Waste less time on Facebook — follow Brilliant.

WEP Hacking... easier than tying your shoe?

WEP (Wireless Equivalent Privacy) is an encryption algorithm used to encrypt data being sent across your router. Using a computer, it can take minutes to crack this encryption and then the hacker will have access to free internet connection using your router.

An algorithm called the RC4 cipher is used to pseudorandomly generate characters which are used to XOR (logical operator: exclusive or) against your data. The RC4 cipher is a key scheduling algorithm which can shake up numbers from 0 to 255 to form a key.

Password: 1234 -> RC4: 4 random numbers between 0 and 255

When the key and the text are mixed in the XOR, an ' IV' (Initialisation Vector) which is basically a unique number is added into the data which makes an attack from a dictionary attack (when brute forcing, a loop will be used with words from a dictionary to spot patterns) more difficult. Certain IV's however, are easier to work back to the RC4 than others and so hackers can use this.

Using programs such as 'Aircrack' the hacker can set up a connection to a router secured with WEP and send requests for increased amounts of packets (pieces of data) to be sent to the computer. IV's can only occupy about 24 bits, and so if the encrypted RC4 length is either 64, or 128 bits, then when the IV increments by 1, it will have no choice but to repeat itself which means that certain IV's are weak and repeat around the password. When a 'weak' IV is found, then the password can be worked backwards by analysing which characters appear more frequently to give a defined estimate of the RC4.

From here the RC4 can go through the XOR again as it is symmetrical (5 XOR 10 is 15 and 10 XOR 5 is also 15) and ultimately be hacked.

(Please note that this article is for educational purposes only and any attempt of hacking without consent is illegal under the computer misuse act (1998).

Note by Jack Barker
2 years ago

No vote yet
1 vote


Sort by:

Top Newest

I dunno... but WEP is outdated and insecure due to this fact, right? I think everything has switched over to WPA2 and the likes. Raghav Vaidyanathan · 2 years ago

Log in to reply

@Raghav Vaidyanathan Yeah WPA2 is mostly used now. It's due to WEP only having one static key for each packet, but WPA2 uses a new 128bit key per packet meaning brute force is more difficult :) Jack Barker · 2 years ago

Log in to reply

I get it ! I think I should post one question on Encryption as my 300 Followers Question !

@Kartik Sharma

Lol! No wonder you reshared this note :D

Let's see , if Calvin sir allows , I'll write a wiki on Hacking . Will you help me out with it ? Azhaghu Roopesh M · 2 years ago

Log in to reply

@Azhaghu Roopesh M Oh, so that is in the coming as you have already crossed the 300 follower mark! Kartik Sharma · 2 years ago

Log in to reply

@Kartik Sharma Jointhis discussion , will you ? Azhaghu Roopesh M · 2 years ago

Log in to reply

@Kartik Sharma Yeah . Azhaghu Roopesh M · 2 years ago

Log in to reply

@Azhaghu Roopesh M I wrote this haha, but yeah sure. I'd love to do more articles on hacking and cryptography! Jack Barker · 2 years ago

Log in to reply

@Jack Barker Hmm cryptography , codes are all fascinating ! I once tried writing a java code for decoding a 6 digit string but it was too slow and I abandoned that idea . Looks like I'll give it a try once again.

How about you ? Have you ever done Anything like that ? If so , which software did you use ? Azhaghu Roopesh M · 2 years ago

Log in to reply

@Azhaghu Roopesh M It all really depends. You could try UNIX shell as there is a built in Python interpreter which you can either use in the shell, or open a pre made file? I think Python or Java would be the best languages though! Jack Barker · 2 years ago

Log in to reply

@Jack Barker OK , I'll give it a try :)

Btw , are you going to write up wikis here on Brilliant ? Azhaghu Roopesh M · 2 years ago

Log in to reply

@Azhaghu Roopesh M I think I'd like to yeah. I may consider it soon :) Jack Barker · 2 years ago

Log in to reply


Problem Loading...

Note Loading...

Set Loading...