Aircrack 2.3 & airodump WEP cracking

xxsubz78x · 09-09-2005

Hi,

I know this is not a Windows forum but the creator of Aircrack said he checks this forum pretty often.

I am using Airodump for Windows and I have a Cisco Aironet a/b/g card. I've installed the new driver because it wouldn't work with the Cisco driver.
I ran airodump and it was capturing IVs... I let it go until it got to over 1.2 million in the data column. When it asked me the question about capturing only IVs I said Yes. Then I stopped it and I ran aircrack -a 1 wepkey.ivs It started running but it only shows 46981 IVs instead of the 1.2 million that I got with Airodump.

I let it run for about 3 hours and it didn't seem to come up with anything. Am I supposed to see a message "Wep key found" ?? I'm thinking I don't have enough IVs but I don't understand why Airodump would count the DATA over 1.2 million and Aircrack only showd 46,981.

I tried to generate wireless traffic by having another laptop on the WLAN download big files from an FTP server.

I've heard some people saying that they can crack a wep key in about 20 min. Do they use a different program or what? Do you have to have a lot of traffic on the WLAN in order to capture enough IVs to crack a 128 bit key?

One more thing: When I ran airodump it kept switching between WEP and WPA.

xxsubz78x · 09-09-2005

the .ivs file captured by airodump was about 267 kb.

theprez98 · 09-09-2005

Quote:

Originally Posted by xxsubz78x

the .ivs file captured by airodump was about 267 kb.

airodump usually creates .cap files. And that file looks too small to have 1 million+ IVs.

devine · 09-09-2005

Quote:

Originally Posted by xxsubz78x

I let it go until it got to over 1.2 million in the data column. When it asked me the question about capturing only IVs I said Yes. Then I stopped it and I ran aircrack -a 1 wepkey.ivs It started running but it only shows 46981 IVs instead of the 1.2 million that I got with Airodump.

airodump, like aircrack displays the unique IV count in the "# Data" field. Seems very much like a bug to me. Try again, but without answering yes.

xxsubz78x · 09-09-2005

How much traffic do I need to generate on the wireless network in order to get the IVs I need and how long does it usually take to capture enough IVs?

Also, did I use the right options in aircrack. ie. aircrack -a 1 wepkey.ivs ??

or should I be playing around with the fudge factor and all that?

How big should the .ivs file be?

Will I get a message WEP KEY FOUND??

How long should it take to crack the key with enough IVs? I just want to know if I should let it go for 30 min.... or if it's not found after a few minutes, start over??

theprez98 · 09-09-2005

Quote:

Originally Posted by xxsubz78x

How much traffic do I need to generate on the wireless network in order to get the IVs I need and how long does it usually take to capture enough IVs?

Also, did I use the right options in aircrack. ie. aircrack -a 1 wepkey.ivs ??

or should I be playing around with the fudge factor and all that?

How big should the .ivs file be?

Will I get a message WEP KEY FOUND??

How long should it take to crack the key with enough IVs? I just want to know if I should let it go for 30 min.... or if it's not found after a few minutes, start over??

With 500,000+ IVs it should find the key in a few seconds. If not, collect more IVs.

09-10-2005

I have the same problem as this person. When I start up airodump I always choose no for collecting IV's only. I'l get say about 50,000 and then when I load it into aircrack 2.1 it'l say like 12,000.

I use aircrack 2.1 because I cant seem to get 2.3 to work. When I try to choose an option it just says "press ctrl+c to exit" . It says this for any option I try. Am i doing something wrong here? Am I retarded?

theprez98 · 09-10-2005

Quote:

Originally Posted by dunning

I have the same problem as this person. When I start up airodump I always choose no for collecting IV's only. I'l get say about 50,000 and then when I load it into aircrack 2.1 it'l say like 12,000.

I use aircrack 2.1 because I cant seem to get 2.3 to work. When I try to choose an option it just says "press ctrl+c to exit" . It says this for any option I try. Am i doing something wrong here? Am I retarded?

I never had much luck with aircrack tools on Windows. Try *nix.

devine · 09-11-2005

Quote:

Originally Posted by dunning

I have the same problem as this person. When I start up airodump I always choose no for collecting IV's only. I'l get say about 50,000 and then when I load it into aircrack 2.1 it'l say like 12,000.

I use aircrack 2.1 because I cant seem to get 2.3 to work. When I try to choose an option it just says "press ctrl+c to exit" . It says this for any option I try. Am i doing something wrong here? Am I retarded?

I've done very little testing with the Win32 port, so I recommend using airodump/aircrack under linux.

xxsubz78x · 09-11-2005

Ok, I managed to get it to work on my home network. I have 2 NICs (one is an integrated Intel 2200BG Centrino and one is a cardbus Cisco Aironet a/b/g. With the builtin NIC I initiated a ping flood (i.e. ping 192.168.0.1 -t) and with the Cisco NIC I ran airodump for about 24 hrs to capture 300,000 IVs. It found the key in about 10 seconds.

Questions:
1. Is it normal for it to take this long to capture enough IVs to crack the WEP key?

2. How would this work in a real-world scenario? Do you have to sniff that long to get enough IVs? (i.e if somebody was sitting outside in the parking lot and there's hardly any activity on the WLAN, would they have to sniff that long to get enough IVs?)

3. If there's more activity on the wireless LAN, I'm assuming you get more IVs faster, right??

theprez98 · 09-12-2005

Quote:

Originally Posted by xxsubz78x

1. Is it normal for it to take this long to capture enough IVs to crack the WEP key?

With a lot of traffic across a wireless network (i.e., ping flood or downloading a large .iso file) you should receive a few hundred thousand IVs within 5-10 minutes.

