Backtrack 5 Manual Revolution with GNOME graphical environment for WEP key
Before entering the field, we must remember that this distribution, its use depends on the user. These tools and the manual / tutorial are not designed for criminal purposes. Therefore the responsibility of the use made of it, depends only on you. Make good use of this information.
The following steps have made a Crotalus USB Chipset Ralink 3070L 2000mW with. However, using other compatible cards these steps could also be valid, such as adapters with Realtek 8187L chipset. We have used the latest version, the BackTrack 5 Revolution with GNOME graphical environment.
- Update: For this method to work properly, you must have at least one client connected to the network that will be audited.
We will use a program called Gerix Wifi Cracker. The program is located at: BackTrack → Applications → Tools → Wireless Exploitation Exploitation Exploitation → → WLAN gerix-wifi-cracker-ng.
This is the main program screen.
Now we turn to the Configuration tab:
The first step is to start the monitor mode wireless card to do that you click where it says:. Enable / Disable Monitor Mode will see that make us another network interface called mon0. This is what we use to decrypt the key.
The second step is to scan the networks around us, for that we have to click on Scan Networks.
We note how we appear several networks, we firstly the target network.
Now that we have chosen network we headed to the WEP tab, here we have to choose the option: Start Sniffing and Logging.
We'll see how it opens a terminal with the network that we want to associate. The next step is to authenticate to perform the attack. For that we have to lead WEP Attacks (with clients) and clicking Associate With AP using fake auth.
We note that puts OPN AUTH column. That means that the authentication was successful.
Then we will make an attack on the chosen network, for that click on ARP request replay.
We'll see how other terminal is opened (the left in the picture). This terminal is injecting packets need to decrypt the key that the number of terminal #Data right increases, we can try to figure out the key from the 5000 #Data, although there is no exact number, it all depends the length of the key.
When we have enough #Data headed to the Cracking tab and click on Aircrack-ng - Decrypt WEP password If we are successful we will get the following screen.:
We quote some of the cards we tested and work perfectly with the steps that follow in this manual:
Obviously these are not the only compatible but these are among the best we've tested.