digg

Facebook Connect Join Digg About
See the original image at lifehacker.com

How to Crack a Wi-Fi Network's WEP Password with BackTrack

lifehacker.com You already know that if you want to lock down your Wi-Fi network, you should opt for WPA encryption because WEP is easy to crack. But did you know how easy? Take a look.

Who dugg this? Made popular Jul 2, 2009

Digg DudeWhat is Digg?

Digg is a place for people to discover and share content from anywhere on the web. Digg surfaces the best stuff as submitted and voted on by the community. Take the Tour to learn more.

301 Comments

show profanity settings
expand all
  • Rogor, on 07/02/2009, -17/+182Am I the only one here who didnt think that looked "easy" at all?, id have to say if my home wifi was being drained it wouldnt take long to figure out which pasty nerd in the vicinity was doing this purely on the apparent difficulty. I was expecting an exe that had a big button saying (crack neighbours wifi)
  • Nintendesert, on 07/02/2009, -2/+155You really think people can't get your SSID and get through some MAC filtering if they're getting through WPA2?
  • elpresidente408, on 07/02/2009, -6/+149Or you can be like half the people in my town who don't even put a password on their network. Our local cable company Cablevision doesn't put passwords on their new installations as every one of their networks I've seen are left open. As much as I hate Verizon, I have to hand it to them that the tech had me create a WPA password on the spot before he finished our new installation.
  • JonTheGoose, on 07/02/2009, -0/+129Everyone knows cracking software never looks like that.

    All you do is type in "INPUT COMMAND: CRACK NETWORK" and then a window pops up with a bunch of rapidly blinking numbers and letters which slowly fills in each value of the password one by one. After the last value is filled in it blinks red then says "ACCESS GRANTED"

    Also there should be some dramatic music playing too.
  • arbulus, on 07/02/2009, -21/+120If you are still using WEP you deserve to be cracked.

    WEP can be cracked in seconds.

    WPA was an INTERIM standard so that people could stop using WEP until WPA2 was ratified because WEP is no different than having no security. WPA was never meant to be used long term.

    WPA2 + AES is the ONLY way to go, unless you have a RADIUS server and 802.1x setup. Which most don't. Nothing less than WPA2 + AES is acceptable.

    The optimum setup is WPA2 +AES, hide your SSID and setup MAC address access controls. So even if someone COULD crack your wifi, they wouldn't even be able to use it.
  • kilric, on 07/02/2009, -29/+126***** the RIAA!!
  • drizzlelicious, on 07/02/2009, -1/+91Honestly, I highly doubt my neighbors are tech savy enough to crack my password, WEP or not.
  • gotamd, on 07/02/2009, -2/+92Yeah, MAC spoofing is easy and finding "hidden" SSIDs is even easier.
  • aqrilik, on 07/02/2009, -3/+65Protip: Backtrack can do many more useful things than crack wep.
  • morphinapg, on 07/02/2009, -2/+64I honestly don't care if anyone gets on my network, as long as they don't use up all my bandwidth when I need it, I'm happy to provide free internet to anyone who needs it.
  • relaxeder, on 07/02/2009, -0/+59WOAH I HACKED INTO THE NEIGHBORS MAIN FRAME YOU GUISE
  • mysql101, on 07/02/2009, -2/+55How did you learn about it? Did you discover it yourself? Or did you read a webpage that detailed how to do it / premade software download that does it? If it's not the former, then you have no right to talk smack about linux newbies.
  • elchispito, on 07/02/2009, -1/+53If you leave your window ajar, I'll be sure to help myself to your stereo.

    Show some compassion.
  • elchispito, on 07/02/2009, -1/+53Arbulus, Kismet, among many other utilities, tells you exactly which MAC addys are associated with what networks. It's not in any way hidden, regardless of the encryption you're using.

    The only networks that would be completely impervious are those with no associated clients, but that's not an interesting network anyway, from an intruder's standpoint.

    I've done a wardrive or two, and the hidden SSIDs are the ones I look at first. If I were a particularly mischievous person, it would be as simple as one aireplay-ng command to launch a quick, almost unnoticed de-authentication attack, and get that sweet, sweet handshake (which decloaks the network). But I don't actually do that kind of thing because it's illegal, and requires you to stop. I think hiding the SSID makes your network even more tempting.
  • uptwolait, on 07/02/2009, -2/+54I started to bookmark this in case I needed it when I was somewhere needing to get access, then I thought about that for a second...
  • skelooth, on 07/02/2009, -0/+48This. As long as they aren't using it for malicious purposes, why the hell not?
  • solarwind24, on 07/02/2009, -2/+39Everything is crackable. It's just the amount of processing power required.
  • TheKillDoctor, on 07/02/2009, -0/+33name your SSID "Virus Infected" just to hear your neighbors talk about how they think they're infected.
  • Darph.Bobo, on 07/02/2009, -0/+28Don't worry I'll call a waaaambulance for you!
  • generaleet, on 07/02/2009, -1/+27Cablevision doesn't put passwords on their new installations because they don't provide wireless routers. It's the customer's responsibility to purchase a router and secure their network.
  • TheAssuager, on 07/02/2009, -1/+26you sound smart. I like you.
  • theaverageidiot, on 07/02/2009, -1/+25Guides like this have been a google search away for years, and identical guides have been here many times.
    Why is this news?
  • yacks, on 07/02/2009, -0/+22"as long as they don't use up all my bandwidth..."

