How To Hack WEP Wi-Fi With Kali Linux & Aircrack-ng


May 19, 2015
Reaction score
This was done in my home work bench - hacking into wireless network's you don't own or have permission to do is breaking the law.

I have been asked several times about the hardware I’m using. It’s a plug-n-play wireless USB adapter TP-LINK TL-WN722N from Amazon.

If you are looking for a better range – better quality wireless adapter for KALI then I recommend using Alfa AWUSO36NH. Also, don’t forget to add better antenna’s (9-12 dBi).

If you are looking for Ultimate range WiFi antenna (up to 56 Km?) then, try – TP-LINK TL-ANT2424B 2.4GHz 24dBi.

Steps For Hacking WiFi & Cracking WEP Key on Kali Linux:
Let’s begin… Open the Terminal and Type the following command to find whether your wireless card is working or not.


If you get something like following image then your wireless card is available and working.

Now type the following command to put your wireless card in monitoring mode.

airmon-ng start wlan0

If you got the above image then your wireless card is in monitoring mode and working. Now type the following command to listen to the wireless network around you and get details about them.

airodump-ng mon0

Note that mon0 might be mon1, mon2, mon3 etc. depending upon the number of monitoring mode already running on your system. Find the monitoring mode (ie. mon1, mon2 etc.) from the precious image.

Now here our target is “mtnl” which is using WEP encryption and authentication. Wifi mtnl is working on channel 4 and bssid is 0C:D2:B5:03:43:68. Now type the following command to start capturing its packet which might have encrypted password.

airodump-ng –w mtnl-org –c 4 –bssid 0C:D2:B5:03:43:68 mon0

Let me explain the command, -w is for writing into a file that we are going to create i.e. mtnl-org, -c is used for channel which is currently 4.

Now after typing the command wait for 10-15 minutes to capture around 15,000 ivs packets. The time duration depends on the traffic on network, your distance from the access point and actually the no. of ivs you have captured (refer to the next image).

Hey, if there is only few packets coming then you can try to deauth to generate more data packets with following command:

aireplay-ng -0 0 -a 0C:D2:B5:03:43:68 mon0

Finally, Type the following command to start cracking WEP key of the network.

aircrack-ng mtnl-org-01.cap

Notice the file name carefully as the program automatically ads -01, -02, -03 etc. to the file name you have suggested. It depends upon the no. of file you have with same name.

After a few seconds or minutes you will find that the password is 100% decrypted or WEP key is cracked and password is 3937353536.

NOTE: This was surely a little lengthy process of cracking WiFi’s WEP Key. You might be interested in hacking other types of secure WiFi networks such as WPA, WPA2 or WPS in an automated way, then read my latest article – How to Hack WiFi Password? WEP, WPA/WPA2, WPS – Wifite!

Troubleshooting: If you were unable to crack WEP key of your WiFi then you might have typed wrong command or had input wrong value like channel number, bssid or something. Be Careful!

You might not have captured enough packets and ivs that are necessary to crack the WEP key. Don’t worry you’ll error message about this.

There is possibility that your wireless card is not working or something else might not be working well then I can’t do much, you should search about it on web or watch my video about hacking and Cracking WEP Key on Kali Linux using Aircrack-ng Tool.
Last edited: