Wednesday, October 24, 2012

How to crack WEP using SpoonWEP in BackTrack 3

  1. Purchase a compatible wireless adaptor that is capable of packet injection. Again, I follow the recommendation from the LifeHacker article and purchased the Alfa AWUS036H from Amazon for $50.
  2. Download the BackTrack 3 (BT3) VMware image.
  3. In VMware, open the BT3 VMware image and use admin user name: root and password:toor to login. Then type startx to start the Windows like Graphic User Interface.

  4. Plugin the Alfa wireless adaptor and make sure it’s enabled by going to the VMware menu VM -> Removable Devices
  5. In BackTrack, launch Konsole to find out the name of your network interfaces by typingairmon-ng command. You will get the Interface, Chipset and Driver name of your card. Copy down the Interface name. (this name is refer to as (interface) in the following steps)
  6. To start the attack, you need to hide the MAC of your device first, use the following command
    airmon-ng stop (interface)
ifconfig (interface) down
macchanger --mac 00:11:22:33:44:55 (interface)
airmon-ng start (interface)
  7. Use the command airodump-ng (interface) to test the power of the wireless networks around you. Let the Konsole windows run for a minute and press [Ctrl] + [C] to stop gathering packets.
  8. The wireless network with highest power is at the top of the list. If the wireless network is using WEP Encryption, then it’s hackable. Copy down the BSSID and the CHannel number.
  9. Open SpoonWEP by navigating from the KDE menu -> BackTrack -> Radio Network Analysis -> 80211 -> Cracking -> SpoonWep and put the BSSID in the “Victim MAC” section.
  10. In SpoonWEP, pick your “Net Card” from the dropdown, change the channel number to the number you found on step 8, pick one of the 4 predefined attack and hit the “Launch” button to start the attack.
  11. I found that sometimes picking another predefined attack works faster. If after 5 minutes and you only captured less 200 IVS, you may want to try a different attack.
  12. The program will automatically crack the WEP key for you after it collects over 20000 IVS.
  13. Ideally, it should take no more than 15 minutes.

    Source Life Hacker
Posted by at
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)
Related Posts Plugin for WordPress, Blogger...
Blogger Widgets