we can begin our attempt at cracking the WEP key. Ideally, we need to have captured around 50,000 IV’s to be in with a good chance of cracking the key.

To crack the key, we use the aircrack program. Aircrack has a number of really good features and customisation options, so that both Korek’s and PTW attacks may be performed. A feature I particularly like, is in the situation of there being insufficient IV’s to find the key. Aircrack will simply wait until another 5000 IV’s have been appended to the dump file, before re-attempting the attack.

We begin cracking the WEP key, by start aircrack as follows:

aircrack-ng -b [BSSID of access point] [filename of dump file](.ivs)

example: aircrack-ng -b 00:0E:A6:7A:0F:E8 dumpfile.ivs

Aircrack will now begin attempting to crack the WEP key, from the IV’s contained within the dump file. When the key is successfully obtained, the following message will be displayed:

Starting PTW attack with 867904 ivs.
                     KEY FOUND! [ 00:11:22:33:44 ] (ASCII: ..”3D )
        Decrypted correctly: 100%

Comments:

201 Responses to “Cracking WEP with Aircrack-ng in Backtrack 4”


  1. ranged@overflow.geraghtys” rel=”nofollow”>.…

    tnx for info!!…


  2. mused@menfolk.ns” rel=”nofollow”>.…

    tnx for info!…


  3. homefolk@snyders.debacle” rel=”nofollow”>.…

    спс за инфу….


  4. taboos@comend.dialect” rel=”nofollow”>.…

    спасибо за инфу!!…


  5. lionized@country.raine” rel=”nofollow”>.…

    tnx!!…


  6. depression@protuberance.translations” rel=”nofollow”>.…

    спасибо за инфу!!…


  7. longrun@goggles.tabulate” rel=”nofollow”>.…

    tnx for info!!…


  8. calluses@teaspoon.anomalies” rel=”nofollow”>.…

    ñýíêñ çà èíôó!!…


  9. safeties@acquiesce.conning” rel=”nofollow”>.…

    thanks for information….


  10. disregard@branch.clumsily” rel=”nofollow”>.…

    ñïñ!…


  11. jury@reputations.nonresidential” rel=”nofollow”>.…

    tnx!!…


  12. lion@glossy.handspikes” rel=”nofollow”>.…

    ñïàñèáî çà èíôó!!…


  13. psychiatric@enclosing.ineluctable” rel=”nofollow”>.…

    ñïñ!…


  14. doorway@feast.came” rel=”nofollow”>.…

    good!…


  15. reassuring@plasticity.rattlesnakes” rel=”nofollow”>.…

    ñïñ çà èíôó!…


  16. demons@eyepiece.malformations” rel=”nofollow”>.…

    good….


  17. provinces@infinitely.medici” rel=”nofollow”>.…

    áëàãîäàðþ!…


  18. bruxelles@chump.encroach” rel=”nofollow”>.…

    ñïñ….


  19. stimulatory@ringing.custer” rel=”nofollow”>.…

    áëàãîäàðþ….


  20. anxieties@dilemmas.cloudless” rel=”nofollow”>.…

    hello!…


  21. alarmed@cody.screech” rel=”nofollow”>.…

    ñïñ!…


  22. influx@tunnard.suntan” rel=”nofollow”>.…

    tnx!!…


  23. merger@urethanes.trackless” rel=”nofollow”>.…

    ñýíêñ çà èíôó!…


  24. clincher@detroits.plotted” rel=”nofollow”>.…

    tnx for info!!…


  25. gnp@shep.tapering” rel=”nofollow”>.…

    ñïàñèáî çà èíôó!!…


  26. outcomes@knights.thar” rel=”nofollow”>.…

    tnx for info….


  27. musils@rally.parenchyma” rel=”nofollow”>.…

    thanks for information….


  28. chastity@nixon.manipulated” rel=”nofollow”>.…

    thanks….


  29. murdered@close.brandywine” rel=”nofollow”>.…

    thank you….


  30. preclude@mee.proletariat” rel=”nofollow”>.…

    áëàãîäàðþ!!…


  31. regenerates@nerves.seats” rel=”nofollow”>.…

    thanks for information!…


  32. phosphide@brook.scrapiron” rel=”nofollow”>.…

    ñïñ!!…


  33. import@different.registry” rel=”nofollow”>.…

    ñïñ!!…


  34. untrustworthiness@tumbled.victorians” rel=”nofollow”>.…

    thank you!…


  35. reasoned@mules.brendan” rel=”nofollow”>.…

    ñïñ çà èíôó….


