Something I have always wanted to do but never took the time until recently was learn how to crack WEP encryption. I can remember scurrying from class to class in college nearly two years ago while listening to Security Now with Leo Laporte and Steve Gibson explain just how bad WEP had been compromised.
After taking a few hours yesterday to read up on the subject, I was able to break the WEP encryption on my own router in a matter of minutes (using a weak passphrase). The process is so easy now for phrases that non-security conscious users would implement, that I think my little sister could do it.
The methodology I used requires that the passphrase be contained in the dictionary file of the software you are using to crack the encryption. I have decided to re-post the method I used to demonstrate how easy it is and encourage people NOT to use WEP encryption.
The popular Cain and Able software for Windows cant do this without the purchase of a 100 special chipset wireless card (its BS, they must have a partnership with the wireless card vendor) so you can't use Windows.
Go grab yourself a copy of Backtrack3 it comes as an ISO file. You use a CD burning program to write this iso to a CD-R. You then start your computer with this disk in the CD drive and instruct your computer to boot from the disk.
Backtrack will run without installing anything on your computer.
Once you have backtrack3 running and it seems to be working, the rest is cake. There is actually a Youtube video that I followed that worked perfectly. Its titled Crack wep CLIENTLESS with backtrack3
NOTE: Your wireless card probably isnt "wlan0" as his is in the video. Mine was on eth1. You can check this using some of backtracks utilities in the "Internet" menu item. Also in Linux you can hold the Control + C button to stop a program running. For example, after I get the BSSID in step 3, I use control + C to stop airmon-ng.
So here is a list of the commands he uses:
Comments
HAHA! That's awesome, Chuck. I've thought about reading up on this just for the sake of feeling hacky, but never took the time. Nice post.
Comments are currently disabled.