Method to Crack WEP with Windows XP, Windows Vista, or Linux?
There are many tools and approaches available on the web for WEP cracking, and one can get easily lost and confused when reading all the information provided on discussion forums (OmniPeek, WinAirCrack, airmon, aircrack, Kismet, mac driver, ipwraw driver, ilw3945, etc.). The first question that needs to be answered is which platform to use. Some have had success with Windows XP. We have not seen anyone having success WEP cracking with Windows Vista. It is advised to attempt WEP cracking with Linux (we used UBUNTU). This is for one major reason. Since Linux is open source, it is much easier to find or develop Wi-Fi drivers for your Intel PRO/Wireless 3945ABGnetwork adapter to get access the needed functionalities.
Are you new to Linux? Do not worry. Downloading UBUNTU image, burning it to DVD and installing it as a dual boot to your computer is very simple and takes no more than a few hours. Just follow prompts in the Ubuntu installation process. After installing Ubuntu, get all system updates in the system application manager.
We have had good luck with the ipwraw driver from aircrack. The lines of code below install the driver (together with other two packages) to your Ubuntu installation.
You should see something like ipwraw, and the iwl3945 and iwlwifi should not be on the list. This is what you do want to see in youriwconfig screen:
Important: Once your driver is set to Monitor mode, you will not be able to browse the web in your internet browser until the adapter is set back to the Managed mode.
The next step is to pick the program that does the job of WEP crack.
Are you new to Linux? Do not worry. Downloading UBUNTU image, burning it to DVD and installing it as a dual boot to your computer is very simple and takes no more than a few hours. Just follow prompts in the Ubuntu installation process. After installing Ubuntu, get all system updates in the system application manager.
Which Intel PRO/Wireless 3945ABG interface driver to use to crack WEP?
Once you have your operating system ready, you have to upgrade and/or patch your wireless card driver, and this is where the biggest problems start. Your wireless card driver needs to support two important functionalities:Packet injection is a computer networking term which refers to sending a packet on a network into an already established connection.
Monitor mode, or RFMON mode, allows a computer with a wireless network interface card (NIC) to monitor all traffic received from the wireless network. Monitor mode allows packets to be captured without having to associate with an access point or ad-hoc network first.
When searching web, you can find information about endless number of drivers for the Intel PRO/Wireless 3945ABG adapter, such as mac80211, IEEE80211, ipwraw, iwl3945, ipw3945, iwlwifi, madwifi, serialmonkey driver, driver from tinyshell.be, wildpacket driver, and many others. Installing and/or patching them may not be very easy.We have had good luck with the ipwraw driver from aircrack. The lines of code below install the driver (together with other two packages) to your Ubuntu installation.
sudo apt-get install build-essential (get core files)
sudo apt-get install libssl-dev (get supporting library)
wget http://dl.aircrack-ng.org/drivers/ipwraw-ng-2.3.4-04022008.tar.bz2 (downloads driver)
tar -xjf ipwraw-ng* (extract the archive file)
cd ipwraw-ng (go to the extracted folder)
make (compile the source files into a binary)
sudo make install (install the driver)
sudo make install_ucode
echo "blacklist ipwraw" | sudo tee /etc/modprobe.d/ipwraw (blacklist the default ipwraw)
sudo depmod -ae (create a dependency file for the modules)
sudo modprobe -r iwl3945 (unload driver that you do not need)
sudo modprobe ipwraw (load the driver that you installed)
sudo ifconfig wlan0 up (enable the network adapter)
airmon-ng start wlan0 (put your interface into monitor mode)
sudo apt-get install libssl-dev (get supporting library)
wget http://dl.aircrack-ng.org/drivers/ipwraw-ng-2.3.4-04022008.tar.bz2 (downloads driver)
tar -xjf ipwraw-ng* (extract the archive file)
cd ipwraw-ng (go to the extracted folder)
make (compile the source files into a binary)
sudo make install (install the driver)
sudo make install_ucode
echo "blacklist ipwraw" | sudo tee /etc/modprobe.d/ipwraw (blacklist the default ipwraw)
sudo depmod -ae (create a dependency file for the modules)
sudo modprobe -r iwl3945 (unload driver that you do not need)
sudo modprobe ipwraw (load the driver that you installed)
sudo ifconfig wlan0 up (enable the network adapter)
airmon-ng start wlan0 (put your interface into monitor mode)
Now you should have an upgraded driver available. If you get the following error message when setting your network interface into monitor mode
wlan0 iwl3945 - [phy0]/usr/sbin/airmon-ng: line 316: /sys/class/ieee80211/phy0/add_iface: No such file or directory
mon0: ERROR while getting interface flags: No such device
then it means you are not using ipwraw. Check your loaded modules with the lsmod command. If you see something like iwl3945 or mac802 on the list, then you are not using the patched driver.mon0: ERROR while getting interface flags: No such device
The next step is to pick the program that does the job of WEP crack.
Which program to use to crack WEP?
Assuming we have our operating system ready and our driver updated to allow packet capturing and packet injection, we have to choose the right application that does the math when finally cracking WEP. We have chosen the aircrack-ng suite. Although Ubuntu comes with the aircrack preinstalled, it is advised to get the latest version:sudo apt-get install aircrack
This command executed in the terminal window will get aircrack and install it.
