NetStumbler.org Forums - View Single Post - Bugreports for the Aircrack suite, version 2.2betaX

scope · 07-01-2005

Hi!

2 things I noticed:

1.
Grabbed a packet, faked authentication, tried to chopchop the packet.
chopchop and aireplay -4 work, but the keystream differs.
arpforged the chopchop keystream and injected it, produces ivs.
The arpforged packet from the aireplay keystream does not work. Actually that keystream is far smaller than the one chopchop produces.
(tested with pcmcia Netgear ma401ra, prism2_cs on newest auditor).

I´d be glad if the aireplay -4 worked, because I could use my prismgt for chopping then

I saved all the packets and keystreams for further reference, well, can produce new ones too, if needed

2.
Fake authentication works great on most aps I tested. But I got several ones where it didn´t work. Suprisingly I could associate to the ap by hand (iwconfig eth essid xxxx enc restricted... and so on...).

If I use aireplay-chop in combination with fake authentication it keeps saying it got an deauth packet from the ap and stops, though chopchop does the job in that situation.

hope that helps a bit,
thx,

scope

07-01-2005	#5 (permalink)
scope Registered Member Join Date: May 2005 Posts: 5	Hi! 2 things I noticed: 1. Grabbed a packet, faked authentication, tried to chopchop the packet. chopchop and aireplay -4 work, but the keystream differs. arpforged the chopchop keystream and injected it, produces ivs. The arpforged packet from the aireplay keystream does not work. Actually that keystream is far smaller than the one chopchop produces. (tested with pcmcia Netgear ma401ra, prism2_cs on newest auditor). I´d be glad if the aireplay -4 worked, because I could use my prismgt for chopping then I saved all the packets and keystreams for further reference, well, can produce new ones too, if needed 2. Fake authentication works great on most aps I tested. But I got several ones where it didn´t work. Suprisingly I could associate to the ap by hand (iwconfig eth essid xxxx enc restricted... and so on...). If I use aireplay-chop in combination with fake authentication it keeps saying it got an deauth packet from the ap and stops, though chopchop does the job in that situation. hope that helps a bit, thx, scope