Step by step to crack Wi-Fi WEP encryption

For your information, WEP encryption is totally no safe at all! It can be crack within few minutes time with little effort only. WPA & WPA2 tend to have higher grade of security because you might need to match the sniff packet with the dictionary (database of all the password possibility). Perhaps, it is a 50GB text file or 100GB text file, who know? However, it seem like impossible to contains all the possibility of WPA & WPA2 password in a single text file.

So, I will demonstrate step by step on the WEP cracking process here. However, please ask permission from the owner first before doing anything silly on other people wireless network. Please take you own risk before you try the below step.

1. First of all get all the necessary tools for wireless crack. For me, I will use Backtrack 5 R3 as my based OS. Fyi, backtrack pre-loaded with all the software required by this lab. You can search for backtrack on google and download it before you start. I won't explain much on backtrack here. The software that need as follow,

• airodump-ng
• aireplay-ng
• aircrack-ng

Backtrack 5 R3 (the latest version for now)

 2. You need to get a compatible wireless card or adapter to make this work. You may google "compatibility list of wireless adapter for aircrack". Then you will get the link. For here, I am using D-link 802.11b/g wireless adapter (DWA-110).

3. Launch the terminal in backtrack. Issue the command, iwconfig. If your wireless card detected then it will show you in the list. This is quite similar to windows ipconfig but this only show details for wireless interface in linux system.

Wireless interface detected as wlan0. So, the rest of work will use wlan0 as interface

4. Make sure you mode in Monitor mode. Most of the time the mode will in Managed mode. So, you need to change it as follow command.

To change from Managed mode to Monitor mode.

5. Start to scan the wireless network. Type :

airodump-ng wlan0

You will get the result as follow. Airodump-ng will help you to scan thru all the wireless network AP & host nearby your wireless card or adapter. You will see a list of SSID & wireless in the result.

There are 2 SSID and 1 client detected on the scan.

6. We going to crack password for SSID named FreeInternetAccess. There is a client connect to the SSID. Type the below command to collect wireless network packet.

airodump-ng --bssid 00:xx:xx:xx:21:30 -w /root/Desktop/test wlan0

--bssid, the SSID you going to collect wireless packet.
-w /root/Desktop/free, you going to write the file to desktop and name it to test as pre-fix.

The command to sniff and collect wireless packet to a single file.

The screen you will get after issue the command.

7. For you to crack the WEP key, you need to collect at least 25k packets data. Normal user traffic is slow for us to hit that number of packets. So, we try to generate some wireless traffic using aireplay-ng. Type :

aireplay-ng --arpreplay -b 00:xx:xx:xx:21:30 -h C0:xx:xx:xx:37:47 wlan0

During the traffic generation, you will get something like this.

8. Stop the packet collection (by press ctrl+c) once reach 25k of it.

Under the data show 25k of packets.

 9. Check your desktop. You will see few files already there because we save it to desktop.

The few files created from airodump-ng.

 10. Lastly use aircrack-ng to crack the .cap file. Please take note that the number of 01 will automatically add on to the original pre-fix of file name. For this case, the file name will be free-01.cap Type :

aircrack-ng free-01.cap

The key for this wireless SSID is C5:EE:B4:0F:A4

11. Done.

Please take note again, this tutorial is strictly for educational purpose only. Use it on your own risk. Anything welcome to leave your comment here.

802.11ac in Malaysia for year of 2014

802.11ac

802.11ac is a new Wi-Fi standard announced in the year of 2013.It is a standard which can offer you so called Gigabits high speed Wi-Fi networks. For the very first time the Wi-Fi speed is more than the normal traditional wired Gigabits port.

As a result, all the latest mobile devices are manufactured without the wired port. It's not only apply to mobile tablet but laptop as well. The approach of ultrabook to eliminate the port was quite surprising for me. This trend is being bought up by Apple for sure. The very first mobile laptop without wired port - Apple Macbook Air. If you require a wired port, there is an optional USB convertor for you. Since when the essential legendary wired connector become an OPTIONAL item?

Thunder port to Gigabits port convertor

If you ask me whether the wired port will be extinct? Definitely not- for now. The high speed Wi-Fi is only serve best for the end clients. It isn't meant for mission critical operation. As you know, data travel across the free air is not safe at all and delivery process is unexpected. Besides, the air is a shared medium means you definitely won't have dedicated speed like wired. There are still plenty of issues when the data travel thru the air as a medium.

Back to the 802.11ac story, how will it progress in Malaysia for year of 2014. As expected the new technology is still very pricy. SOHO manufacturer started to offer it before enterprise did. All the Lowyat stores are already busy offering the 802.11ac access point. All the salesman blow this technology up like no other. The issue now is there are limited devices come with 802.11ac compatibility. End up you'll need to purchase the external USB adapter which is just started offer locally. But make sure you go for USB 3.0 version of adapter. Else you'll get stuck at 480Mbps speed due to USB 2.0 speed limitation.

A 802.11ac SOHO router

As per enterprise market, they are starting to offer the new product. But not all. There are still few vendor lacking of 802.11ac product. Personally, I think the enterprise just finished or completed the 802.11n mission. Which they are happy with it. Definitely the next budget allocation won't be these recent years. As mentioned, the end clients is still lacking of 802.11ac compatibility so they have no reasons for the upgrade. In enterprise field, when you upgrade something make sure you utilize it or else it will be a big waste. Perhaps only new deployment with plenty of budget will be adopting 802.11ac infrastructure rather than upgrade the existing infra. Like 802.11n few year back, they need around 3 to 4 year time to fully migrate from legacy 802.11b/g.

In term of technology itself, what is the reason behind making 802.11ac run faster than it previous ancestor 802.11n? There are only two main reason, more channel bonding and more spatial stream compare to 802.11n. Theoretically, 802.11n only can have maximum 40MHz channel bonding and 4 spatial multiple stream. So, 802.11n able to run up to 600Mbps per radio. However, no manufacturer offer 600Mbps per single radio 802.11n devices. I have no idea why, perhaps there is limitation on this. For 802.11ac all it did was just increasing the existing number of channel bonding and data stream to boost the speed over Gigabits. When you need to bond more channel means the legacy 2.4GHz spectrum have no enough non-overlapping channel to support this technology. Therefore, 802.11ac is not compatible with 2.4GHz and only running on 5GHz spectrum.

Channel bonding in 5GHz spectrum

However, there is a good enhancement on 802.11ac which allow simultaneous transmission to multiple clients. Means clients do not require to queue up for Tx and Rx. Maybe, no more airtime fairness issue keep mentioned on 802.11n technology?

Lastly, 802.11ac is worth upgrading for home use which allow HD movie streaming and big file transfer. However, for enterprise market you'll need to wait patiently until the technology become more common for most of the device because the upgrading will cost you a lot. Besides, 802.11n access point still work fast enough and reliable to serve your wireless clients.