How to encrypt and crack wireless WEP without a client in Ubuntu

In order to expand your ideas and inspire others, we will not use BackTrack2 here, but use another popular operating system Ubuntu as a client-less wireless WEP encryption and cracking platform.
1. Open a Shell in the graphic interface, for example,

In Ubuntu, how does one encrypt and crack wireless WEP without a client?

 

2. Enter ifconfig-a to view the current Nic
Here, I will use a USB Nic as an example. We can see that there is a NIC named rausb0. The status is not loaded. Do not load it here. First, change the MAC address to any MAC address that needs to be forged,
3. Input macchanger-m 00: 11: 22: 33: 44: 55 rausb0
-M is followed by the MAC to be forged, and then the name of the NIC to be modified. Here we change the MAC of the USB Nic to 00: 11: 22: 33: 44: 55.
Then load the NIC and enter:
Ifconfig-a rausb0 up to load the usb nic Driver
4. We can use tools such as Kismet and Airosnort to scan the AP of the current wireless network,
Then, we need to activate the NIC to the monitor mode for subsequent cracking. The command is as follows:
Airmon-ng start rausb0 3. Here, this 3 is the channel of the AP we found, and then enter the following command to start packet capture.
Airodump-ng-w test. cap -- channel 3 rausb0. Here test. cap is the packet capture file name I set.
5. You can initiate a FakeAuth attack. This attack is specially used when the AP of the Wireless Access Point has no Client activity or even no Client. The specific command is as follows:
Aireplay-ng-1 1-e AP's ESSID-a AP's MAC-h FakeMAC rausb0
Here-1 refers to the use of FakeAuth attack mode, followed by latency;-e followed by ap essid,-a followed by ap mac, -h is followed by a previously forged MAC, followed by a wireless Nic.
6. At the same time, for IVs (initialization vector) Acquisition, ArpRequest injection attacks must be carried out. This is very important and can effectively increase the number of captured packets and the cracking speed. The command is as follows:
Aireplay-ng-3-B AP's MAC-h Client's MAC-x 1024 rausb0
-3 refers to the ArpRequest injection attack.-B follows the MAC address of the AP to be intruded, and-h is followed by the MAC address of the monitored client, here we use the forged client MAC, as shown in, as-x 1024 refers to the number of packets sent per second. This value can be smaller, but the maximum value is 1024, here I use the default, and finally specify the USB wireless network card. Next, you can enable aircrack-ng synchronously to crack the problem. The command is as follows:
Aircrack-ng-x-f 2 test-01.cap here-x is brute force cracking mode,-f refers to enable password complexity of 2, followed by the packet capture file we saved instantly.
Summary:
We hope that the method of wireless WEP encryption cracking without clients in Ubuntu will be helpful to readers. more knowledge about linux systems remains to be explored and learned by readers.