manual.txt

About WepDecrypt: Wepdecrypt is a Wireless LAN Tool written in c which guesses WEP Keys based o

			WepDecrypt Manual
	===============================================
     1. What is wepdecrypt.
     2. What you need to install wepdecrypt.
     3. Short explanation about dumpfiles.
     4. Wepdecrypt usage.
     5. Config files.
     6. Graphic interface
     7. How to help the project.
	===============================================
     
1. What is wepdecrypt.
    Wepdecrypt is a Wireless LAN Tool written in c which  guesses WEP Keys based
    on  a  active dictionary  attack, key generator, distributed network attack 
    and some other methods, it's based on wepattack and GPL licensed


2. What you need to install wepdecrypt.
    To install wepdecrypt you need these libraries:
	- libpcap (http://www.tcpdump.org/)
	- libz (http://www.zlib.net/)
	- openssl (http://www.openssl.org/)
	- fltk (Optional used to compile the grafic interface needs to be >= 1.1.6)

    Libz comes with almost every distro so you have to worry to install the two
    others, besides  that  in  some  distros  you  also have to install package 
    headers (usually -dev packages).

    Once you have installed these libraries just type:
	./configure; make
	
	To Install without the gui type
	./configure --disable-gui; make

	You also can specify dest directory with
	./configure --with-dest-dir=destdir; make

	To disable wkeygen tool
	./configure --disable-keygentool; make

    (and as root)
	make install

    Other options are available for make:	
	make clean - cleans the installation enviroment.
	make purge - similar to clean option but you will need to rerun 
                     ./configure.
	make uninstall - uninstalls the package (needs root privileges).	


    Installing  john the  ripper  is  also  highly  recommended  but  it's  not 
    mandatory. Wepdecrypt  will  only  work  in little endian linux enviroments 
    don't  try  in  others  actually  x86  and mips archs have been successfuly
    tested.


3. Short explanation about dumpfiles.
    Dumpfiles are the main  piece to make  wepdecrypt work, these files contain 
    the  encrypted  packets  that  wepdecrypt must obtain  the  key, wepdecrypt 
    itself didn't generates  such kind of files so  you need another program to 
    generate them, I suggest you to use kismet (http://www.kismetwireless.net/)
    in any way any program that generate libpcap dumps will work.
    The  dumpfile needs to have  at least one encrypted  packet in order to get 
    wepdecrypt working (one  encrypted  packet is all that wepdecrypt  needs to 
    work so you don't have to generate huge dumpfiles).


4. Wepdecrypt usage.
    At this stage  you  should have wepdecrypt  installed  and a fresh dumpfile 
    available in your system so it's the time to show wepdecrypt in action.

    First of all the options:
       -f dumpfile
              Network dumpfile to read in PCAP format (as TCPDUMP, ETHEREAL or
              KISMET uses)

       -s     Server mode, it's used to use wepdecrypt as a server  daemon  to
              manage a distributed network attack (doesn't work in windows)

       -w wordfile
              Take keys from a file to perform a dicctionary attack (not valid
              with 64 or 128 mode)

       -b mac_address
              Filter an address from the dump file this  is  done  to  decrypt
              only  the keys from one access point (referenced by mac), if the
              provided ap mac isn't found the program will try to decrypt  all
              networks found in dumpfile

       -m mode
              Specifies  the  decrypting  mode (default all) values:  64, 128,
              n64, n128, nall

       -i Key This option is for the internal key generator (used with  64  or
              128 mode) it specifies the start key

       -e Key This  option  is for the internal key generator (used with 64 or
              128 mode) it specifies the last key

       -c server:port
              Client mode, server is the host where wepdecrypt is  running  in
              server  mode  and  port it's the number port where the server is
              listening

       -n network
              Network is a number and specifies the maximum number of keys  to
              decrypt  by  default  wepdecrypt will try to decrypt all packets
              with diferent keys found

	   -d mode
              Mode  can be all, alpha, alphanumeric, numeric, random or print-
              able this option is used to set the mode for the new key genera-
              tor.  For  example "-m 64 -d numeric" will try keys from "00000"
              to "99999"

