(Aircrack)Yet another WEP cracking tool for Linux

Minimum IV keys needed

Postby flakeys » Fri Jul 01, 2005 7:24 am

Does anyone have a clue?
I have 100,000 and it runs for hours.
flakeys
Mini Stumbler
 
Posts: 6
Joined: Wed Apr 20, 2005 7:37 pm

Postby MainSail » Sat Aug 20, 2005 1:18 am

Is there a way to see wich version of aircrack you are using ?
I installed the 2.23 version but it still shows 2.2 :confused:
MainSail
Mini Stumbler
 
Posts: 2
Joined: Sat Aug 20, 2005 1:11 am

Postby Weifei » Sun Aug 21, 2005 8:11 am

MainSail,

yes, there is a way:

Apply this patch and you are done from now on...

Cheers
Weifei
Weifei
 
Posts: 8
Joined: Thu Aug 04, 2005 11:22 am

Postby Bubster » Sun Aug 21, 2005 8:36 pm

Hi,
I'm using a DWL-650 V.P1 Prism2 based card and everything seems to work fine until I try aireplay. There is no traffic on this router as it is my personal network. When I start aireplay, it reads and sends packets yet I hardly ever get any ARP's/IV's.

I'm using the new Whax iso.

Anybody have the same problem or some enlightenment? Thanks
Bubster
Mini Stumbler
 
Posts: 1
Joined: Sun Aug 21, 2005 8:31 pm

Postby Dutch » Mon Aug 22, 2005 1:11 am

Bubster wrote:Hi,
I'm using a DWL-650 V.P1 Prism2 based card and everything seems to work fine until I try aireplay. There is no traffic on this router as it is my personal network. When I start aireplay, it reads and sends packets yet I hardly ever get any ARP's/IV's.

I'm using the new Whax iso.

Anybody have the same problem or some enlightenment? Thanks


No traffic = no ARP request for aireplay to pick up, and reinject.
Read the Aircrack suite documentation, in order to find out what options you have for generating traffic, which can then be used to get an ARP to reinject. It's quite clearly explained there.
We don't spoonfeed, when it is explained clearly in the documentation.

Dutch
All your answers are belong to Google. SEARCH DAMMIT!
Warning. Warning.
Low C8H10N4O2 level detected. Operator halted....
User avatar
Dutch
 
Posts: 6698
Joined: Fri Mar 05, 2004 12:00 pm
Location: City of Mermaids, Denmark

Postby MainSail » Mon Aug 22, 2005 8:38 am

Weifei wrote:MainSail,

yes, there is a way:

Apply this patch and you are done from now on...

Cheers
Weifei


He Thanks !!!! :) :)
MainSail
Mini Stumbler
 
Posts: 2
Joined: Sat Aug 20, 2005 1:11 am

aireplay... curious results

Postby Taran » Tue Aug 23, 2005 4:56 am

I'm a bit confused by the results I get when I use aireplay. I am using one notebook with a Prism2 card to run aireplay and another notebook with an Intel 2200 B/G card running Kismet for capture. I capture an appropriate ARP packet and replay it without issue, however Kismet does not see any unique IV's being captured. For every "Cryptd" packet it shows captured for the network, it shows a "Dupe IV" packet as well. I'm sure there is something obvious I'm missing, but I've read this entire thread and the documentation and cannot determine what I'm doing wrong. Any help would be appreciated. Thank you.
Taran
 
Posts: 2
Joined: Tue Aug 23, 2005 4:34 am
Location: Ann Arbor, MI

Postby devine » Tue Aug 23, 2005 5:02 am

Taran wrote:For every "Cryptd" packet it shows captured for the network, it shows a "Dupe IV" packet as well.


