Laughter is the Best Medicine

Cracking WEP with Kali Linux tutorial  (Verbal step by step)

in this tutorial I'm going to teach you how to crack wireless weapon cryptid passwords I'm going to assume they have Kali Linux up and running and a wireless card that's capable of packing injection we're going to start by opening up a terminal and viewing our wireless interface we'll do that with the commander called airmon-ng as you can see my wireless interface is wlan0 the chipset for my card and the drivers that I have installed now if your interface is not exactly the same as mine you'll have to substitute it for the end of this command but after that you'll be able to follow the video step for step then we're gonna go ahead and create an interface that's running in monitor mode what monitor mode is going to be it'll allow us to do is to capture all wireless traffic with our card so let's do that now we'll do that by running the same command as we just did air monk – ng start and in the name of our wireless interface as you can see here we've created the interface mon0 running and monitor mode now you may or may not get this warning message what this is telling you is that if you're running these services here you may come into an issue so what we'll do is we'll terminate those services so we don't have a problem now that we've done that let's see the wireless access points that are around us we'll do that with a command called airodump-ng and then the name of the interface that we created Monsey row I'll let this run for a while okay I'm gonna go ahead and stop this and I'll give you a brief explanation of what's on the screen now the bssid is the MAC address of the access point or router the power here the greater the value of the number the worse the signal strength is the less the value of the number the better your signal strength is ch is the channel that the access point is running on so six one three and so on the encryption WPA WEP open and the e SSID which is the name of the access point now down here you can see the access point and then the computer that is connected to that access point not associated means that there is a computer looking to connect to an access point which is sending out probes looking to connect to Bell nine eight seven Linksys and so on so what we're going to do is we're going to go ahead and select an access point and crack that wireless password that's here let's pick bell seven two five so we'll open up another terminal so we can just lock on to the data coming from that one out we can do this with the same command that we just did followed by a few other syntax dusty for the channel as you can see it's running on channel 1 dodge w now this is the name of the file that the data is going to be written to you can choose whatever name you want but in this case I'm just going to go with bail since this is a bail access point followed by the bssid of the access point so we'll copy that in and then our interface mon0 all right so as you can see here we have two computers that are connected to this access point we have a field here data which is climbing very slowly now to crack this password we're going to need a tremendous amount of data or initial ation vectors is what they're actually called so our atok is going to make the data climb at an enormous rate so we don't have to wait and wait and wait as we collect we can do it in a few minutes so first off what we'll do is we'll associate with the app with a command called Airy play ng one for fake of dedication then a and then the bssid of the access point followed by our interface once you associate you'll get this message association successful and a little smiley face so now we're going to start the attack so we can get the data to climb at an enormous rate so we'll do that with an ARP replay attack so we'll use the same command again with just different syntax error play – ng and then three for our pre play attack – B for our filter for the bssid of the access point and then our interface mod zero as you can see this is sending ARP requests and you can see here that the data is climbing at a quicker rate so as that's going we'll open up another terminal and I'll show you the files that we've created now the data is getting saved to this file here called bail zero one dot cap that's the file we're going to use to crack the password we'll run a command called aircrack-ng and the name of that file bail zero one dot cap now it's going ahead and using the data that we're collecting to crack the password now if it doesn't have enough right off the start it will tell you that it failed just let it run once it collects enough it's going to start it over again so what I'll do is I'll pause the video and wait until we have enough data okay so the attack has been running for about a minute now and you can see that we have about 37,000 initialization vectors or data so we can go ahead and run the command to crack the password as you can see the password has snakes actually bit cracked we can go ahead and stop this and this now you may notice that the password may not be in Word form or in words and numbers as if the the user has typed it in themselves it comes up as hex but that's alright that will work just as well so what we're going to have to do is we're going to have to go ahead and start up those services that we killed earlier so that we can use the internet we'll open up a terminal will type in service networking start service network manager start and then we'll have the little Network guy that pops up here so we can go ahead and click I'll show you here first okay here it is see and we don't know the password but if you just copy the Hexen as it goes paced shoki and all we have to do is take out the cold ones and then hit connect give it a second and you are now connected to Belle 7:25 the password that we just cracked we can clarify this by doing it iw config on our interface W land 0 you can see they were connected to the access point bell seven five two you successfully cracked the password for that access point

35 thoughts on “Cracking WEP with Kali Linux tutorial (Verbal step by step)

  1. I remember learning this stuff way back, i had same issue over and over for any looking this will help. Just do these steps always.

    [……..] means not part of the command but notes

    1. ifconfig [look for your wlan interface. Probably something like wlan0 i will use in this example]
    2. ifconfig wlan0 down
    3. iwconfig wlan0 mode monitor
    4. ifconfig wlan0 up

    THEN it may seem to work but get no results so i always do this.

    5. airmon-ng check kill [this will kill apps that are going to interfere with the tools. Remember to take note of the apps.]
    6. airodum-ng wlan0 start

    Now you can continue on the tutorials you will find. A BIG ISSUE I KEEP SEEING IS "HOW DO I USE MY WIFI AGAIN WHEN DONE?"

    After done scanning and wanting to get back to regular wifi do these steps

    1. ifconfig wlan0 down
    2. iwconfig wlan0 mode managed [places back so you can use like normal listing wifi icon and AP's to conect to]
    3. ifconfig wlan0 up
    4. Networkmanager [this is the apo that was killed if any in "airmon-ng check kill". Once you run them all again your wifi card is back to normal.]

    Thats it and i know most know this, but hopefully to those starting out (we all started at some time) it saves them some time. Happy learning.

  2. Does anyone know where and how to download Kali Linux? I've tried searching for it, but I keep then it seems that I need to download a lot more things other than just Kali Linux.

  3. Hey I'm a beginner…could you tell me what things are needed to crack a wifi.All I have a hp laptop write now.

  4. Thanks!
    I tried some automatic tools like wifite before and they failed.
    I guess aircrack solo FTW after all 😀

  5. hello ,
    According to this tutorial the whole process is completely done but the last process which the command is after (LS) i'll type the aircrack-ng and the my cpa file but it show 0 encription and does'nt show any password and show to type a next command what should i do now please help me as soon as possible.

  6. due to the last process when i was type aircrack-ng and and the .cap file name when it shows that please specify a dictionary option (-w) and also the process of encryption it show WPA(0 handshake) and also i'll try it so many times but it shows same thing and does'nt show the key . What should i do now please help me as soon as possible.

  7. my next door neighbour uses this and he has screwed up my internet making it very slow and crash loads also I no when he is in bed as all my wireless tech can connect to my wifi

  8. i can hack wpa2 wps in 2 minutes but i cant connect my own network wit wep and pass is 12345 lol. i dont have any network+manager atleast it not open 😀

  9. okay so I attempted this on my school network and found that no data comes up even after trying to inject packets…after waiting about 10 minutes the beacons were skyrocketing but the data only ever went to 1??

  10. Hi, does this method is applicable for wpa and wpa2 I try fluxion method.. But I still never able to break the code..

  11. Very nice video. Is it possible to determine what is the actual password typed by someone using this key?

  12. I keep getting the message: "Waiting for beacon from (bssid)" even when trying aireplay. Is there something im doing wrong? please be detailed

  13. I don't have enough space in my home…it's only 957 mb. because i am running live boot…After capturing 10k data it says no space left!!!!! is there any way i can store .cap file in hard drive??…or how to extend home space in usb live boot?? TIA

    my pen drive is 16 gb

Leave a Reply

Your email address will not be published. Required fields are marked *