crack a WEP key of an open network without user intervention
see also :
airbase-ng - aircrack-ng - airdecap-ng - airdecloak-ng - airdriver-ng - aireplay-ng - airmon-ng - airodump-ng - airolib-ng - airserv-ng - airtun-ng - buddy-ng - easside-ng - ivstools - kstats - makeivs-ng - packetforge-ng - tkiptun-ng
add an example, a script, a trick and tips
no example yet ...
... Feel free to add your own example above to help other Linux-lovers !
is an auto-magic tool which incorporates a number of
techniques to seamlessly obtain a WEP key in minutes. It
first identifies a network, then proceeds to associate with
it, obtain PRGA (pseudo random generation algorithm) xor
data, determine the network IP scheme, reinject ARP requests
and finally determine the WEP key. All this is done without
Shows the help screen.
Wireless interface name.
Network IP as in ’who has
destination IP (netip) tell source IP (myip)’.
Defaults to the source IP on the ARP request which is
captured and decrypted. (Optional)
-m <my ip>
´who has destination IP
(netip) tell source IP (myip)´. Defaults to the
network.123 on the ARP request captured (Optional).
Source MAC address
Do not crack the key. Simply capture the packets until
control-C is hit to stop the program! (Optional)
-p <min PRGA>
Determines the minimum number
of bytes of PRGA which is gathered. Defaults to 128 bytes.
Wireless access point MAC
For each number of IVs
specified, restart the airecrack-ng PTW engine (Optional).
It will restart PTW every <threshold> IVs.
Allows the highest channel for
scanning to be defined. Defaults to channel 11
page was written by Thomas d’Otreppe. Permission is
granted to copy, distribute and/or modify this document
under the terms of the GNU General Public License, Version 2
or any later version published by the Free Software
Foundation On Debian systems, the complete text of the GNU
General Public License can be found in