Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

Wireless How To

Helpful hints

We broke a 64 bit WEP key in less than five minutes, which is the combined time for scanning with airodump and cracking with aircrack and stimulating traffic with aireplay running a simultaneous replay attack. There is a lot of luck involved and sometimes you may break the WEP encryption after gathering just 25,000 IVs, but most times it takes more than 100,000.

You would expect a 128 bit key to take eons longer, but this is not the case. A 128 bit key can be broken with around 150,000 to 700,000 IVs. bit capturing more IVs will definitely speed up the cracking process. When we reconfigured our target AP with a 128 bit key, we were able to recover the WEP key with 200,000 IVs, but it took the laptop we used more than an hour. Having more captured IV's would have sped up the process dramatically.

It's important to note that you must input the length of the WEP key that you are trying to recover into aircrack and that none of these tools provide that information. While you know this information in your practice target WLAN, you wouldn't know it in a zero knowledge exploit. So you may need to try both 64 and 128 WEP key lengths in aircrack in order to be successful.

128 bit WEP key found

Figure 17: 128 bit WEP key found
(click image to enlarge)

Using a notebook with a fast processor and lots of memory for "Auditor-B" can help speed things along. You can also offload the capture files to other computers to speed up the cracking, while continuing to capture packets. We tested out this technique at the 2005 Interop Convention in Las Vegas. While one laptop was running airodump, we copied the capture files over to a very speedy server for cracking. The server (running aircrack) doesn't need wireless access since it just crunches away on the captured files.

It goes without saying that you should use the fastest computer you can find to run aircrack. The new dual core processors from AMD and Intel may provide a speedup in WEP cracking since aircrack can spawn multiple processes with the -p option.

You may find it convenient to save your capture files to a USB flash drive to "sneakernet" them to other computers. Simply open the shell and type the following:

Saving capture files to USB flash drive
mkdir /mnt/usb
mount -t vfat /dev/uba1 /mnt/usb
copy /ramdisk/cap*.cap /mnt/usb
umount /mnt/usb

Note that you must perform a umount to actually write the files to the flash drive.

More Wireless

Wi-Fi System Tools
Check out our Wi-Fi System Charts, Ranker and Finder!

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

Continuation of. . .
Hi All,Long time lurker but first time poster here. I just upgraded my triband Velops to a combo of 2 XT8's and 3 XD4s. I live in a large apartment wi...
In Singapore, there is a red AX86U for sale - listed as the ZAKU II gaming edition - which is supposed to be PS5 compatible.What makes it PS5 compatib...
I wanted to post this in case anyone else has questions about Pfsense vs. Opnsense, or why to use one over the other, as I have personally used both, ...
Greetings everyone,Long time lurker, super appreciative of what this community has done for this lurker in the past - Proud user of Merlin in the past...

Don't Miss These

  • 1
  • 2
  • 3