How to hack WiFi networks

WiFi hacking....The two most common encryption types are:
1) WEP
2) WAP/ WEP
i.e Wire Equivalent Privacy is not consideres as safe asWAP
i.e Wireless Application Protocol.WEP have many flaws that allows a hacker to crack a WEP key easily.. whereas WAP is currently the most secure and best option to secure a wi-fi network..It can’t be easily cracked as WEP because the only way toretreive a WAP key is to use a brute-force attack ordictionary attack.Here I’ll tell you how to Crack WEP. To crack WEP we will be using Live Linux distribution called BackTrack to crack WEP.BackTrack have lots of preinstalled softwares for this very purpose..The tools we will be using on Backtrack are:
Kismet – a wireless network detector
airodump – captures packets from a wireless route 
aireplay – forges ARP requests
aircrack – decrypts the WEP keys
1) First of all we have to find a wireless access point alongwith its bssid, essid and channel number. To do this we willrun kismet by opening up the terminal and typing in kismet.It may ask you for the appropriate adapter which in my caseis ath0. You can see your device’s name by typing in thecommand iwconfig.
2) To be able to do some of the later things, your wirelessadapter must be put into monitor mode. Kismet automaticallydoes this and as long as you keep it open, your wirelessadapter will stay in monitor mode.
3) In kismet you will see the flags Y/N/0. Each one standsfor a different type of encryption. In our case we will 
belooking for access points with the WEP encryption. Y=WEPN=OPEN 0=OTHER(usually WAP).
4) Once you find an access point, open a text document andpaste in the networks broadcast name (essid), its macaddress (bssid) and its channel number. To get the aboveinformation, use the arrow keys to select an access pointand hit <ENTER> to get more information about it.
5) The next step is to start collecting data from the accesspoint with airodump. Open up a new terminal and startairodump by typing in the command:airodump-ng -c [channel#] -w [filename] –bssid [bssid][device]In the above command airodump-ng starts the program, thechannel of your access point goes after -c , the file you wishto output the data goes after -w , and the MAC address ofthe access point goes after –bssid. The command ends withthe device name. Make sure to leave out the brackets.
6) Leave the above running and open another terminal. Nextwe will generate some fake packets to the target accesspoint so that the speed of the data output will increase. Putin the following command:aireplay-ng -1 0 -a [bssid] -h 00:11:22:33:44:55:66 -e[essid] [device]In the above command we are using the airplay-ng program.The -1 tells the program the specific attack we wish to usewhich in this case is fake authentication with the accesspoint. The 0 cites the delay between attacks, -a is the MACaddress of the target access point, -h is your wirelessadapters MAC address, -e is the name (essid) of the targetaccess point, and the command ends with the your wirelessadapters device name.
7) Now, we will force the target access point to send out ahuge amount of packets that we will be able to take advantage of by using them to attempt to crack the WEP key.Once the following command is executed, check your airodump-ng terminal and you should see the ARP packe tcount to start to increase. The command is:aireplay-ng -3 -b [bssid] -h 00:11:22:33:44:5:66 [device]In this command, the -3 tells the program the specific typeof attack which in this case is packet injection, -b is the MACaddress of the target access point, -h is your wirelessadapters MAC address, and the wireless adapter device namegoes at the end.Once you have collected around 50k-500k packets, you maybegin the attempt to break the WEP key. The command tobegin the cracking process is:aircrack-ng -a 1 -b [bssid] -n 128 [filename].ivsIn this command the -a 1 forces the program into the WEPattack mode, the -b is the targets MAC address, and the -n128 tells the program the WEP key length. If you don’t knowthe -n , then leave it out. This should crack the WEP keywithin seconds. The more packets you capture, the biggerchance you have of cracking the WEP key.