First i want to say one thing: don’t use WEP encryption for your wireless router. It is too easy to crack. Try to use WPA/WPA2 encryption. It is not bulletproof, but it is harder to crack. How easy you can crack a WEP encryption? Harder is to find a compatible wireless adapter 
There are many ways to crack WEP. But now i will tell how to do it on Windows. For that you will need a packet sniffing program (we will use Commview for WiFi) and a program called AirCrack.
Download and install Commview for WiFi. Commview will install also some drivers, so you will have to accept the security warning. Go to Logging tab and set the Directory size to 50000 and the average log size to 100. After that push the Play button and choose from the next window Start Scanning. now we have to wait until the network we want to crack appears. Select the network and click on Capture. Wait until the packet reached 5000 or more, click Stop and then go to the folder where the log is saved. Open the log file and export it as Wireshark format.
To decrypt the log file we will use AirCrack, an all in one tool which contains the following tools:
- airmon-ng – use this tool to switch the wireless adapter into monitor mode
- airodump-ng – you will use this tool for WLAN discovery and packet capture
- aireplay-ng – for traffic generation
- aircrack-ng – for recovering the WEP key
Start Aircrack-ng GUI and select the log file from above. Also select the encryption(WEP) and Key size (64). Press launch and the WEP key will be revealed.
HOW DO I ?
Start Aircrack-ng GUI and select the log file from above. Also select the encryption(WEP) and Key size (64). Press launch and the WEP key will be revealed.
Hi Adrian.
This is about the last step: …”key will be revealed”. I set the size to 64, then 128. Each time a command prompt would open and go through a couple thousands of lines of data for a certain number of SSID’s, “handshakes” and “IV’s, and something that looked like a key but wasn’t one, apparently. The list ends with “do you want to index…?” Maybe I should do something at that point?
I found that when the command prompt comes up for indexing, I typed the corresponding number for the network in the list. If you only have one, it shouldn’t say that in the prompt. I can get it to work now, but I’m not patient enough yet to get all the packets I need. Hope this helps…
This application/article isn’t as easy as it’s made out to be. I’m certified in just about every IT area there is. I think in their labs or just plain luck this thing works. WEP is fine to use so you know.
Brian you obviously don’t have a CISSP cert… This is kids play… if you think WEP is fine to use you might wanna take all those ITT Tech certs again… every area there is haha ya right sorry I couldn’t let that one slide
He obviously doesn’t have the kind of certs he says he has. Ive never used commview for this, but just slapping the Back Track 3 disk (I think v 4 is out now) in the laptop and driving around using aircrack-ng, I’ve cracked quite a few WEP keys. Ive cracked 128 bit WEP keys in under 10 minutes. You need a good card that supports injection to use aireplay (I use cisco card with atheros chipset. Using WEP for encryption is using “password” for your passwords.
Kid you are not certified in anything IT related trust me, if you were you would never had said WEP is fine, and if you are certified, I am sad.
Another thing… for people that are really wanting to try this. The linux version of aircrack-ng is all you need. It supports less wifi chipsets than commview, although the linux version supports more than the windows version.
If you don/t have linux installed, backtrack is a very good tool (pentesting boot disk) and easy to use.
If you cant figure out how to use linux… you’re not going to get far hacking anyway.
I have read several sugestions for cracking WEP but this was the most easy to understand. I succeeded after capturing 25,000 IVs.
Thank you very much!
I must be doing something wrong. I tested 1,727,531 keys and captured over 76,000 IVs and I’m still not getting anything. Please help.
Start Aircrack-ng GUI and select the log file from above. Also select the encryption(WEP) and Key size (64). Press launch and type 1 the WEP key will be revealed.
ex. KEY FOUND! [AA:BB:CC:DD:EE]
error: ACCESS DENIED in windows 7 when i launch air crack ng…
need help…
I got over 2700 packets and 7000 LVs but it still says failed try (insert higher number here). first it said 5000, now it says 10000.
isnt my wifi router meant to do something?
ok I got the point where it says key found! [1A:2B:3C:4D:5E]
Decrypted correctly! (100%)
and now what? where exactly is the key? help! thanks.
1. run ubuntu 11.10 on vm ware
2. open terminal
sudo apt-get update
3. go to software center and download
python
python-qt4
macchanger
aircrack-ng
xterm
subversion
4. open terminal
wget http://fern-wifi-cracker.googlecode.com/files/Fern-Wifi-Cracker_1.2_all.deb
5. after download complete use in terminal
sudo sh
su
dpkg -i Fern-Wifi-Cracker_1.2_all.deb
6. run the application in terminal after
sudo sh
su
sudo python /usr/local/bin/Fern-Wifi-Cracker/execute.py
7. update to latest version
8. reboot ubuntu
9. run the application in terminal after
sudo sh
su
sudo python /usr/local/bin/Fern-Wifi-Cracker/execute.py