WirelessHack | Source of news for electronic projects including Kali Linux, Wireless Security,...

WirelessHack
Source of news for electronic projects including Kali Linux , Wireless Security, KODI , SDR , Raspberry Pi , How- To - information , Guides and Tutorials.
Step By Step Kali Linux and Wireless Hacking Basics WEP Hacking Part 3
This is a multiple part series for someone new to wireless hacking, with pictures and videos.
Introduction To Kali and WiFi Pen Testing
How to Install Kali Linux
WEP Hacking
Kali Linux and Reaver
Getting a Handshake and a Data Capture, WPA Dictionary Attack
Using Aircrack and a Dictionary to Crack a WPA Data Capture
Cracking a WPA Capture with the GPU using HashCat
Next Creating a Dictionary / Wordlist with Crunch Part 8
Note: If you are using a updated version of Kali and aicrack-ng mon0 interface has been changed to
wlan0mon . Read here for more info.
Kali Linux and WEP Hacking
WEP is the original widely used encryption standard on routers. WEP is notoriously easy to hack. Even though WEP is rarely seen anymore it still does pop up every now and again.
Also this is a good place to start for someone new to wireless pen testing before moving on to WPA encryption.
Penetration Testing Setup
Setup a old router and log into it setting it up as WEP for wireless security to use as a test router. Have one other computer, tablet, or smartphone connected to it wirelessly since the encrypted data between the two will need to be captured.
The basic idea of this attack is to capture as much traffic as possible using airodump-ng. Each data packet has an associated three byte Initialization Vector called IV’s. After the attack is launched the goal is to get as many encrypted data packets or IV’s as possible then use aircrack-ng on the captured file and show the password.
At this point Kali Linux should be running along with the WEP encrypted router and a wireless connected device. Also a wireless USB adapter should be plugged in and ready.
Open a terminal window by pressing the terminal icon at the top left.
Next type in the command “airmon-ng” without the quotes to see if your adapter is seen by Kali Linux. It should show the interface, chipset, and driver. If it doesn’t then some troubleshooting will have to be done as to why the adapter is not seen.
Next type in “airmon-ng start wlan0” to set the USB adapter into monitor mode.
Now we need to see what routers are out there and find the test router. To do this run the command “airodump-ng mon0”. After this command is run a screen will come up showing the routers in range and there information.
(If a adapter comes up enabled on mon1 or mon2 simply used that instead of mon0)
The test machine that was setup should be seen along with its information. The information needed will be the BSSID, channel (CH), and ESSID. The test machine here is the dlink router with the BSSID: 00:26:5A:F2:57:2B the channel is on 6 and the ESSID is dlink.
Once this information is seen don’t close the terminal window press CTRL+C inside the window to stop it from using the USB adapter and leave it to refer back to.
Open another terminal window to run the next command. Also when done this way the BSSID can be simply copied and pasted when needed.
Next the WEP encrypted data packets needs to be captured. To do this the airodump-ng command is used along with some switches and information collected.
For me this would be:
airodump-ng -w dlink -c 6 –bssid 00:26:5A:F2:57:2B mon0
airodump-ng is the command, -w is a switch saying to write a file called dlink to the drive, -c is a switch saying the target is on channel 6, –bssid is another switch saying which bssid to use, and finally mon0 is the command to use the USB adapter enabled on mon0.
Change the file name, channel, and bssid to match your test router. Copy the information from the first terminal window. Copy and pasting the BSSID into the new terminal window is much quicker then typing it for most.
airodump-ng -w (ESSID) -c (channel) –bssid (BSSID) mon0
After this is done correctly a window will come up and show information about the target router. The main feedback we need to watch is the Beacons and the Data.
These numbers will start at zero and grow as traffic is passed between the router and another device. As these numbers grow, they are being captured in the file specified in the previous command for this example it would be a file named “dink”. IV’s need to grow big to crack the password usually at least 20,000 plus, but ideally 100,000 plus. At this point someone can simply wait for the IV’s to grow large enough to crack the password, but there is a way to speed things up.
To speed up the IV’s open a third terminal window letting the second run capturing the data. In the new terminal window the aireplay-ng command will be used in a two part process first use the command “aireplay-ng -1 0 -a (BSSID) mon0”. So for this example it would be aireplay-ng -1 0 -a 00:26:5A:F2:57:2B mon0
After this run the command “airplay-ng -3 -b (BSSID) mon0” for this example it would be the following:
aireplay-ng -3 -b 00:26:5A:F2:57:2B mon0
This will begin sending out ARP request and the data and the beacons should begin to grow quickly. Again speeding up the capturing of the IV’s is not necessary but handy.
Aircrack-ng will be used on the data file being written to with the information. Aircrack-ng can be run at anytime even when there is not enough data captured it will say on the screen it needs more if there is not enough.
To use aircrack-ng we need the data file being written to the hard drive. In this example it is dlink. Open a new terminal window and type the command “ls” to see the file. The one aircrack-ng needs is the .CAP file here it is called “dlink-01.cap”.
