Using Gerix WiFi Cracker (In BackTrack 4) To Crack WEP.

Part of a series of manuals by Hex.The aim of this guide is to teach you how to use the beautiful GUI frontend for AirCrack-ng, that being the Italian made Gerix-WiFi-Cracker-ng found in BackTrack 4, to crack WEP keys using the KoreK ChopChop Attack Method.

Anyways, to begin, it is assumed you have booted BackTrack 4 from a Live USB Disc, and from the command terminal it gives you, spoofed your MAC address. Once the MAC is spoofed, you must first type:/etc/init.d/wicd start This begins the Wicd network manager, and then to start the X-11 Window server (i.e. the GUI) one simply types:startx

After one has done this, we are ready to proceed!

Step One: Start the WICD-CLIENT.Open a terminal and type the following:wicd-client

Step Two: Scanning The Network with WICD.Simply click on the WICD icon in the taskbar (it labels itself ala windows) and press 'Refresh'. In this, we see the target Eircom network (WEP) and another misc. network that was nearby. The GUI tells us signal strength, SSID, and security.

Step Three: Start Gerix.Go to the menu, Goto BackTrack > Radio Frequency Whatever > 802.11 > Cracking > and click on Gerix Wifi...This is what you shall see!

Step Four: Configure Gerix.Click the 'configuration' tab. You will see THIS.

Step Five: Enable Monitor Mode.Click the button which says 'enable/disable monitor mode'.You SHOULD see THIS.

Step Six: Rescan networks.Scroll down. Click Rescan Networks.

Step Seven: Select Target.Click once on the one that be your target!

Step Eight: Click on the WEP tab.Click on the WEP tab.

Step Nine: Start Sniffing and Logging.Click on the button that says 'Start Sniffing and Logging'. (Minimise Window to de clutter)

Step Ten: Test Injection.See Can You Inject! Click on the button that says 'Perform a test of Injection AP'. If it says yes you are good to go!

Step Eleven: False Authentication.Click on the 'WEP Attacks – No Client' and then click 'Start false access point authentication on victim' (thrice for luck)

Step Twelve: Start the KoreK ChopChop Attack!Click on the button that says 'Start the ChopChop Attack!'You SHOULD see THIS.

Step Thirteen: ChopChop Ready!Once it is ready you will see THIS in the window that appeared!

Step Fourteen: ChopChop FIRE!Type 'yes' into the box and hit 'ENTER'

Step Fifteen: ChopChop FIRING!You SHOULD be seeing THIS.

Step Sixteen: Injecting packets.Click 'Create the ARP Packet to be injected' a few times. Then click 'Inject the created packet on victim...'. Type YES at prompt.

Step Seventeen: Check that Sniff/Log!The #data field (IV's) should be 'OVER 9000!' by now! If not... Wait! The more the better!

Step Eighteen: CRACK THE KEY!Click on the 'CRACKING' Tab. Click 'aircrack-ng decrypt WEP password'And then just wait for the bugger to crack. If fail, wait for more #data/IV's and try again :DIn this shot the key was just cracked – it broke in a split nanosecond.

Step Nineteen: Write the fucking key down!Yeah... Record the location of the WiFi spot, the SSID and the key! Its VERY important! You dont want to have to do this EVERY SINGLE TIME now do you?Oh, and yeah, you just hacked your first WiFi. Congratulations. 12 year old kids can do the same.

Hope you enjoyed...You should be visiting these sites!www.shadowrx.com (my home)www.roguesci.org (coming back VERY soon!)www.thevespiary.org (excellent website!)www.rorta.net (good site!)www.digitalprecursor.org (excellent site!)

Please Also See:*MAC Spoofing For Idiots (aka Spoofing Your MAC address).

COMING SOON:*Running LOIC on Ubuntu!*How to enter Netopia Routers and clear logs!*Man in The Middle with Ettercap!*Cracking WPA keys!-and probably more when I get off my ass and write.Contact Details:Email me at insecure@hushmail.com or PM me at one of the above mentioned sites!Have fun out there, and be safe!~Hex