Track 3 / 4 to retrieve WEP/WPA Password:
1. Insert CD to you CD Rom, restart your computer and boot
the CD Rom
(just like when you format computer to install windows, boot
** If you don't know how to do this, kindly consult
your friend/computer technician with basic computer knowlegde.
Or go to
www.google.com and search for how to "boot from cd rom drive".
2. You will be asked to choose Back Track 3 or 4, just like picture
Choose BT3 for WEP
Choose BT4 for WPA
Here we take BT4 to crack WPA as an example.
3. System now will boot in to linux Os with BT4 version. Around 2
minutes, you will see below screen, means successed.
4. For BT4, Click the MiniWep (on the desktop), to scan your wireless
adapter and select your wireless adapter (8187L).
It is to make sure you select the wifi adapter, not
your laptop wifi.
Click the "Shell Konsole" icon as above pointed (Circled
5. Now type "spoonwep" and enter. ("spoonwep" is for BT3 and BT4
to crack wep)
For WPA, just "spoonwpa" and enter.
("spoonwpa" is for BT4 only).
6. Select Net Card:
MON0 - (if you use BT4) - If MON0 cannot, try MON1.
WLAN0 - (if you use BT3) - If WLAN0 cannot, try
RAD0 - (if you use Kinamax-N type with RADLINK
Chipset wifi adapter).
Select Drive: Normal
Select Mode: Unknown Victims
After that click NEXT.
7. Now you will go to discovery tab, as picture below.
Select CHAN HOPPING, and click launch. You can also
try "FIX CHAN" if CHAN HOPPING FAIL TO SCAN.
** If scanning not start, maybe your netcard in step
6 wrong, change to MON1 / WLAN1.
8. Once finished scan, it will show you available wireless in your
Refer picture below.
Choose (by highlight) the one with highest
you wish to crack.
Note: If data is 0, means very difficult to crack
and take very very long time.. maybe few hours or more.
will easier to crack. Some only take around 3 to 5minutes.
high when there are more people/owner using that wireless..
** So, sometime you have to wait for the people using that wireless,
only can crack it.
At the bottom, select the client with highest
packets value and click the "Selection OK" to next tab.
9. Now you will be in "HANDSHAKE CAPTURE" tab. Click the "LAUNCH
AUTOMATE HANDSHAKE CAPTURE" as show in below.
** For WEP (at BT3), you just click Launch.
10. Now you will be in "Cracking" tab, click the "LAUNCH AUTOMATED
HANDSHAKE CRACKING". as show in below.
11. The software will start cracking the WPA Password. Please wait
until the "Key Found" as show in below picture.
the time to find the key is depending
the DATA Value, It will as fast as 2minutes, or as slow as few hours,
Once success, note down the password in a
piece of paper.
12. Close the window and shutdown the pc.
13. Now take out the CD and start your computer as normal to windows.
Key in the password that you get to
connect to the wireless network.
Installing the realtek driver in windows:
1. In the provided CD/DVD, there is the driver for windows
2. Open the the driver folder and click setup.
3. Follow step untill installation completed.
4. Plug in your wifi adapter and windows will automatic install the
driver for you.
5. Open realteck icon on your desktop and search available network.
6. Connect it by insert the password that you got.