Note : This tutorial is for learning purpose only...
Before talking about How to hack wifi for free internet , let us get familier with WiFi & WEP :-
WiFi stands for wireless Fidelity. It refers to any system that uses the 802.11 standard, which was developed by the Institute of Electrical and Electronics Engineers (IEEE) and released in 1997.
Wired Equivalent Privacy (WEP) Key is a password which is exchanged between a wireless device and a router on routers using WEP security.
When wireless routers first came out most were unprotected & ones that were, used simple 64bit WEP encryption. Times have changed. Newer 128bit WEP encryption has become popular & nearly all wireless routers are encrypted.
So now we know that
wifi enabled system + wireless network in neighborhood + wep key = free internet
Things to know before we start
This method will not work with WPA passwords.
You will be using a free live operating system called ‘Backtrack 3′. No experience of this product is necessary.
Backtrack 3 is only compatible with a small selection of wireless adapters.
Booting Backtrack 3
Insert the backtrack 3 disk into your disk drive.
Make sure that your computer is set so it will boot of the disk drive. Most computers will have this set by default. If it isn’t, then set it through the BIOS. I can’t tell you how to do this, as most BIOSs are different.
Restart the computer with the Backtrack 3 disk in the drive.
If the computer is set up to boot from the disk drive, then your computer will boot off the Backtrack 3 disk rather than the operating system installed on your hard drive.
After a few seconds a few options will come up. Select the ‘BT3 Graphics mode (VESA KDE)‘ option.
Lots of infomation will come up while Backtrack 3 is booting. Just ignore them.
After a few minutes, Backtrack 3 will be up & running.
Once the desktop is on screen, you can go to the next section.
Finding information about the wireless routers in the area
The ‘KDE Menu‘ is the button in the bottom left corner of the screen. It is a blue icon.
Click on the KDE menu, click ‘Backtrack‘, click ‘Radio Network Analysis‘, click ‘802.11‘, click ‘Analysing‘, click ‘Wicrawl‘.
A window should come on screen called ‘Wicrawl‘. Wait a few moments for Wicrawl to start. On the Wicrawl menu toolbar there should be an option called ‘Interfaces‘. Click it. There will be a list of all the internet adapters (wired & wireless) connected to your computer. You need to select the wireless adapter you are using. If you don’t know what it is, then test them all out. The scan will only work on functioning wireless adapters.On the Wicrawl menu toolbar there should be an option called ‘Scan‘. Click it. click ‘Automatic Mode‘. Once clicked, Wicrawl will start searching for wirless routers. Leave Wicrawl running. Minimize it.
Cracking the WEP password
Click on the KDE menu, click ‘Backtrack‘, click ‘Radio Network Analysis‘, click ‘802.11‘, click ‘Cracking‘, click ‘SpoonWEP‘. A window called ‘SpoonWEP‘ should come up on screen shortly after clicking on it.
As SpoonWEP is a Java application, it will take a few moments to start up.
Bring Wicrawl back up. In Wicrawl it should show a the ‘BSSID‘ of all the access points it found.
Now you must type the BSSID number into the Victim MAC text box in SpoonWEP. Make sure you type it correctly.
Now in Wicrawl look at it’s channel number. Now you must drag the channel slider to the correct channel.
Set the Injection rate to maximum.
Use Fragmentation and Forge Attack
Use 128 Bits key Length
In SpoonWEP, Make sure that the MAC & the channel are correct & belong to the same access point.
Click launch wait for few Minutes
The cracking proccess has begun. First it will capture IV & build a packet capture file, then it will find the key in the packet capture file. It is all automatic.
After a period of time(Atleast 8-10 minutes), the password will be displayed in the bottom of the SpoonWEP window.
When you have the password, remove the colons & decapitalize all the letters.
You now have the password...Cheers