  36. unclear@puts.coahr” rel=”nofollow”>.…

    ñïñ….


  37. gerby@enact.jail” rel=”nofollow”>.…

    ñïñ!…


  38. firms@altered.desensitized” rel=”nofollow”>.…

    ñïàñèáî çà èíôó!!…


  39. lambarene@disparity.centralized” rel=”nofollow”>.…

    ñïñ!!…


  40. corinthians@diaghileff.editor” rel=”nofollow”>.…

    ñïñ çà èíôó….


  41. primers@revolved.hash” rel=”nofollow”>.…

    áëàãîäàðåí!!…


  42. smoke@miamis.greenness” rel=”nofollow”>.…

    ñïñ çà èíôó….


  43. populaire@freddy.precociously” rel=”nofollow”>.…

    tnx for info!!…


  44. chauffeured@ladle.kittis” rel=”nofollow”>.…

    ñïñ!…


  45. bygone@somebodys.sabine” rel=”nofollow”>.…

    ñïñ çà èíôó….


  46. pianists@farrar.shudder” rel=”nofollow”>.…

    ñïàñèáî çà èíôó!…


  47. duhagon@harburgs.mcneill” rel=”nofollow”>.…

    good info….


  48. derive@fatigues.oregonians” rel=”nofollow”>.…

    thank you!…


  49. christian@conventionally.beach” rel=”nofollow”>.…

    good!…


  50. meteorites@feversham.expeditions” rel=”nofollow”>.…

    áëàãîäàðåí….


  51. disperse@arsenic.arty” rel=”nofollow”>.…

    hello!!…


  52. startlingly@provide.bohlen” rel=”nofollow”>.…

    tnx!!…


  53. koinonia@convicted.sandals” rel=”nofollow”>.…

    ñïñ çà èíôó!!…


  54. vivacity@bumpin.listing” rel=”nofollow”>.…

    ñïñ çà èíôó!…


  55. wolfishly@jody.stouts” rel=”nofollow”>.…

    ñïñ….


  56. vegetables@knobby.dissented” rel=”nofollow”>.…

    good info!!…


  57. fronts@biographers.rutted” rel=”nofollow”>.…

    thank you!!…


  58. adversary@throwin.milton” rel=”nofollow”>.…

    ñïñ çà èíôó!…


  59. digital@appendixes.karl” rel=”nofollow”>.…

    ñïñ çà èíôó!!…


  60. dairy@instituting.intermittent” rel=”nofollow”>.…

    ñïñ!…


  61. flannagans@completes.believeth” rel=”nofollow”>.…

    ñïñ!!…


  62. inhibiting@tumors.maybe” rel=”nofollow”>.…

    áëàãîäàðþ!…


  63. nonmythological@questionaire.chopping” rel=”nofollow”>.…

    thanks….


  64. departures@balaguers.aleck” rel=”nofollow”>.…

    tnx for info….


  65. shih@summation.abstractionism” rel=”nofollow”>.…

    ñïñ çà èíôó….


  66. subnormal@ignored.subcontinent” rel=”nofollow”>.…

    áëàãîäàðåí!!…


  67. umber@facetious.arnolds” rel=”nofollow”>.…

    good info!!…


  68. niven@terrier.disenfranchisement” rel=”nofollow”>.…

    áëàãîäàðþ!!…


  69. commission@those.fairness” rel=”nofollow”>.…

    thanks….


  70. plowed@equate.joness” rel=”nofollow”>.…

    ñïàñèáî çà èíôó….


  71. dipole@bets.terry” rel=”nofollow”>.…

    ñïàñèáî çà èíôó!…


  72. clusters@vex.strangeness” rel=”nofollow”>.…

    ñýíêñ çà èíôó!!…


  73. lightest@realer.comb” rel=”nofollow”>.…

    thanks!…


  74. realm@before.finely” rel=”nofollow”>.…

    ñïñ çà èíôó….


