Linux

 

Linux tools, Howtos

 

Tools Index

 

Wireless Commands

 

FC6 Build Howto

 

FC5 Build Howto

 

FC4 Build Howto

 

Live Linux Distros

 

 

Site Search

 

 

 

 

Windows

 

WIN32 tools, Howtos

 

Tools Index

 

 

Get Firefox!

 

 

General

 

Miscellaneous WI-FI

 

Default WI-FI Settings

 

Rogue AP Howtos

 

WI-FI Certifications

 

802.11 Standards

 

STEP BY STEP Guides

 

Formats / Extensions

 

WI-FI Home Security

 

Useful Links

 

 

 

 

WEPCrack Main:

Project homepage: http://wepcrack.sourceforge.net/

"WEPCrack is an open source tool for breaking 802.11 WEP secret keys. The tool is is an implementation of the attack described by Fluhrer, Mantin, and Shamir in the paper Weaknesses in the Key Scheduling Algorithm of RC4...WEPCrack was the first publicly available code that demonstrated the above attack...released to Bugtraq on Aug 12, 2001" -WEPCrack author (Anton Rager)

Being the first tool available to break 802.11 WEP keys, WEPCrack is getting a little long in the tooth (last updated Oct 2004) and also seems to guess wrong now and again.  However there are several reasons for still using WEPCrack:

"Its educational.  If you want to know how the FMS attack works, reading the code of the WEPCrack scripts is probably the best way to learn about it...It doesn't care about the card chipset as long as you can put it into the RFMON mode (think about cracking on 802.11a networks.") -Wi-Foo The Secrets of Wireless Hacking

Installing WEPCrack

 

NOTE: Atheros based cards were very slow interacting with WEPCrack (Prism seemed the most responsive).

 

 

Using WEPCrack:

Configure your card for monitor mode:

iwconfig [interface] mode monitor (obviously replace [interface] with either wlan0, ath0 or eth1).
iwconfig [interface] channel 6 

ifconfig [interface] up 

 

Usage:

 

 

 

./pcap-getIV.pl -b 13 -i wlan0 (to start collecting the weak IVs for a 128 bit WEP capture)

 

 

 

 

Typing 'h' will bring up the interactive menu:

 

 

 

 

NOTE: If you have trouble with the interactive menu not responding quickly/crisply carry out a reboot and then repeat the "configure your card for monitor mode" steps above.

 

 

 

 

Once approximately 60 IVs for each key byte have been collected (type 's' for current status) either type 'c' to launch the WEPCrack process on the collect data or ^c to exit and run WEPCrack.pl on the collected data.

 

 

 

The final perl script WeakIVGen.pl is:

"Used to specify a key, and the program will generate a file "IVFile.log" that contains IVs that weaken each character of the secret key entered.  The format for entering the key is "00:01:02:03:04" where each digit is a decimal value of actual key character, and the ":" character is used to delimit each key character." -WEPCrack author (Anton Rager)

 

  
 
  © Copyright 2005-2006 Wirelessdefence.org. All Rights Reserved.