--- tags: security-tutorials --- # Cracking WEP Wi-Fi Encryption :::info **In this short demo you will:** - How to crack a WEP key **Requirements:** - Mininet-WiFi - https://github.com/intrig-unicamp/mininet-wifi - airodump-ng ::: First of all you need to identify the network topology that will be generated by the code below: ```python= #!/usr/bin/python '''@author: Ramon Fontes @email: ramon.fontes@imd.ufrn.br''' from mininet.log import setLogLevel, info from mn_wifi.cli import CLI from mn_wifi.net import Mininet_wifi def topology(): "Create a network." net = Mininet_wifi() info("*** Creating nodes\n") sta1 = net.addStation('sta1', passwd='1234567891a', encrypt='wep') sta2 = net.addStation('sta2', passwd='123456789a', encrypt='wep') sta3 = net.addStation('sta3', passwd='123456789a', encrypt='wep') ap1 = net.addAccessPoint('ap1', ssid="simplewifi", mode="g", channel="1", passwd='123456789a', encrypt='wep', failMode="standalone", datapath='user') info("*** Configuring wifi nodes\n") net.configureWifiNodes() info("*** Associating Stations\n") net.addLink(sta1, ap1) net.addLink(sta2, ap1) net.addLink(sta3, ap1) info("*** Starting network\n") net.build() ap1.start([]) info("*** Running CLI\n") CLI(net) info("*** Stopping network\n") net.stop() if __name__ == '__main__': setLogLevel('info') topology() ``` So considering that the filename is wep<span>.py run it as below: ``` ~$ sudo python wep.py ``` and then you have to create a monitor interface called mon0 for `sta1`. ``` mininet-wifi> sta1 iw dev sta1-wlan0 interface add mon0 type monitor mininet-wifi> sta1 ifconfig mon0 up ``` Now you open a xterm for `sta1` ``` mininet-wifi> xterm sta1 ``` Then we will start using the dump command to grab packets from other wireless devices, and the software will be able to make calculations and comparisons among the data to break the insecure WEP protocol. Enter the following command from `sta1`'s terminal: ``` # airodump-ng mon0 ``` Now it is time to tell your wireless interface to start storing captured wireless data based on the network of your choosing. Remember to plug in three key pieces of information from the previous output into the following command: ``` # airodump-ng –w simplewifi –c 1 –-bssid 02:00:00:00:03:00 mon0 ``` Last but not least, you are going to need to do the most important step of the process by actually using the captured data from the WEP device. Issue the following command: ``` # aircrack-ng simplewifi-01.cap ``` If all goes according to plan, you should be able to break the WEP system. However, if the command fails, you will want to wait until your wireless card captures more data. Give it time to capture 15,000 packets and then try again.