Before we begin, all tutorials are performed with an Eee-PC 900 with Backtrack 4 beta.

To start, we must put our network card into monitor mode. To determine what the name of your NIC card is, open a shell prompt  and type iwconfig

iwconfig

in the list, the main card is wifi0, and the ath0 means the card is an atheros card, but , if your list has wlan0, then you will be just fine. Our next step is to put the card into monitor mode. To do that, we then type
airmon-ng start wifi0

monitor mode

if your NIC card is wlan0, replace wifi0 with wlan0. As you see, there is a new card, labeled ath1. ath1 is our card in monitor mode. Now we must find a network in range to crack. So we run kismet. To launch kismet, we type kismet

kismet

If you have an error in which kismet cannot find ‘wlan0’ because you have an atheros card, you need to edit kismet.conf file which is normally located in the /etc/kismet/ folder. you will need to change the wlan0 to ath1 which is your NIC card in monitor mode.

After you find the wireless network you wish to crack in kismet, hit the ‘s’ key to sort the list of networks in kismet and select ‘w’ to sort by wep, scroll down to the network you want, hit enter to view the bssid of the network.

Now, open up a new shell prompt, we are going to start creating ivs with wesside-ng, we type              wesside-ng ath1 -v [bssid of network]

kismet

With wesside-ng,  we use the NIC ath1 and -v is the victim wireless bssid, you force association with the network, and guess the authentication key thats used, and start sending ivs to the network, and create a file ‘wep.cap’ in the directory you ran which has all the ivs generated. Once you have enough IVS you can crack the wep key. To see if you have enough ivs, load a third shell prompt, type aircrack-ng wep.cap to crack the network on the capture file if you have enough IVS

kismet

And thus, we have cracked our wireless network.

Advertisements