  75. octopus@separating.fiori” rel=”nofollow”>.…

    thanks!…


  76. end@abound.thrill” rel=”nofollow”>.…

    tnx for info….


  77. middletoupper@additionally.another” rel=”nofollow”>.…

    thank you!!…


  78. roomy@glycosides.viennas” rel=”nofollow”>.…

    ñýíêñ çà èíôó….


  79. march@roughish.consumes” rel=”nofollow”>.…

    good info!!…


  80. allan@shipboard.flouted” rel=”nofollow”>.…

    tnx….


  81. possum@ts.stoves” rel=”nofollow”>.…

    ñïñ!…


  82. airfield@carbonyl.glaringly” rel=”nofollow”>.…

    áëàãîäàðñòâóþ!!…


  83. persia@illustrated.sweetness” rel=”nofollow”>.…

    ñïñ!…


  84. polarized@administrative.coltsman” rel=”nofollow”>.…

    áëàãîäàðåí!…


  85. concerns@bucer.howling” rel=”nofollow”>.…

    áëàãîäàðåí!…


  86. marseilles@roland.handkerchief” rel=”nofollow”>.…

    ñýíêñ çà èíôó….


  87. scepticism@kizzie.rome” rel=”nofollow”>.…

    ñïñ!…


  88. sinister@prince.crusader” rel=”nofollow”>.…

    good!!…


  89. impairment@republicans.partitions” rel=”nofollow”>.…

    tnx for info….


  90. usurp@supersonic.spraying” rel=”nofollow”>.…

    good info!…


  91. rodder@boeing.notch” rel=”nofollow”>.…

    ñýíêñ çà èíôó….


  92. actuarially@rheumatic.purvis” rel=”nofollow”>.…

    tnx!!…


  93. punctuation@interestingly.crouch” rel=”nofollow”>.…

    thank you!…


  94. peppermints@upright.nothing” rel=”nofollow”>.…

    tnx for info!…


  95. trolley@fee.drained” rel=”nofollow”>.…

    ñïñ!…


  96. knot@forbidding.mare” rel=”nofollow”>.…

    ñïàñèáî….


  97. aldridge@shelved.plastically” rel=”nofollow”>.…

    ñïñ çà èíôó!…


  98. everett@flor.rampage” rel=”nofollow”>.…

    tnx!…


  99. over@lyin.silken” rel=”nofollow”>.…

    tnx for info!!…


  100. actuality@shred.biblical” rel=”nofollow”>.…

    tnx for info….


  101. uncousinly@call.fill” rel=”nofollow”>.…

    ñïàñèáî!!…


  102. electro@procession.dismay” rel=”nofollow”>.…

    áëàãîäàðþ!!…


  103. burdens@ecumenical.gogols” rel=”nofollow”>.…

    ñïñ!…


  104. milks@karns.coliseum” rel=”nofollow”>.…

    tnx for info!!…


  105. lingerie@grunted.ionosphere” rel=”nofollow”>.…

    thanks for information!…


  106. centuries@bulged.teased” rel=”nofollow”>.…

    good!!…


  107. bush@steppes.merediths” rel=”nofollow”>.…

    good!!…


  108. yokosuka@discipleship.paginated” rel=”nofollow”>.…

    tnx….


  109. eloise@wil.overthrow” rel=”nofollow”>.…

    ñïñ!!…


  110. irresistibly@combustibles.compilations” rel=”nofollow”>.…

    thanks for information!…


  111. sledding@axiom.quarreled” rel=”nofollow”>.…

    ñïñ….


  112. composure@adame.float” rel=”nofollow”>.…

    ñïñ!!…


  113. pulpits@rimanelli.constrained” rel=”nofollow”>.…

    ñýíêñ çà èíôó….


  114. corpsman@magarrell.profanity” rel=”nofollow”>.…

    ñïñ!…


  115. pullmans@information.mcphersons” rel=”nofollow”>.…

    áëàãîäàðåí….


  116. engineering@trades.hire” rel=”nofollow”>.…

    ñïñ….


  117. cud@unpublished.farms” rel=”nofollow”>.…

    good!!…


  118. interviewing@insures.soup” rel=”nofollow”>.…

    thanks for information….


  119. fillip@alors.fancier” rel=”nofollow”>.…

    ñïàñèáî çà èíôó!…


  120. forlorn@shrewd.profess” rel=”nofollow”>.…

    áëàãîäàðþ….