       -g     Used with client mode to get the file to decrypt from the server

       -l num_blocks
              Used  with  client  mode  to set the number blocks to decrypt if
              num_blocks is 0 the client will decrypt blocks while server  has
              blocks to assign

       -v     Shows current version

       -?|-h  Shows help menu
 
    As a first approach I suggest you to use wepdecrypt_inc script or a 
    dicctionary to try common used keys.
	wepdecrypt_inc dumpfile
        wepdecrypt -f dumpfile -w dictionary_file

    Now lets going to see some other methods:
	wepdecrypt -f dumpfile -m64 -i 00:00:00:00:00 -e FF:FF:FF:FF:FF:FF 
	wepdecrypt -f dumpfile -m128 -i 11:22:33:44:55:66:77:88:99:0A:0B:0C:0D
	wepdecrtpt -f dumpfile -m64 -d alpha
	wepdecrtpt -f dumpfile -m128 -d all
	
    This uses  the  internal  key  generator to try all specified keys, you can 
    stop  wepdecrypt at  any time  and resume the session later. Take a look at 
    the  logfile  and  use  the last  key as init  key to continue the cracking 
    session. If init key is not specified 00:..:00 will be used and if last key 
    is not specified FF:..:FF will be used.

    At last the most powerful mode the distributed network attack, first of all 
    start wepdecrypt in server mode
    	wepdecrypt -s -f local.dump -m 64&

    In server  mode also init key can be specified with -i flag.

    Now execute wepdecrypt as  a  client. First get the dumpfile from the server
    and start wepdecrypt in client mode
	wepdecrypt -c example.com:3657 -g 
	(ip number can be used instead hostname)
	wepdecrypt -c example.com:3657 -l 0

    Short explanation about packet filters:
    -b flag deserves to select an ap (the mac of the ap must be used to select it)
    -n flag deserves to select the number of packets this is independent from -b 
	
	Now wordfile can contain hex keys which will be used as  keys.  To  use
    this feature the first line of the word file should be HEXKEY_FILE.


5. Config files.
    $HOME/.wepdecrypt
    #Wepdecrypt configuration file
    #Server listening port
    Port=3617

    #Blocksize can be set up to 1099511627775
    Blocksize=4294967296 (01:00:00:00:00)

    #Full path to server logfile
    Logfile=/var/tmp/wepdecrypt_s.log

    #Verbosity levels: 1 - LOW 2 - MEDIUM 3 - HIGH
    Verbosity=2

    I think that this is self explanatory it handles server configuration all 
    datafields must be in the file.

    /etc/wedecrypt.conf
    # /etc/wedecrypt.conf
    #
    # Configuration for WEPDECRYPT
    # Fernando Tarin

    JOHNDIR=/usr/sbin/ (usual place)
    WORDLIST=/usr/src/john-1.6/run/wordlist

    This is used for wepdecrypt_inc and wepdecrypt_word which uses john the 
    ripper to generate keys.
	
    In the windows version all files should be in the same directory as 
    wepdecrypt.


6. Graphic interface
    This  is  the  graphic interface for wepdecrypt. The gui is pretty self
    explanatory, every input box has a flag name, just change it with  your
    desired  values and hit the check button next to the input box, besides
    now, there is a new help option in the help menu (can also be  accessed
    pressing  "Ctrl+h")  that  explains  every  option. To start wepdecrypt
    press the start button. The default  directory  for  wepdecrypt  output
    logs  is  /tmp/  (in  windows  version  is  the same directory in which
    gwepdecrypt  is  running)  it  can  be  changed  through  the  gui   or
    $HOME/.wepdecrypt file.


7. Wkeygen
    Wkeygen is a tool that generates WEP keys. Provided to allow the creation
    of wordfiles that contains hex keys easily. Usage is pretty simple just use
    -? flag to see its options (linux version only).


8. How to help the project.
    Well to help me with the project anything is wellcome.
    - a patch
    - rpm or deb versions of wepdecrypt
    - reporting a bug
    
    If you have any suggestion a question or something like this.
	http://wepdecrypt.sourceforge.net/forum/
	icemanf@gmail.com