Time for action – cracking WEP with the Hirte attack
Follow these instructions to get started:
Create a WEP access point exactly as in the Caffe Latte attack using the
airbase-ng
tool. The only additional option is the-N
option instead of the-L
option to launch the Hirte attack:Start
airodump-ng
in a separate window to capture packets for the Wireless Lab Honeypot:Now,
airodump-ng
will start monitoring this network and storing the packets in theHirte-01.cap
file:Once the roaming client connects to our Honeypot AP, the Hirte attack is automatically launched by
airbase-ng
:We start
aircrack-ng
as in the case of the Caffe Latte attack and eventually, the key will be cracked.
What just happened?
We launched the Hirte attack against a WEP client that was isolated and away from the authorized network. We cracked the key exactly the same way as in the Caffe Latte attack case.
Have a go hero – practise, practise, practise
We recommend setting different WEP keys on the client and trying this exercise...