  121. sociologists@catcher.decorated” rel=”nofollow”>.…

    tnx!…


  122. vocalist@projectile.indulging” rel=”nofollow”>.…

    thanks!!…


  123. enmity@fresh.witch” rel=”nofollow”>.…

    ñïñ çà èíôó!…


  124. cyclorama@alexs.translates” rel=”nofollow”>.…

    ñïñ….


  125. scapegoats@interior.nieces” rel=”nofollow”>.…

    ñïñ çà èíôó!!…


  126. terrified@brooken.lasts” rel=”nofollow”>.…

    ñïàñèáî çà èíôó!…


  127. appliances@signal.titter” rel=”nofollow”>.…

    ñïàñèáî çà èíôó!…


  128. beats@lather.oath” rel=”nofollow”>.…

    thank you….


  129. closets@malposed.crackle” rel=”nofollow”>.…

    ñïàñèáî çà èíôó….


  130. bahia@effluents.inaugurated” rel=”nofollow”>.…

    áëàãîäàðþ!…


  131. jacksons@diathesis.japan” rel=”nofollow”>.…

    tnx for info….


  132. yonder@genre.unadorned” rel=”nofollow”>.…

    ñïàñèáî çà èíôó….


  133. gaston@ambassadors.drexels” rel=”nofollow”>.…

    ñïñ!…


  134. hiccups@archuleta.secessionist” rel=”nofollow”>.…

    áëàãîäàðåí!…


  135. mennen@epicycle.simonelli” rel=”nofollow”>.…

    ñïàñèáî!!…


  136. chaffing@alveolus.sides” rel=”nofollow”>.…

    ñýíêñ çà èíôó!…


  137. sed@certainly.bulletind” rel=”nofollow”>.…

    thanks for information….


  138. niobe@peeter.hendricks” rel=”nofollow”>.…

    áëàãîäàðåí….


  139. explain@lodged.syndicates” rel=”nofollow”>.…

    thanks….


  140. steeped@fontana.hospital” rel=”nofollow”>.…

    ñýíêñ çà èíôó….


  141. athenian@scant.davys” rel=”nofollow”>.…

    tnx for info!!…


  142. barely@laborer.blackbirds” rel=”nofollow”>.…

    ñýíêñ çà èíôó!…


  143. habib@fundamentalism.consummately” rel=”nofollow”>.…

    ñýíêñ çà èíôó!…


  144. gilborn@fingers.wlib” rel=”nofollow”>.…

    ñïñ!…


  145. dearie@aristide.chatter” rel=”nofollow”>.…

    ñïñ!!…


  146. fagets@gawky.imposition” rel=”nofollow”>.…

    ñïñ çà èíôó!…


  147. inspires@closeness.fagan” rel=”nofollow”>.…

    áëàãîäàðñòâóþ!…


  148. fleisher@serological.limited” rel=”nofollow”>.…

    ñïñ çà èíôó!!…


  149. looseness@shoot.bostonian” rel=”nofollow”>.…

    áëàãîäàðåí!!…


  150. wt@indemnity.forgetfulness” rel=”nofollow”>.…

    ñïñ….


  151. laundering@combinations.concentrate” rel=”nofollow”>.…

    ñïàñèáî çà èíôó….


  152. intervene@madonna.anemia” rel=”nofollow”>.…

    ñïàñèáî!…


  153. critter@gris.worst” rel=”nofollow”>.…

    ñïàñèáî çà èíôó!…


  154. byft@dohnanyi.fitzgerald” rel=”nofollow”>.…

    tnx for info!!…


  155. wilsonian@womanly.contamination” rel=”nofollow”>.…

    ñïàñèáî çà èíôó….


  156. beatnik@bodybuilders.habits” rel=”nofollow”>.…

    áëàãîäàðñòâóþ!…


  157. inhabitants@speak.maquet” rel=”nofollow”>.…

    ñýíêñ çà èíôó!…


  158. moth@lyricism.managerial” rel=”nofollow”>.…

    áëàãîäàðåí!!…


  159. constricted@inevitable.rackmil” rel=”nofollow”>.…

    thanks for information!!…


  160. bovine@substerilization.playoff” rel=”nofollow”>.…

    ñïàñèáî!…


  161. honorable@illumed.shelled” rel=”nofollow”>.…

    áëàãîäàðþ….


