WepAttack is a WLAN open source Linux WEP key hacking tool for breaking 802.11 WEP keys using a wordlist based dictionary attack.
This tool is based on an active dictionary attack that tests millions of words to find the right key. Only one packet is required to start an attack.
What is a WEP Key?
Wired Equivalent Privacy (WEP) is a security algorithm for IEEE 802.11 wireless networks. Introduced as part of the original 802.11 standard ratified in 1997, its intention was to provide data confidentiality comparable to that of a traditional wired network.[1] WEP, recognizable by its key of 10 or 26 hexadecimal digits (40 or 104 bits), was at one time widely in use and was often the first security choice presented to users by router configuration tools.
It’s kinda old now, but you still find it used in situations where the equipment isn’t updated very often (old control systems, CCTV, old point of sale systems etc).
Using WepAttack WEP Key Hacking Tool
WepAttack needs a dumpfile for attacking networks. If the network data is captured by Kismet a dumpfile is generated automatically. This file is in format “Kismet-Tue, 03 Jan 2023 16:25:36 +0000-[no].dump“ and can be passed to WepAttack.
Usage:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 |
wepattack -f dumpfile [-m mode] [-w wordlist] [-n network] -f dumpfile network dumpfile to read from -m mode run WepAttack in different modes. If this option is empty, all modes are executed sequentially (default) 64 WEP 64, ASCII mapping 128 WEP128, ASCII mapping n64 WEP64, KEYGEN function n128 WEP128, KEYGEN function -w wordlist wordlist to use, without any wordlist stdin is used -n network network number, can be passed to attack only one network. Default is attacking all available networks (recommended) |
Example on how to use WEP Hacking Tool
Example:
1 |
wepattack –f Kismet-Oct-21-2002-3.dump –w wordlist.txt |
You can download WepAttack here:
Or read more here.
Bogwitch says
The link actually points to the wordlist rather than the tool but the tool can be downloaded from: https://sourceforge.net/projects/wepattack/files/
Pretty rare to see WEP in the wild these days but it can be found, often with a hidden SSID. This is a pretty basic attack and dependent on the dictionary used. Aircrack-ng is going to be more successful.