Linux tools, Howtos


Tools Index


Wireless Commands


FC6 Build Howto


FC5 Build Howto


FC4 Build Howto


Live Linux Distros



Site Search







WIN32 tools, Howtos


Tools Index



Get Firefox!





Miscellaneous WI-FI


Default WI-FI Settings


Rogue AP Howtos


WI-FI Certifications


802.11 Standards




Formats / Extensions


WI-FI Home Security


Useful Links







Project Homepage: (OFFLINE)

Project Homepage: Local Mirror of Homepage  aircrack-2.41.tgz  MD5: 05A37C8A165EFB11EA226829C809DEB3

NOTE: The next generation of Aircrack, Aircrack-ng has far superseded the functionality of the original; Aircrack-ng's project homepage can be found here:


Once as many IVs as required have been captured using the airodump packet capture utility the resultant [filename].cap file is imported into aircrack to break the static WEP or WPA-PSK keys.

Installing aircrack

aircrack help

Breaking WEP

Breaking WPA

aircrack usage




aircrack help:

aircrack will give you the following help:


Basic usage: aircrack  -q  -n  [WEP key length]  -b [BSSID]  [filename].cap



Breaking WEP:


How many packets do I need?


Approximately 300,000 packets for breaking 64-bit WEP


Approximately 1,000,000 packets for breaking 128-bit WEP



aircrack -q  -n 128  -b  11:11:11:11:11:11  capture1-01.cap

The WEP key 86:65:78:38:8F:51:7B:E0:B4:81:8A:0D:B1 was cracked in under 10 seconds.  aircrack is very quick, it is the capture process using airodump that takes the majority of the time in WEP cracking.



Breaking WPA:

Once the WPA handshake has been collected (see aireplay) we can perform a dictionary attack to determine the WPA-PSK (Pre-Shared-Key)

aircrack  -a 2  -w  passwords.txt  capture1-01.cap



aircrack Usage:


aircrack provides us with a wealth of options (type aircrack or visit project homepage for full listing): 

  • -a [mode 1 or 2] 1=WEP, 2=WPA-PSK


  • -e [essid] target selection network ID


  • -b [bssid] target access point's MAC


  • -q enable quiet mode


  • -w [path] path to a dictionary word list (WPA only)


  • -n [no. bits] WEP key length (64, 128, 152 or 256)


  • -f [fudge no.] defaults are 5 for 64 bit WEP and 2 for 128 bit WEP




aircrack -a 1  -n 64 capture1-01.cap


    Runs aircrack against the capture1-01.cap file in 64 bit WEP cracking mode


aircrack -q -b 00:06:25:BF:46:06  -n 128 -f 4 testfile-01.cap


    Runs aircrack in quiet mode against the testfile-01.cap file in 128 bit WEP cracking mode with a fudge factor of 4


aircrack -a 2  -w  passwords.txt  capture1-01.cap


    Runs aircrack against the capture1-01.cap file in WPA-PSK dictionary attack mode


   Copyright 2010 All Rights Reserved.