NetStumbler.org Forums

Go Back   NetStumbler.org Forums > Software > Windows
Reload this Page Aircrack Help..
Register Search Today's Posts Mark Forums Read

Reply
Page 1 of 2 1 2 >
 
LinkBack Thread Tools Display Modes
Old 06-28-2005   #1 (permalink)
voorhees21
Registered Member
 
Join Date: Dec 2004
Posts: 8
Question Aircrack Help..
I am wondering if this is normal and correct, and if not, what exactly do I need to do to fix the issue...

I just ran airodump for hours and collected about 400,000 packets from a specific MAC and only 2500 IV's were collected from it....

Is that normal? or do I need to update my driver for my Gold Orinoco 11b/g Card to get more IV's etc.?

Well, I then opened Aircrack and I typed "0" and it said not enough IV's....

Did I type the right thing? or do I really not have enough IV's for Aircrack to even run...?

Also, when I typed "1" (read IV's from specific pcap file) and draged the test cap file with the collected packets and IV's into the box, it failed to open with the "fopen ("C:/Documents,rb) failed" error...

Did I type the right thing? Must I specify the MAC with the collected IV's that I want to crack to use Aircrack correctly? If so, what command do I type?


When I installed Aircrack, I also installed the WildPackets Atheros 3.0.0.111a Wireless LAN Driver for my Orinoco card...

Was that the right driver for me to use?

I got the driver from here

Also, I dont get a perfect signal from the AP that I am collecting packets from...in airodump...the specific PWR usually stays between 20-30..

Is that good?

Please help...
voorhees21 is offline   Reply With Quote
Old 06-28-2005   #2 (permalink)
Dutch
Humourless EuroMod.
 
Dutch's Avatar
 
Join Date: Mar 2004
Location: City of Mermaids, Denmark
Posts: 6,813
Quote:
Originally Posted by voorhees21
I am wondering if this is normal and correct, and if not, what exactly do I need to do to fix the issue...

I just ran airodump for hours and collected about 400,000 packets from a specific MAC and only 2500 IV's were collected from it....

Is that normal? or do I need to update my driver for my Gold Orinoco 11b/g Card to get more IV's etc.?

Well, I then opened Aircrack and I typed "0" and it said not enough IV's....

Did I type the right thing? or do I really not have enough IV's for Aircrack to even run...?

Also, when I typed "1" (read IV's from specific pcap file) and draged the test cap file with the collected packets and IV's into the box, it failed to open with the "fopen ("C:/Documents,rb) failed" error...

Did I type the right thing? Must I specify the MAC with the collected IV's that I want to crack to use Aircrack correctly? If so, what command do I type?


When I installed Aircrack, I also installed the WildPackets Atheros 3.0.0.111a Wireless LAN Driver for my Orinoco card...

Was that the right driver for me to use?

I got the driver from here

Also, I dont get a perfect signal from the AP that I am collecting packets from...in airodump...the specific PWR usually stays between 20-30..

Is that good?

Please help...
Are you in the same room as the AP ? Is it your own AP ?

Dutch
__________________
All your answers are belong to Google. SEARCH DAMMIT!
Warning. Warning.
Low C8H10N4O2 level detected. Operator halted....
Dutch is offline   Reply With Quote
Old 06-28-2005   #3 (permalink)
voorhees21
Registered Member
 
Join Date: Dec 2004
Posts: 8
I am not in the same room as the AP.

I get a constant signal...just not strong though...
Last edited by voorhees21 : 06-28-2005 at 12:43 PM.
voorhees21 is offline   Reply With Quote
Old 06-28-2005   #4 (permalink)
Dutch
Humourless EuroMod.
 
Dutch's Avatar
 
Join Date: Mar 2004
Location: City of Mermaids, Denmark
Posts: 6,813
Quote:
Originally Posted by voorhees21
No...I am not in the same room as the AP.

I get a constant signal...just not strong though...
Move the AP into the same room, and advise if you have the same problem.

Dutch
__________________
All your answers are belong to Google. SEARCH DAMMIT!
Warning. Warning.
Low C8H10N4O2 level detected. Operator halted....
Dutch is offline   Reply With Quote
Old 06-28-2005   #5 (permalink)
voorhees21
Registered Member
 
Join Date: Dec 2004
Posts: 8
Ok, I moved the AP, and I get an ok signal now....but it's still picking up very few IV's....

