How to crack the wireless router and WEP Password

Source: Internet
Author: User

In recent years, wireless technology has developed rapidly. More and more users use wireless devices to establish wireless networks in their homes. By setting up wireless networks, they can use laptops and wireless network cards to access the internet in every corner of their homes. Many articles have introduced how to set up WEP encryption in wireless security to prevent other computers and illegal users from connecting to our wireless network.

But is that true? Is the so-called WEP Security encryption really foolproof? After a long period of research, I found that WEP was not safe. We can use several tools and some other techniques to crack it, so that we can intrude into a WEP-encrypted wireless network without any knowledge. Below I will share two articles to show you the full introduction to WEP encryption cracking.

I. Difficulties in Cracking:

Before introducing the cracking operation, we should first understand the methods generally used to improve the security of our wireless network.

(1) modify the SSID Number:

Go to the wireless device management page and modify the default provider's SSID number, so that other users cannot connect to the wireless network by guessing the default provider's SSID number.

(2) cancel the SSID broadcast function:

By default, when wireless devices enable the wireless function, they send their SSID numbers to the space in the form of broadcasts. In this case, you can scan any wireless network card to find this SSID number. This is a bit like we used to broadcast with a big horn. Anyone who can hear the sound knows what you said. Similarly, we can disable the SSID number Broadcast Function on the wireless device to avoid broadcasting.

(3) Add the WEP encryption function:

WEP encryption is the most basic encryption measure on wireless devices. Many users use it to improve the security of wireless devices. We can enable WEP encryption for wireless devices, and then select the number of encrypted digits, that is, the encryption length. The minimum value is 64 bits. We can enter a 10-bit ciphertext, for example, 1111111111. After WEP encryption is enabled for the input ciphertext, only the wireless network card that knows the ciphertext can connect to the wireless device with WEP encryption enabled.

Ii. SSID broadcast basics:

So how should we crack the above-mentioned security encryption measures? First, let's take a look at how the SSID is cracked.

TIPS:

What is the SSID number? The Service Set Identifier can also be written as an ESSID to distinguish different networks. It can contain up to 32 characters. A wireless network card can access different networks with different SSID settings, the SSID is usually broadcast by an AP or a wireless router. The scanning function provided by XP allows you to view the SSID in the current region. For security reasons, you do not need to broadcast the SSID. In this case, you must manually set the SSID to enter the corresponding network. In short, the SSID is the name of a LAN. Only computers with the same name and SSID can communicate with each other.

The SSID number is actually similar to a wired broadcast or multicast, and it is also sent from one point to multiple points or the entire network. Generally, after receiving the SSID number sent from a vrossid, the wireless network adapter must first compare whether the SSID number is configured to be connected. If yes, the connection is performed. If not, the SSID broadcast packet is discarded.

Readers who have experience in cable network maintenance must have heard of sniffer. With sniffer, we can monitor our network card, so that the network card will record all the packets it receives and feed them back to sniffer. Many of these packets are the data that the Network Adapter should receive, and many are the data packets that should be discarded, whether or not the Network Adapter should receive the data, once a sniffer is bound to the sniffer, the data will be recorded and stored in the sniffer program. Therefore, wireless networks can also be bound to a wireless network card by installing wireless sniffer to detect and discover the SSID.

TIPS:

For wireless networks that have already set the SSID number broadcast, we can easily obtain the name of the SSID, even if the default name is modified. Generally, this problem can be solved through the Management Configuration tool of your network card or the wireless network management program that comes with the XP system.

If we disable the SSID number broadcast in the wireless device, in this case, can we install the sniffer software on our computer to detect this SSID broadcast packet as mentioned above? The answer is yes. Next, let's create an experiment.

Lab environment:

Wireless Router -- TP-LINK TL-WR541G 54M Wireless Router

Wireless Network Adapter-TP-LINK TL-WN510G 54M wireless network adapter

Notebook -- compaq evo N800C

ADSL connected to Beijing Netcom ISP

Step 1: access the TP-LINK 541G 54M wireless router management interface through a wired network and disable the SSID Broadcast Function of the wireless router.

Step 2: to ensure the accuracy of the experiment, I specifically changed the SSID number to IT168, and changed the frequency band from 5 to 12, and the speed is still 54 M.

Step 3: click the "save" button at the bottom to see "changing the wireless network settings will cause the wireless router to restart. Are you sure you want to start it ?", Click "OK" to make the set Wireless Parameters take effect.

Step 4: Disable the wired Nic and connect the wireless Nic to the PCMCIA Interface of the notebook.

Step 5: plug in the wireless network card through the TP-LINK management tools to scan the entire wireless network. In this case, we can see a wireless signal, which uses 12 channels and 54 M in wireless mode. However, the SSID number cannot be found, because we disable the Broadcast SSID number.

3. reinstall the wireless NIC Driver:

The sniffer tool used by the author is WinAircrackPack, but it is not compatible with most of our wireless Nic drivers by default. If we want to use the sniffer tool for wireless Nic smoothly, first, install the compatible wireless NIC Driver.

Contains four programs, each of which has its own use. In this document, we will introduce the ssiddetection tool "airodump.exe. The current version is 2.3. This toolkit is provided with the attachment.

WinAircrackPack -- Download

(1) check whether it can be used directly:

Some readers may ask if they can directly use the sniffer tool without re-installing the wireless NIC Driver? This requires us to check.

Step 1: Decompress the downloaded tool package and run the first airodump.exe.

Step 2: select the corresponding Nic and enter the serial number before the wireless Nic. For example, the ID is 13.

Step 3: Enter o or a to select the NIC mode. This is related to the download and driver installation described later.

Step 4: select the search frequency band. input 0 indicates that all frequency bands are detected.

Step 5: You will be prompted to enter a save file, so that the tool will put all sniffer data packets into this file.

Step 6: only write wep ivs checks whether only WEP encrypted data packets are detected. Select "Y.

Step 7: A prompt will appear, which means that the driver is not currently supported and the sniffer operation cannot be performed. Pipeline can run smoothly.

(2) download the new wireless NIC Driver:

To download the appropriate new wireless NIC Driver, you need to go to the jump page mentioned above.

Step 1: The address of the opened page is.

(3) install a new driver for the wireless network adapter:

The three files in the downloaded wildpackets atheros wireless driver v4.2 package are the main character of driver installation.

Step 1: Right-click the desktop network neighbor icon and select Properties.

Step 2: Right-click the local connection corresponding to your wireless network card and select Properties.

Complete the hardware Update Wizard, our TP-LINK wireless network card has now become the atheros ar5005 G wireless network card, so that you can use the airodump wireless network sniffer tool.

 

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.