This is normal. It shows that the packet is being injected. You don't get a response, either because your source MAC is not associated, or the destination IP doesn't respond.
devine
 
Posts: 389
Joined: Thu Jul 29, 2004 10:09 am
Location: Paris

Postby Taran » Tue Aug 23, 2005 5:12 am

devine wrote:This is normal. It shows that the packet is being injected. You don't get a response, either because your source MAC is not associated, or the destination IP doesn't respond.


So, just to clearify for me, the aireplay ARP attack is meant to get 1 Dupe IV (the replay packet) for every 1 Unique IV (the ARP response), correct?
Taran
 
Posts: 2
Joined: Tue Aug 23, 2005 4:34 am
Location: Ann Arbor, MI

Postby thezerogorup » Mon Aug 29, 2005 9:33 am

airodump collects many packets but no WEP keys using the ipw2200 drivers. . . any ideas on where I can start looking to find out why. My card is defiantly working in monitor mode. . . hence the packets I’m collecting. I tried everything on my home network to generate as much traffic as possible, but after 3 days of collecting no IVs
thezerogorup
Mini Stumbler
 
Posts: 4
Joined: Mon Aug 29, 2005 4:00 am

Postby wham » Mon Aug 29, 2005 10:08 am

thezerogorup wrote: My card is defiantly working in monitor mode

Did you tell it not to?
wham
Mini Stumbler
 
Posts: 304
Joined: Mon Feb 21, 2005 6:21 pm
Location: /dev/urandom

Postby magicmilo » Thu Sep 15, 2005 12:41 pm

OK - first post... let's see if I got my ducks in order.

- I searched and searched for a similar issue and could find none.
- I read threads that may have addressed my situation, ditto.
- I own the AP, the wireless card and computer I was running airodump/aircrack against.
- The network I was testing was my own, and I alone selected the WEP key for my AP.

I use the newest version of Auditor (auditor-200605-02-ipw2100), and have updated my version of aircrack to 2.3. I used a HP tc1100 PC for the "auditing". The AP is a Linksys WRT54G.

I captured three separate .ivs files of 549k, 1.45M, and 7.7M IVs. I used packet injection in one instance and downloading files for the other two. Since I know what the WEP key is, aircrack incorrectly guessed the first key-byte and goes to only 10 key-bytes before it starts doing it's thing. I would think it would go to 12, but i may be wrong.

I've tried all of the korek cracks, -k1 though 17. I've tried raising and lowering the fudge factor. Should I just try this on another AP? I've heard that Linksys is difficult to crack for some reason. Anyways, I hope that covers my question - i feel like George Castanza asking the Soup Nazi for bread! Thanks, folks!
magicmilo
Mini Stumbler
 
Posts: 1
Joined: Thu Sep 15, 2005 12:19 pm

Postby Thorn » Thu Sep 15, 2005 1:17 pm

magicmilo wrote:... Anyways, I hope that covers my question - i feel like George Castanza asking the Soup Nazi for bread! Thanks, folks!
Who (what) are George Castanza and Soup Nazi?
Thorn
Stop the TSA now! Boycott the airlines.
Thorn
 
Posts: 10340
Joined: Sat Apr 13, 2002 3:00 am
Location: Villa Straylight

Postby wrzwaldo » Thu Sep 15, 2005 1:19 pm

Thorn wrote:Who (what) are George Castanza and Soup Nazi?



No soup for you. One year!

http://www.stanthecaddy.com/the-soup-nazi.html
wrzwaldo
 
Posts: 8995
Joined: Sun Dec 14, 2003 12:43 pm

Postby streaker69 » Thu Sep 15, 2005 2:50 pm

Thorn wrote:Who (what) are George Castanza and Soup Nazi?


You really don't watch TV up there do ya?
Treat your gun like your genitals, only whip it out when it's absolutely necessary.
User avatar
streaker69
 
Posts: 11867
Joined: Thu Jul 08, 2004 10:09 am
Location: Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA

PreviousNext

Return to Unix/Linux

Who is online

Users browsing this forum: No registered users and 4 guests

cron