Quote:

Originally Posted by xxsubz78x

2. How would this work in a real-world scenario? Do you have to sniff that long to get enough IVs? (i.e if somebody was sitting outside in the parking lot and there's hardly any activity on the WLAN, would they have to sniff that long to get enough IVs?)

If you don't have access to the network, yes, you'd have to wait, unless you used aireplay (with permission, of course). In that case, you could capture enough IVs in perhaps 10-15 minutes.

Quote:

Originally Posted by xxsubz78x

3. If there's more activity on the wireless LAN, I'm assuming you get more IVs faster, right??

Generally, yes.

Keep in mind these responses are based on my experiences, some other people may have slightly different answers.

xxsubz78x · 09-12-2005

1. When I ran the ping flood (ping xxx.xxx.xxx.xxx -t), it took 24 hrs to get enough IVs... you're saying it should only take 10-15 min. Am I doing something wrong??

I've also tried downloading some large .iso files (about 15-30 gigs of stuff) and it still took a very long time to capture enough IVs.

300,000 in 24 hrs.. that seems like an extremely long time.

Dutch · 09-12-2005

Quote:

Originally Posted by xxsubz78x

1. When I ran the ping flood (ping xxx.xxx.xxx.xxx -t), it took 24 hrs to get enough IVs... you're saying it should only take 10-15 min. Am I doing something wrong??

I've also tried downloading some large .iso files (about 15-30 gigs of stuff) and it still took a very long time to capture enough IVs.

300,000 in 24 hrs.. that seems like an extremely long time.

Use a reinject capable card under Linux, and you can conisistently collect enough IV's and break the WEP key in less than 20 minutes.

Continue to use Windows, and you you just have to wait.

Your choice.

Dutch

09-09-2005	#1 (permalink)
xxsubz78x Registered Member Join Date: Sep 2005 Posts: 14	Aircrack 2.3 & airodump WEP cracking Hi, I know this is not a Windows forum but the creator of Aircrack said he checks this forum pretty often. I am using Airodump for Windows and I have a Cisco Aironet a/b/g card. I've installed the new driver because it wouldn't work with the Cisco driver. I ran airodump and it was capturing IVs... I let it go until it got to over 1.2 million in the data column. When it asked me the question about capturing only IVs I said Yes. Then I stopped it and I ran aircrack -a 1 wepkey.ivs It started running but it only shows 46981 IVs instead of the 1.2 million that I got with Airodump. I let it run for about 3 hours and it didn't seem to come up with anything. Am I supposed to see a message "Wep key found" ?? I'm thinking I don't have enough IVs but I don't understand why Airodump would count the DATA over 1.2 million and Aircrack only showd 46,981. I tried to generate wireless traffic by having another laptop on the WLAN download big files from an FTP server. I've heard some people saying that they can crack a wep key in about 20 min. Do they use a different program or what? Do you have to have a lot of traffic on the WLAN in order to capture enough IVs to crack a 128 bit key? One more thing: When I ran airodump it kept switching between WEP and WPA.

09-09-2005	#2 (permalink)
xxsubz78x Registered Member Join Date: Sep 2005 Posts: 14	forgot something the .ivs file captured by airodump was about 267 kb.

09-09-2005	#5 (permalink)
xxsubz78x Registered Member Join Date: Sep 2005 Posts: 14	how much traffic needs to be generated? How much traffic do I need to generate on the wireless network in order to get the IVs I need and how long does it usually take to capture enough IVs? Also, did I use the right options in aircrack. ie. aircrack -a 1 wepkey.ivs ?? or should I be playing around with the fudge factor and all that? How big should the .ivs file be? Will I get a message WEP KEY FOUND?? How long should it take to crack the key with enough IVs? I just want to know if I should let it go for 30 min.... or if it's not found after a few minutes, start over??

09-11-2005	#10 (permalink)
xxsubz78x Registered Member Join Date: Sep 2005 Posts: 14	real world scenarios for wep cracking Ok, I managed to get it to work on my home network. I have 2 NICs (one is an integrated Intel 2200BG Centrino and one is a cardbus Cisco Aironet a/b/g. With the builtin NIC I initiated a ping flood (i.e. ping 192.168.0.1 -t) and with the Cisco NIC I ran airodump for about 24 hrs to capture 300,000 IVs. It found the key in about 10 seconds. Questions: 1. Is it normal for it to take this long to capture enough IVs to crack the WEP key? 2. How would this work in a real-world scenario? Do you have to sniff that long to get enough IVs? (i.e if somebody was sitting outside in the parking lot and there's hardly any activity on the WLAN, would they have to sniff that long to get enough IVs?) 3. If there's more activity on the wireless LAN, I'm assuming you get more IVs faster, right??

09-12-2005	#12 (permalink)
xxsubz78x Registered Member Join Date: Sep 2005 Posts: 14	more wep cracking questions 1. When I ran the ping flood (ping xxx.xxx.xxx.xxx -t), it took 24 hrs to get enough IVs... you're saying it should only take 10-15 min. Am I doing something wrong?? I've also tried downloading some large .iso files (about 15-30 gigs of stuff) and it still took a very long time to capture enough IVs. 300,000 in 24 hrs.. that seems like an extremely long time.

09-10-2005	#7 (permalink)
dunning Posts: n/a	I have the same problem as this person. When I start up airodump I always choose no for collecting IV's only. I'l get say about 50,000 and then when I load it into aircrack 2.1 it'l say like 12,000. I use aircrack 2.1 because I cant seem to get 2.3 to work. When I try to choose an option it just says "press ctrl+c to exit" . It says this for any option I try. Am i doing something wrong here? Am I retarded?

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode