User Tools

Site Tools


how_to_crack_wep_with_no_clients

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
how_to_crack_wep_with_no_clients [2009/09/26 14:34]
darkaudax Fixed typos
how_to_crack_wep_with_no_clients [2011/08/28 16:08] (current)
darkaudax Edited tutorial based on feedback.
Line 1: Line 1:
 ====== Tutorial: How to crack WEP with no wireless clients ====== ====== Tutorial: How to crack WEP with no wireless clients ======
-Version: 1.15 September 262009 \\+Version: 1.16 August 28201 \\
 By: darkAudax \\ By: darkAudax \\
 Video: [[http://​video.aircrack-ng.org/​noclient/​|http://​video.aircrack-ng.org/​noclient/​]] Video: [[http://​video.aircrack-ng.org/​noclient/​|http://​video.aircrack-ng.org/​noclient/​]]
Line 103: Line 103:
 In the response above, you can see that ath0 is in monitor mode, on the 2.452GHz frequency which is channel 9 and the Access Point shows the MAC address of your wireless card.  So everything is good.   It is important to confirm all this information prior to proceeding, otherwise the following steps will not work properly. (Note: If you are using a driver other than madwifi, then the Access Point field will be either invisible or show something other than your card's MAC address. This is normal.) In the response above, you can see that ath0 is in monitor mode, on the 2.452GHz frequency which is channel 9 and the Access Point shows the MAC address of your wireless card.  So everything is good.   It is important to confirm all this information prior to proceeding, otherwise the following steps will not work properly. (Note: If you are using a driver other than madwifi, then the Access Point field will be either invisible or show something other than your card's MAC address. This is normal.)
  
-To match the frequency to the channel, check out: +To match the frequency to the channel, check out: http://www.cisco.com/en/US/​docs/​wireless/​technology/​channel/​deployment/​guide/Channel.html#​wp134132 ​.  This will give you the frequency for each channel.
-http://www.rflinx.com/help/calculations/#​2.4ghz_wifi_channels then select the "​Wifi ​Channel ​Selection and Channel Overlap"​ tab.  This will give you the frequency for each channel.+
  
 === Troubleshooting Tips === === Troubleshooting Tips ===
Line 232: Line 231:
            Use this packet ? y            Use this packet ? y
  
-When a packet from the access point arrives, enter "​y"​ to proceed. ​ You may need to try a few to be successful.+When a packet from the access point arrives, enter "​y"​ to proceed. ​ You may need to try a few different packets from the AP to be successful.  These packets have ""​FromDS:​ 1".
  
-When successful, the system ​reponds:+When successful, the system ​responds:
  
    ​Saving chosen packet in replay_src-0203-180328.cap    ​Saving chosen packet in replay_src-0203-180328.cap
Line 380: Line 379:
   *-k 255.255.255.255 is the destination IP (most APs respond to 255.255.255.255)   *-k 255.255.255.255 is the destination IP (most APs respond to 255.255.255.255)
   *-l 255.255.255.255 is the source IP (most APs respond to 255.255.255.255)   *-l 255.255.255.255 is the source IP (most APs respond to 255.255.255.255)
-  *-y fragment-0203-180343.xor is file to read the PRGA from+  *-y fragment-0203-180343.xor is file to read the PRGA from (NOTE: Change the file name to the actual file name out in step 4 above)
   *-w arp-request is name of file to write the arp packet to   *-w arp-request is name of file to write the arp packet to
  
Line 451: Line 450:
         Use this packet ? y         Use this packet ? y
  
-Enter "​y"​ to use this packet. ​ The system responds by showing how many packets it is injecting and reminds you to start airodumump ​if it has not already been started:+Enter "​y"​ to use this packet. ​ The system responds by showing how many packets it is injecting and reminds you to start airodump-ng ​if it has not already been started:
  
    ​Saving chosen packet in replay_src-0204-104917.cap    ​Saving chosen packet in replay_src-0204-104917.cap
how_to_crack_wep_with_no_clients.1253968478.txt.gz · Last modified: 2009/09/26 14:34 by darkaudax