User Tools

Site Tools


how_to_crack_wep_via_a_wireless_client

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
how_to_crack_wep_via_a_wireless_client [2008/05/19 19:26] – Fyx a mispeelinng. netrolller3dhow_to_crack_wep_via_a_wireless_client [2018/03/11 20:17] (current) – Removed link to trac mister_x
Line 1: Line 1:
 ====== Tutorial:  How to crack WEP via a wireless client ? ====== ====== Tutorial:  How to crack WEP via a wireless client ? ======
-Version: 1.16 August 252007 \\+Version: 1.17 September 112009 \\
 By: darkAudax \\ By: darkAudax \\
 \\ \\
Line 7: Line 7:
  
 ===== Introduction ===== ===== Introduction =====
-There has been a lot of discussion over time of how to use a wireless client workstation to generate packets to crack   WEP instead of the wireless access point itself. This tutorial describes four approaches with examples of how to do this. The examples provided are from from real working equipment, not theory.  Each was used in real life and successfully cracked the WEP keys.+There has been a lot of discussion over time of how to use a wireless client workstation to generate packets to crack   WEP instead of the wireless access point itself. This tutorial describes four approaches with examples of how to do this. The examples provided are from real working equipment, not theory.  Each was used in real life and successfully cracked the WEP keys.
  
 The basic idea is to have the wireless client workstation generate data packets with IVs which we can use to crack the WEP key. Normally we have the access point itself generate the data packets with IVs.  So why would you need to leverage a wireless client workstation instead of the access point? Here are just a few of the reasons: The basic idea is to have the wireless client workstation generate data packets with IVs which we can use to crack the WEP key. Normally we have the access point itself generate the data packets with IVs.  So why would you need to leverage a wireless client workstation instead of the access point? Here are just a few of the reasons:
Line 18: Line 18:
   * You are within range of a client but not the access point itself   * You are within range of a client but not the access point itself
  
-I would like to acknowledge and thank the [[http://trac.aircrack-ng.org/wiki/Team|Aircrack-ng Team]] for producing such a great robust tool.  And also acknowledge the many other people who came up with the ideas and techniques described in this tutorial.  I certainly don't take credit for the techniques in this tutorial.  My role was simply to pull them together in one place and describe them in detail.+I would like to acknowledge and thank the Aircrack-ng Team for producing such a great robust tool.  And also acknowledge the many other people who came up with the ideas and techniques described in this tutorial.  I certainly don't take credit for the techniques in this tutorial.  My role was simply to pull them together in one place and describe them in detail.
  
 Please send me any constructive feedback, positive or negative. Please send me any constructive feedback, positive or negative.
Line 198: Line 198:
 We first need to generate the xor file. This file gives us the ability to create new encrypted packets for injection. We first need to generate the xor file. This file gives us the ability to create new encrypted packets for injection.
  
-You run the following command and select a packet which is a decent size.  It has to be larger then the ARP packet we want to create. So pick something like 86 or more bytes. As well we need to determine the IP address of the wireless workstation we are targeting. So pick a packet with a source or destination MAC address of the workstation. The reason for this is will later use tcpdump to look at the decrypted packet and obtain the IP address.+You run the following command and select a packet which is a decent size.  It has to be larger then the ARP packet we want to create. So pick something like 86 or more bytes. As well we need to determine the IP address of the wireless workstation we are targeting. So pick a packet with a source or destination MAC address of the workstation. The reason for this is that we will later use tcpdump to look at the decrypted packet and obtain the IP address.
  
 Run "aireplay-ng -4 ath0 -h 00:0F:B5:46:11:19". Run "aireplay-ng -4 ath0 -h 00:0F:B5:46:11:19".
how_to_crack_wep_via_a_wireless_client.txt · Last modified: 2018/03/11 20:17 by mister_x