In Airodump...what PWR rating should be displayed for me to know I have a good signal? 20-30?? 40-50?

Are there any solutions to any of my other questions?
Last edited by voorhees21 : 06-28-2005 at 01:21 PM.
voorhees21 is offline   Reply With Quote
Old 06-28-2005   #6 (permalink)
wrzwaldo
I amuse you?
 
Join Date: Dec 2003
Posts: 9,127
Quote:
Originally Posted by voorhees21
Ok, I moved the AP, and I get a good signal now....but it's still picking up very few IV's....

Are there any solutions to any of my other questions?
Just curious here. What brand AP and what firmware?
wrzwaldo is offline   Reply With Quote
Old 06-28-2005   #7 (permalink)
voorhees21
Registered Member
 
Join Date: Dec 2004
Posts: 8
Linksys WRT54G

Firmware
3.03.6
voorhees21 is offline   Reply With Quote
Old 06-28-2005   #8 (permalink)
devine
Emergence
 
Join Date: Jul 2004
Location: Paris
Posts: 389
Quote:
Originally Posted by voorhees21
I just ran airodump for hours and collected about 400,000 packets from a specific MAC and only 2500 IV's were collected from it.... Is that normal?
Yup. Access points send 10 unencryted beacon packets every second, so the vast majority of those 400000 packets are just beacons.
devine is offline   Reply With Quote
Old 06-28-2005   #9 (permalink)
voorhees21
Registered Member
 
Join Date: Dec 2004
Posts: 8
Quote:
Originally Posted by devine
Yup. Access points send 10 unencryted beacon packets every second, so the vast majority of those 400000 packets are just beacons.
Ok, so if that is the case, then is that also why when I go to crack the WEP in Aircrack, it fails to open the cap file? Will Aircrack not open/run a cap file if there aren't enough IV's?

Also...I ran airodump for at least 10 hours just to get 400000 packets from a specific MAC....everytime I run it, I get about 7 other AP's in my area that is also collects packets from....and I am thinking thats why it's taking so long to get all the packets I need for my specific AP....

I tried using the MAC filter in the setting for airodump, but it doesn't filter anything...am I not including some command with the MAC address that I put into the MAC Filter section on airodump? Do I put the MAC address first, then -m?....or something else?

How many IV's are generally needed for Aircrack to run the cap file? Or am I not typing something that I should when I drag the selected cap file into the aircrack window?....

Quote:
Originally Posted by voorhees21
Also, when I typed "1" (read IV's from specific pcap file) and draged the test cap file with the collected packets and IV's into the box, it failed to open with the "fopen ("C:/Documents,rb) failed" error...

Did I type the right thing? Must I specify the MAC with the collected IV's that I want to crack to use Aircrack correctly? If so, what command do I type?
Last edited by voorhees21 : 06-28-2005 at 02:18 PM.
voorhees21 is offline   Reply With Quote
Old 06-28-2005   #10 (permalink)
devine
Emergence
 
Join Date: Jul 2004
Location: Paris
Posts: 389
Quote:
Originally Posted by voorhees21
Ok, so if that is the case, then is that also why when I go to crack the WEP in Aircrack, it fails to open the cap file? Will Aircrack not open/run a cap file if there aren't enough IV's?
Must be a bug in the code. Perhaps I'll fix it, the win32 port isn't at the top of my priority list anyway. By the way, found out MFC is a major pain in the ass, as for now I'll stick with the console ui.

Quote:
Originally Posted by voorhees21
Also...I ran airodump for at least 10 hours just to get 400000 packets from a specific MAC....everytime I run it, I get about 7 other AP's in my area that is also collects packets from....and I am thinking thats why it's taking so long to get all the packets I need for my specific AP....
Shit happens.

Quote:
Originally Posted by voorhees21
I tried using the MAC filter in the setting for airodump, but it doesn't filter anything...am I not including some command with the MAC address that I put into the MAC Filter section on airodump? Do I put the MAC address first, then -m?....or something else?
Yeah, it's useless. I'll remove that feature.
devine is offline   Reply With Quote
Old 06-28-2005   #11 (permalink)
voorhees21
Registered Member
 
Join Date: Dec 2004
Posts: 8
Quote:
Originally Posted by devine
Must be a bug in the code. Perhaps I'll fix it, the win32 port isn't at the top of my priority list anyway. By the way, found out MFC is a major pain in the ass, as for now I'll stick with the console ui.



