Cracking WEP in 10 minutes

    Date08 Jun 2005
    Posted ByBrittany Day
    Yesterday I started noticing referral traffic from, a phpbb-based community site for finding and sharing screencasts. The most entertaining one I found is called Cracking WEP in 10 minutes. It was produced with Camtasia, but the action takes place in Whoppix, which describes itself thusly:

    Whoppix is a stand alone penetration testing live cd based on Knoppix. With the latest tools and exploits, it is a must for every penetration tester and security auditor.

    To a thumping electronic beat, the WEP-cracking screencast shows you how to use: kismet to locate a victim; aireplay to generate the requisite hundreds of thousands of WEP initialization vectors; aerodump to save the traffic to a file; and aircrack to analyze the file and recover the WEP key.

    I'd known about this combination of techniques in a general way, but penetration testing isn't my game and I'd never bothered to learn the details. It's fascinating to watch the process unfold, and a real testament to the educational power of screencasting.

    As always, such power is a double-edged sword. This screencast will undoubtedly increase the amount of WEP-cracking that goes on. At the same time, though, I hope it will show a wider audience that, while WEP may not be entirely useless, it's a very weak defense and had better not be your only one. Cracking WEP today still requires specialized tools and high motivation, but it's just a matter of time until somebody packages up the procedure into a simple application that anybody can use.

    You are not authorised to post comments.

    LinuxSecurity Poll

    Has your email account ever been pwned in a data breach?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.