To start aircrack-ng run the command “aircrack-ng (file name)” so here that would be
aircrack-ng dlink-01.cap
Aircrack will begin to run and start to crack the password. Here is what is what it looks like when it is done.
After “Key Found” it shows the password in hexadecimal or ASCII they are the same and either one can be used. For this example the password on the router was 12345.
Next Kali Linux and Reaver
Category: Wireless Security
5 thoughts on “Step By Step Kali Linux and Wireless Hacking Basics WEP Hacking Part 3”
I’ve a problem on the terminal i’m new with Kali and linux in general, i’m using bootable USB this is the the problem i’m facing:
root@kali:~# airodump-ng wlan0monmon
ioctl(SIOCSIWMODE) failed: Device or resource busy
ARP linktype is set to 1 (Ethernet) – expected ARPHRD_IEEE80211,
ARPHRD_IEEE80211_FULL or ARPHRD_IEEE80211_PRISM instead. Make
sure RFMON is enabled: run ‘airmon-ng start wlan0monmon ‘
Sysfs injection support was not found either.
Reply ↓
Kali 2.0 has been having these errors with some setups.
Run these commands
ifconfig wlan0mon down
iwconfig wlan0mon mode monitor
ifconfig wlan0mon up
Here is a video showing the steps.
Reply ↓
When using aircrack-ng getting error, “Please specify dictionary”
Reply ↓
Extra info: I’m not getting any handshake during airodump, nor am I getting any stations.
Reply ↓
Do you have a Kali Linux compatible USB adapter? How are you running Kali?
Reply ↓
Leave a Reply
Your email address will not be published. Required fields are marked
*
Name *
Email *
Website
Comment
Post Comment
What Is The Fastest USB WiFi Adapter Of 2015
How To Use Kodi Media Center Tutorial
The Best Security Options For A Wireless Router in 2015
How To Increase a 5 GHz WiFi Router Range
Aircrack-ng v1.2 RC2 Adds New Options: wlan0mon With WPS Support
How to install Kali Linux on a Raspberry Pi 2 Quad Core
Top Kali Linux compatible USB adapters / dongles 2015
How to Install Kodi on a Android Phone and watch Free TV shows and Movies
How to install Kodi on a Raspberry Pi model 2
Kali Linux and the Alfa AWUS051NH Dual Band USB adapter review
Best Selling Wireless Do It Yourself Home Security Systems
Get rid of Cable TV with XBMC / Kodi
Recent Posts
Review: The Dragon Box Quad Core Media Streaming Device Db4 Android TV Box
How to Do a Clean Install Update of Kodi on a Android TV Box
How to Install Kodi and Genesis on a Windows 10 PC
What is The Best OBD2 Scan Tool for a PC Laptop
Top Android Bluetooth Automotive Scan Tools 2015
What Is The Best Bluetooth OBD2 Scan Tool?
What is a TV Dongle Stick?
Kali Linux 2.0 Compatible USB Adapter Test
How To Install The Alfa AWUSU36H USB Adapter In Windows 10
How To Get Local TV Channels Without Cable 2015
How To Install a Digital TV Antenna
Highest Rated Wireless Gaming Headset 2015
Windows 10 Smart TV Box Options
How to install Kali Linux on a Raspberry Pi 2 Quad Core
Best USB Wireless Adapter For Gaming Desktop PC
How To Setup a Wireless Router Without a Computer
What Is The Fastest USB WiFi Adapter Of 2015
How To Install/Upgrade Your Laptop to Wireless 802.11ac
The Best Walkie Talkie of 2015
Amazon Releases New Fire TV Box
Top Selling Handheld CB Radio With Reviews
What Is A Good CB Radio To Buy?
Review: Best Motorcycle Bluetooth Transmitter to Headset With Mic
Over The Air Digital TV Antenna Reviews
How To Turn Off Windows 10 WiFi Password Sharing
Can The Raspberry Pi 2 Run Windows?
Top 5 Devices To Run KODI From 2015
Best Wireless Remote Control Power Outlet Outdoor On Off Switch
Best Windows 10 Compatible Wireless USB Dongles
Top WiFi SIP Phones for Home or Business 2015
All information on this site is for testing and educational purposes only; for use by network security administrators, penetration testing professionals, or testing the security of your own wireless connection.
The owner of this website, wirelesshack.org , is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking www.wireleshack.org to Amazon properties including, but not limited to,
amazon.com , endless.com, myhabit.com ,
smallparts.com, or amazonwireless.com
Wirelesshack.org is a source of news for electronic projects including Kali Linux, Wireless Security, Network Security, Raspberry Pi, How-To- information, Guides and Tutorials.
Any Amazon product listed as best or top selling is always changing. Amazon product list should always be verified on the Amazon site
WirelessHack | Source of news for electronic projects including Kali Linux, Wireless Security,...
wirelesshack.org