Cracking the WEP and WPA wireless networks successfully resembles some networking terminologies and principles and the command-line tools. The fact that there is a basic similarity with Linux systems is also helpful. Once the command line programs are in place, the process of cracking the WEP and WPA encryptions can begin in a number of steps as follows:
- Set a wireless network card on ‘monitor’ mode to capture the traffic of the network without associating it to any access point. This will enable the system to capture the packets while dissociating from any network. The NIC driver supports a small number of network cards.
- Once the network card is connected, check it with the Airmon-ng, script used to switch the card to monitor mode. Select the networks available and select the targeted network. The airodump-ng systems for monitoring the channels and capturing packets will come in handy to search the networks available. Select the networks that have strong signals such as the PWR columns and those that attract larger traffic as well as the associated clients. Note the channel of the selected target and the BSSID, the address of the MAC. Take note of any stations that are associated with the BSSID address.
- To capture the data into a file, use the airodump-ng tool and add some switches in order to target a particular channel and AP. Restrict the monitoring to a single channel so as to speed up the process of collecting data and prevent the wireless card from alternating between different channels.
- A network that is active will take a relatively short time to penetrate while one that is slow can take as long as hours or even days. Use the aireplay-ng command within a separate terminal or window alongside the airodump-ng command. The WAP cracking will be successful only where the driver allows injection mode.
- Cracking WEP requires collection of adequate data and the extraction of the key as well as the connection to a network. The cracking can be done while data is being captured. Use the aircrack-ng data*.cap within the terminal window where the data is being captured on cap file and located within the same directory.
- The data may contain packets or ivs from various access points, a list will be presented so that the ones that should be recovered are chosen. To successfully crack WEP keys, about 20K to 40K packets are required. However, in some instances the system may use only 10000 packets. This process takes a very short time.
With this step by step guide, cracking WEP and WPA Security Encryptions is a manageable task.