WEP (Wireless Equivalent Privacy) is an encryption algorithm used to encrypt data being sent across your router. Using a computer, it can take minutes to crack this encryption and then the hacker will have access to free internet connection using your router.
An algorithm called the RC4 cipher is used to pseudorandomly generate characters which are used to XOR (logical operator: exclusive or) against your data. The RC4 cipher is a key scheduling algorithm which can shake up numbers from 0 to 255 to form a key.
Password: 1234 -> RC4: 4 random numbers between 0 and 255
When the key and the text are mixed in the XOR, an ' IV' (Initialisation Vector) which is basically a unique number is added into the data which makes an attack from a dictionary attack (when brute forcing, a loop will be used with words from a dictionary to spot patterns) more difficult. Certain IV's however, are easier to work back to the RC4 than others and so hackers can use this.
Using programs such as 'Aircrack' the hacker can set up a connection to a router secured with WEP and send requests for increased amounts of packets (pieces of data) to be sent to the computer. IV's can only occupy about 24 bits, and so if the encrypted RC4 length is either 64, or 128 bits, then when the IV increments by 1, it will have no choice but to repeat itself which means that certain IV's are weak and repeat around the password. When a 'weak' IV is found, then the password can be worked backwards by analysing which characters appear more frequently to give a defined estimate of the RC4.
From here the RC4 can go through the XOR again as it is symmetrical (5 XOR 10 is 15 and 10 XOR 5 is also 15) and ultimately be hacked.
(Please note that this article is for educational purposes only and any attempt of hacking without consent is illegal under the computer misuse act (1998).