Shit happens.



Yeah, it's useless. I'll remove that feature.

Wow....very inspirational lol...

At this rate....getting 400,000 packets and only 2500 IV's in 10 hours....it will take me weeks and weeks to get enough IV's to do anything...
voorhees21 is offline   Reply With Quote
Old 06-28-2005   #12 (permalink)
Dutch
Humourless EuroMod.
 
Dutch's Avatar
 
Join Date: Mar 2004
Location: City of Mermaids, Denmark
Posts: 6,813
Quote:
Originally Posted by devine
Must be a bug in the code. Perhaps I'll fix it, the win32 port isn't at the top of my priority list anyway. By the way, found out MFC is a major pain in the ass, as for now I'll stick with the console ui.
Christophe, dump the win32 port and concentrate on the 2.2 *nix version. Being dependant on third party proprietary drivers, and the general mess the win32 api is, just gives you more headaches than you need.
The 2.1 version with its win32 version is a great proof of concept, but what you have done with the 2.2 betas so far, shows how much easier it is to program and fix stuff, when you have access to the sourcecode of everything involved.
Just MHO offcourse, the decision is yours to make

Dutch
__________________
All your answers are belong to Google. SEARCH DAMMIT!
Warning. Warning.
Low C8H10N4O2 level detected. Operator halted....
Dutch is offline   Reply With Quote
Old 06-28-2005   #13 (permalink)
wrzwaldo
I amuse you?
 
Join Date: Dec 2003
Posts: 9,127
Quote:
Originally Posted by voorhees21
Wow....very inspirational lol...

At this rate....getting 400,000 packets and only 2500 IV's in 10 hours....it will take me weeks and weeks to get enough IV's to do anything...

Do some further searching, it may not take as long as you think (if it is your network you are trying to crack).
wrzwaldo is offline   Reply With Quote
Old 06-28-2005   #14 (permalink)
voorhees21
Registered Member
 
Join Date: Dec 2004
Posts: 8
Quote:
Originally Posted by Dutch
Christophe, dump the win32 port and concentrate on the 2.2 *nix version.
That is exactly what I am going to do.
voorhees21 is offline   Reply With Quote
Old 06-29-2005   #15 (permalink)
devine
Emergence
 
Join Date: Jul 2004
Location: Paris
Posts: 389
Quote:
Originally Posted by Dutch
Christophe, dump the win32 port and concentrate on the 2.2 *nix version. Being dependant on third party proprietary drivers, and the general mess the win32 api is, just gives you more headaches than you need.
Indeed. I'm going to focus on fixing bugs in the current beta (bug reports are welcome!) and adding new features. As for now, I'll add WPA decryption support in airunwep.
devine is offline   Reply With Quote
Reply
Page 1 of 2 1 2 >

« wep crakcing through an outdoor client | SoftAP »

Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



Google
 
Web NetStumbler.org

All times are GMT -7. The time now is 02:41 AM.

Contact Us - NetStumbler.org - NetStumbler.com - Online Backup - Archive - Top

Powered by vBulletin® Version 3.6.8
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.0.0 ©2007, Crawlability, Inc.


All messages express the views of the author and are for entertainment purposes only. Netstumbler.org cannot be held responsible for the authenticity of the content or the actions of its members. By using this site and its services, you warrant that you will not post any messages that are discriminating, obscene, hateful, threatening, or otherwise violates any laws and you release Netstumbler.org from any future claims of any kind whatsoever including, but not limited to, addiction and loss of productivity. All forum messages, private messages and any other content are properties of Netstumbler.org. Even if publicly available, personal or copyrighted information are not to be posted without the consent of the owner. Distribution of licensed and copyrighted materials in any way not endorsed by the copyright owner is strictly prohibited. You may not use this site and its resources to spam other sites or individuals or perform any action that violates any law. Items sold or bought in the For Sale forum are sold as is and no warranty or insurance of any kind is provided. Netstumbler.org cannot be held responsible for the outcome of any transactions and no warranty of any kind is provided, either express or implied. Vulgar words are not allowed in the subject lines ; they may be used in the message body in any forum. The Administrator, Super Moderators and Moderators of Netstumbler.org have the right to remove, edit, move or close any thread for any reason and to reveal your identity and other known information in the event of a complaint or legal action arising from any message posted by you.