WEP WiFi Hacking

WEP WiFi Password crack by Kshitij Kishore, Shubham Maheshwari, Aniket Kadiyan

We will be using the default hacking tool in Kali Linux(or BackTrack) Aircrack-ng.

Tools for WiFi hacking

Some of the other tools are:
1. Kismet
2. NetStumbler
3. WireShark
4. AirSnort
5. CoWPAtty

About Aircrack-ng

Aircrack-ng is a network software suite which consists of a detector and WEP, WPA and WPA2 cracker analysis tool for 802.11 wireless LAN. It supports both Windows and Linux. It works with any wireless network interface controller whose driver supports raw monitoring mode and can sniff 802.11a, 802.11b and 802.11g traffic. Aircrack-ng is a preinstalled tool in Kali Linux(BackTrack).

airmon-ng Placing different cards in monitor mode
airodump-ng Packet sniffer
aireplay-ng Packet injector
aircrack-ng Cracks WEP and WPA using dictionary attacks

Getting Started

Before starting, if you are an Ubuntu user make sure that after opening terminal you must have access to root files.

You can do that by typing the sudo -i command.


Usually you'll find 3 types of WiFi security types, WPA, WPA2, WEP. WEP provides less security while WPA and WPA2 have better security.

Steps for hacking

Run Kali Linux on VMWare.


Go to VM-> Removable Devices-> Netgear WLAN Adapter. Click on connect. This will run wireless network in your virtual machine.


Now open terminal from the top left corner. Make sure you are connected to the internet from some other mode either by ethernet or USB modem.


Now open terminal and type the following command.


This message shown means wireless card is available. Now type the following command and start monitoring your wireless card.

airmon-ng start wlan0

Now typing the following command will listen to the nearby networks and give details about them.

airodump-ng mon0

You see in the following image that the terminal shows all nearby wireless networks by their name, physical address and their encryption. Of course we will be focusing on the WEP WiFi.


Now stop the wireless network monitoring by pressing Ctrl+C and note the details of the network you want to hack.
In the same terminal, type the following command

airodump-ng -c <channel number> -w <filename> --bssid <mac address> interface

-w is to write information into file we are going to create, -c is the channel number.
Channel number is the channel number of the network we are hacking. Filename is the name we want to give to our file and mac address is the mac address of the network.

Note that filename is automatically created with 01, 02 … at the end the number of times we type the same command.


After typing the command, wait for some time to capture iv data packets. Time depends on traffic on network, distance from the access point and the number of packets we've already captured.

To generate packets at a faster rate type the following command.

aireplay-ng --arpreplay -b <mac address> interface(mon0)

Its finally done! After you download the required packets, open a new Terminal and type the following command to crack the password.

aircrack-ng <filename>

Note: The file is in .cap format and is located at the root folder shown below. Also the -01 is automatically added at the end of the filename. So type the name carefully.


After typing the above command, WiFi password will be cracked. The password has a colon after every 2 characters. So use the password without the colon and connect to the network and its done!

Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License