The first thing you will want to do (this is on Ubuntu) is download wifite (http://code.google.com/p/wifite/).
wget http://code.google.com/p/wifite/downloads/detail?name=wifite-2.0r85.tar.gz&can=2&q=
Here is a list of the current features on v2.0r85:
- sorts targets by signal strength (in dB); cracks closest access points first
- automatically de-authenticates clients of hidden networks to reveal SSIDs
- numerous filters to specify exactly what to attack (wep/wpa/both, above certain signal strengths, channels, etc)
- customizable settings (timeouts, packets/sec, etc)
- "anonymous" feature; changes MAC to a random address before attacking, then changes back when attacks are complete
- all captured WPA handshakes are backed up to wifite.py's current directory
- smart WPA de-authentication; cycles between all clients and broadcast deauths
- stop any attack with Ctrl+C, with options to continue, move onto next target, skip to cracking, or exit
- displays session summary at exit; shows any cracked keys
- all passwords saved to cracked.txt
- built-in updater: ./wifite.py -upgrade
sudo apt-get install aircrack-ng
Some other applications you will want to install to aid in wireless key retreaval, a list of these are shown when running wifite:
- reaver, for working with WPS-encrypted networks
- pyrit, cowpatty, tshark: not required, but help verify WPA handshake capture
chmod +x wifite.py
Then for me, I check I can access all my WEP networks with the following code:
./wifite.py -all -wep
Hope this helps.