Receive/Transmit

Its a well known fact that WEP is fundamentally broken, and its also a well known fact that it can be cracked very easily. Unfortunately it doesn’t seem to be well known enough, as I frequently come across friends who only use WEP encryption on their wireless. The best way to convince them to change it is to demonstrate how easy it is to break, which is what this post is about. This post is for my benefit as much as anyone else’s. I realise its been done to death and there’s hundreds of tutorials already out there, but whenever I need to do this I can never remember the commands and the stuff online never seems to be quite correct or is slightly out of date regarding command switches etc.

I’ll be using a standard laptop running BackTrack 4 R1, with an Alfa USB wireless adaptor (AWUS036H). Using a well-tested adaptor such as this will solve a lot of headaches as it is literally plug and play.

I’ll split this into four steps: finding the target; performing the attack; cracking the key; and connecting to the network. For the purposes of this I’ve set up an access point running 64 bit WEP so the capturing goes a little faster. I’m going to skim over a lot of the theory since this is available elsewhere in much better detail than I’ll be able to go into.

(continue reading…)