More and more people are using wireless networks. Thus, every hacker needs to know
how to attack this kind of target. In this section, you’ll use Kali Linux to hack a WEPencrypted
Important Note: You’re still practicing so don’t use it on other people’s network. It would
be best if you’ll create your own wireless network. There are a lot of videos on YouTube
regarding that task. Watching videos and installing a network is better than getting arrested
for attacking your neighbor’s WiFi. Never forget: unauthorized hacking is illegal.
To hack a WEP-encrypted password, you should do the following:
1. Determine the ID of your computer’s wireless adapter.
Each computer contains multiple network adapters. Your first task is to look for the
wireless adapter and view its name. This step is quick and painless: you just have to open
a terminal, type “ifconfig”, and hit the Enter key.
Most computers will give you three adapters: eth, lo, and wlan. For this task, you should
focus on the “wlan” adapter. The image above shows that the name of the wireless adapter
2. Run the Airmon-ng program.
“Airmon-ng” is a part of the “Aircrack-ng” suite. It allows you to generate a monitoring
interface for the attack. To activate this program, just type “airmon-ng start wlan_ID”.
Replace “wlan_ID” with the name of your adapter (e.g. airmon-ng start wlan1”).
3. Capture data packets from your target network.
Now, you should collect some data packets available in your area. You need to use a tool
called “airodump-ng” for this. Basically, “airodump-ng” (which is another member of the
aircrack-ng suite) looks for data packets and shows you all of the existing WiFi networks
The command that you should type is:
4. Save the data packets as a “cap” file.
You can accomplish this task by issuing the “—write” command to airodump-ng. The
code that you should use is:
airodump-ng wlan0mon —write FileName
Just replace “FileName” with the filename that you want to use. Let’s assume that you
want to use “practice” as the file. The code becomes:
airodump-ng wlan0mon —write sample
The information will be saved in a file named “sample.cap”.
5. Run a password cracker.
Launch another terminal and run “aircrack-ng” to identify the password of the network.
Just type the name of the program and specify the cap file you created earlier. For this
example, the command is:
It’s possible that your file contains more than one WiFi network. If that is the case,
aircrack-ng will ask you to specify the one you want to attack. Follow the instructions on
the screen and wait for the program to complete the process. The resulting code will have
colons (“:”) in it. You can get the password of the network by removing the colons. For
example, if you got EX:AM:PL:ES, the password of the network is EXAMPLES.
How to Hack WiFi Networks that Use WPA/WPA-2
WEP-encrypted passwords are easy to hack. WPA/WPA-2 passwords, however, are timeconsuming
and resource-intensive. This is the reason why most WiFi networks use
WPA/WPA-2 encryption. Cracking this form of encryption is difficult, but certainly
doable. Here are the steps you need to take:
1. Launch a terminal and launch airmon-ng.
airmon-ng start wlan_ID
Replace “wlan_ID” with the name of your adapter.
2. Capture data packets using the airodump-ng program.
You can complete this task by typing
3. Save the packets inside a cap file.
4. The command that must type is:
airodump-ng wlan0mon —write NameofFile
5. Take note of the BSSID of your target and initiate the program called “aireplayng”.
You’ll find the BSSID of a network in the airodump-ng screen. After getting that
aireplay-ng —deauth 0 –a BSSID wlan0mon
Replace “BSSID” with the BSSID of your target.
6. Use the following syntax:
aircrack-ng NameofFile.cap –w dictionary.txt
7. Replace “NameofFile.cap” with the cap file you generated. Then, replace
“dictionary.txt” with the dictionary file that you want to use for the process. A
dictionary file is a text file that contains possible passwords. Kali Linux has several
dictionary files that you can use.
8. Wait for the program to complete the process. If your chosen dictionary file
contains the encrypted password, aircrack-ng will give you a positive result. If the
password is not in the text file, however, the program will ask you to specify