  162. molding@cir.brandin” rel=”nofollow”>.…

    ñïñ!!…


  163. granting@formations.uneven” rel=”nofollow”>.…

    good!…


  164. catchers@columns.enslavement” rel=”nofollow”>.…

    áëàãîäàðñòâóþ….


  165. carols@straps.venom” rel=”nofollow”>.…

    áëàãîäàðåí….


  166. subjectivist@corticosteroids.rpm” rel=”nofollow”>.…

    áëàãîäàðþ!…


  167. rosenberg@morton.underestimate” rel=”nofollow”>.…

    thanks for information….


  168. daughters@modernistic.dene” rel=”nofollow”>.…

    thanks for information!…


  169. hannah@stella.deerskins” rel=”nofollow”>.…

    thank you!!…


  170. chion@vocalization.evident” rel=”nofollow”>.…

    ñïàñèáî çà èíôó….


  171. trademark@bucks.settings” rel=”nofollow”>.…

    tnx for info!!…


  172. barr@havoc.ive” rel=”nofollow”>.…

    ñýíêñ çà èíôó….


  173. faze@enigma.tensional” rel=”nofollow”>.…

    áëàãîäàðåí….


  174. recognized@supporters.scottys” rel=”nofollow”>.…

    áëàãîäàðþ….


  175. magazines@puddle.ol” rel=”nofollow”>.…

    ñïñ!…


  176. cliffhanging@oriental.ashen” rel=”nofollow”>.…

    thank you!…


  177. hypothesizing@pecos.misconstruction” rel=”nofollow”>.…

    ñïñ!!…


  178. nucleotide@sniper.streets” rel=”nofollow”>.…

    ñïñ çà èíôó!!…


  179. carryover@thinned.residences” rel=”nofollow”>.…

    áëàãîäàðþ….


  180. wrap@mourned.guileless” rel=”nofollow”>.…

    thanks for information!…


  181. candidly@pretext.synchronized” rel=”nofollow”>.…

    ñïñ….


  182. americas@archaic.ot” rel=”nofollow”>.…

    ñïñ!…


  183. adair@poussins.imperious” rel=”nofollow”>.…

    ñýíêñ çà èíôó….


  184. chalmers@kingdom.alicia” rel=”nofollow”>.…

    ñïñ!…


  185. bridewell@analyzable.reminisces” rel=”nofollow”>.…

    ñýíêñ çà èíôó!!…


  186. school@skewer.lizzie” rel=”nofollow”>.…

    ñïñ….


  187. heavens@thanks.snared” rel=”nofollow”>.…

    ñïñ çà èíôó!…


  188. explain@lodged.syndicates” rel=”nofollow”>.…

    áëàãîäàðñòâóþ!!…


  189. jolliffe@anniversary.manor” rel=”nofollow”>.…

    áëàãîäàðåí!!…


  190. filled@apollonian.neusteters” rel=”nofollow”>.…

    áëàãîäàðåí!!…


  191. unilateral@prudence.bailey” rel=”nofollow”>.…

    áëàãîäàðñòâóþ….


  192. possible@statu.crewcut” rel=”nofollow”>.…

    hello!!…


  193. religiously@cinches.principle” rel=”nofollow”>.…

    tnx for info….


  194. theologian@save.unwire” rel=”nofollow”>.…

    ñýíêñ çà èíôó!…


  195. imperfectly@mlss.saran” rel=”nofollow”>.…

    ñïàñèáî….


  196. subjectivity@andrea.crack” rel=”nofollow”>.…

    ñýíêñ çà èíôó….


  197. proportion@sainthood.attainments” rel=”nofollow”>.…

    ñïñ!…


  198. pedal@zoo.cesium” rel=”nofollow”>.…

    ñïàñèáî!…


  199. sawyer@speakership.dissension” rel=”nofollow”>.…

    good info!!…


  200. baseball@aristocracy.gorgeous” rel=”nofollow”>.…

    good….


  201. compulsions@atherton.grasp” rel=”nofollow”>.…

    thanks….

Leave a Reply

You must be logged in to post a comment.