    Good luck with that philiosophy if you live in range of a lot of people with laptops..
  • mrsteveman1, on 07/02/2009, -1/+23I agree, everyone who is here now, saw it 3 years ago. Clearly.
  • MarkOfTheDead, on 07/02/2009, -0/+22I love unsecured networks near my girlfriends house when I'm in the bathroom with my DS. Hell yeah Mario Kart.
  • yocouchdigga, on 07/02/2009, -0/+20how about you quit being such a ***** tool?
  • pagno, on 07/02/2009, -0/+19Youre a massive tool.
  • wukillabee, on 07/02/2009, -7/+26backtrack.. pedobears best friend
  • MorpheousMarty, on 07/02/2009, -0/+18As of me posting this comment, WPA is secure. MAC spoofing is trivial compared to cracking WPA, and the "crack" that currently exists wouldn't permit you to decrypt private data or get on the network. If you are not using TKIP, or your Key Renewal Interval is less than 10 minutes, that crack also won't work. So I would say that WPA is the way to go, WPA2 + AES is better (but WPA is not, as I type this, weak or broken). Hiding your SSID and filtering MAC addresses really shouldn't stop anyone who can get by your WPA encryption, but are obstacles and would be reasonable for someone who wanted to make it as hard as possible to get on your wifi.
  • MagicBobert, on 07/02/2009, -2/+20The fact that you even mentioned SSID hiding and MAC restriction show that you haven't a clue what you're talking about. MAC restriction and SSID are absolutely useless, and do NOTHING to protect you. Security through obscurity is no security at all.
  • TheBlueVulcan, on 07/02/2009, -3/+20Agreed, I lost interest after a couple paragraphs. Way too much work for little reward.
  • divinesrrow, on 07/02/2009, -0/+17lol I know, what newbies! what we should do is remove all content on the internet that you learned two years back. that'll teach em.
  • iletumi, on 07/02/2009, -0/+17Someone else "2 years ago" will be today and two years from now they will say the same thing you just did when something like this gets posted.
  • shaughn13, on 07/02/2009, -1/+17yes, there are.
  • svensksvamp, on 07/02/2009, -0/+16ENHANCE
  • mrsteveman1, on 07/02/2009, -0/+14Not everyone is a blackhat. It is useful to have something to point clients to when they insist they have no security problems on their network.
  • jm5chn, on 07/02/2009, -1/+15No. Please proceed. /s
  • cyrix, on 07/02/2009, -2/+15I started using alt numpad symbols along with the usual letters and numbers for my passwords when I noticed one of my Tech Support Mentors doing it when I was a lowly level 1 tech during my freshman year. I honestly had never even thought of it up until that point.

    It sure as hell isn't fullproof, but it's at least a little more secure.
  • Cjaiceman, on 07/02/2009, -1/+14Even better would be WPA2-AES + long password w/ numbers and letters, hidden unique SSID and MAC address filtering.
  • Relikh, on 07/02/2009, -1/+14savvy
  • S1ngular1ty1, on 07/02/2009, -0/+13WEP hasn't been hard to break for years.
  • opusaz, on 07/02/2009, -0/+12LOL...reminds me of this guy. http://ex-parrot.com/~pete/upside-down-ternet.html

    Assorted pranks on folks getting on his wifi. Funny stuff.
  • RATNIK, on 07/02/2009, -0/+12shhh
  • g00bd0g, on 07/02/2009, -9/+21All that and she never even "actually" cracked the WEP. Can hardly call it a proof-of-concept if you fail to prove your point.
  • elchispito, on 07/02/2009, -0/+11Don't bother hiding the SSID or filtering by MAC address.

    SSIDs are not only easy to de-cloak, it's the lowest hanging fruit from the intruder's point of view. Kismet will automatically de-cloak a network if it sees someone authenticate. If not, it's really easy for the intruder to de-authenticate a legitimate client and de-cloak it manually.

    MACs can be spoofed very easily. All an intruder has to do is see what MAC addresses are associated with the network and spoof one of those.

    I do agree that WPA/WPA2 are the way to go. Make your SSID a non-default name, and set the pass phrase to something long and somewhat random. This can be brute-forced, but the amount of computing required to do so grows exponentially with pass phrase length.
  • thehacker123, on 07/02/2009, -1/+12Has no one heard of spoonwep?

    It is in backtrack, and provides a GUI for all of the things mentioned on lifehacker... it literally takes 2 minutes.
  • enrq, on 07/02/2009, -0/+11if a piano lands on your head, a hard hat isn't going to protect you much.
  • chokeaduck, on 07/02/2009, -2/+12Yes, because your question was already answered.
  • punzada, on 07/02/2009, -0/+10the optimum wifi you see are hotspots set up by cablevision for free use for currently subscribed optimum online customers.

    If you connect to it before you start browsing you get http redirected and need to log in with your information to continue to use them.

    And no, the modem does not double as a router, it offers dhcp but it's a standard surfboard modem with a single ethernet output.
  • thaidavid, on 07/02/2009, -1/+11I would go to WPA if my Nintendo DS supported it. :/
  • Fetching more discussions...
    Show 51 - 100 of 308 discussions

  • Add a Comment

    Login or register to comment!
    Or, sign-in super fast with your Facebook account ...


© Digg Inc. 2009 — Content created and posted by Digg users is dedicated to the public domain | Terms of Use Updated | Privacy Policy
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.