The number of wireless networks is rapidly increasing everywhere. Security issues concerning the network are being neglected not only by private households, but also firms. Most administrators reframe from encrypting their networks and if they do so, they utilize weak passwords.

The prices of wireless networks are sinking and the installation can be done easily in no time. These favourable conditions have been leading to the increased usage of such wireless infrastructures by companies as well as private households. In principle a WEP encryption (Wireline Equivalent Privacy) with 64 or 128 bits can be activated without much effort, this however is rarely done. An encrypted network has its safety limitations as well. Tools such as Airsnort or WepCrack are based on passive attacks and can compute the necessary key after analysing sufficient network traffic.

The keys to encrypt wireless networks can be set with administration tools in form of a password. It is well-known that in many cases, weak keys are commonly selected. Weak keys are normal words, possibly combined with numbers.

In the course of this degree dissertation a tool named WepAttack, for active attacks on encrypted wireless networks, was developed. The goal was to test the safety of such infrastructures. Active attacks work with dictionaries, trying millions of words in order to find weak keys.

WepAttack could successfully be implemented and tested on surrounding wireless networks. With a sniffer network traffic is recorded and passed on to WepAttack. WepAttack then exams the code and tries to crack the password using the dictionary. The dictionary is a list of millions of words saved in an external file. If WepAttack finds a match, the WEP-Key is displayed immediately and additionally written into a log file.