[Video] Cracking WiFi - Sniffing Traffic (airdecap-ng & wireshark)

I think he is putting in the wep key from the video.

Quote:

---

Originally Posted by Archangel.Amael

I think he is putting in the wep key from the video.

---

As Archangel.Amae said, this is the Wireless WEP Network key, which I crack from the video before:
http://www.backtrack-linux.org/forum...rcrack-ng.html

Code:

---

airdecap-ng -e g0tmi1k -w 59EF19C76A output-01.cap
airdecap-ng -e [ESSID] -w [WEP_KEY] [FILENAME].cap
ESSID = Wireless Network Name
WEK_KEY = The wireless key (see the link above, how to capture this.)
FILENAME = The output from airmon-ng

---

Hope that helps

g0tmi1k

Hi,
When I try airodump-ng eth1, it comes back with:

"ARP linktype is set to 1 (ethernet) - expected ARPHRD_IEEE80211, ARPHRD_IEEE80211_FULL or ARPHRD_IEEE80211_PRISM instead. Make sure RFMON is enabled: run 'airmon-ng start eth1 <#>'
Sysfs injection support was not found either.

I do run airmon-ng start eth1, nothing happens.

Would this be due to the fact that I am running BT4 off a Live USB?

Would really like some help with this.

Thanks

Quote:

---

Originally Posted by keyzer11

Hi,
When I try airodump-ng eth1, it comes back with:

"ARP linktype is set to 1 (ethernet) - expected ARPHRD_IEEE80211, ARPHRD_IEEE80211_FULL or ARPHRD_IEEE80211_PRISM instead. Make sure RFMON is enabled: run 'airmon-ng start eth1 <#>'
Sysfs injection support was not found either.

I do run airmon-ng start eth1, nothing happens.

Would this be due to the fact that I am running BT4 off a Live USB?

Would really like some help with this.

Thanks

---

As far as I know, you can only use wireless network cards for this. You are using your ethernet NIC.

Quote:

---

As far as I know, you can only use wireless network cards for this. You are using your ethernet NIC.

---

If you want to Sniff traffic in a WiFi of course you need a wireless network card ;).

Quote:

---

Hi,
When I try airodump-ng eth1, it comes back with:

"ARP linktype is set to 1 (ethernet) - expected ARPHRD_IEEE80211, ARPHRD_IEEE80211_FULL or ARPHRD_IEEE80211_PRISM instead. Make sure RFMON is enabled: run 'airmon-ng start eth1 <#>'
Sysfs injection support was not found either.

I do run airmon-ng start eth1, nothing happens.

Would this be due to the fact that I am running BT4 off a Live USB?

Would really like some help with this.

Thanks

---

Is your network card correctly installed ? Does it support Injection ?

airmon-ng start YOURINTERFACE THE DESIRED CHANNEL

Is it possible to sniff the ssl too in wifi and how? I think wireshark can't do this.
like we use sslstrip over lan?

Quote:

---

Originally Posted by keyzer11

Hi,
When I try airodump-ng eth1, it comes back with:

"ARP linktype is set to 1 (ethernet) - expected ARPHRD_IEEE80211, ARPHRD_IEEE80211_FULL or ARPHRD_IEEE80211_PRISM instead. Make sure RFMON is enabled: run 'airmon-ng start eth1 <#>'
Sysfs injection support was not found either.

I do run airmon-ng start eth1, nothing happens.

Would this be due to the fact that I am running BT4 off a Live USB?

Would really like some help with this.

Thanks

---

eth? = Wired
wlan?/wifi?/auth? = Wireless
You cant sniff a wireless network using a wire ;)
*if your in virtualbox, and have linked your internal wifi card virtualbox converts it to a wired connection. You will need a external one.*

Quote:

---

Is it possible to sniff the ssl too in wifi and how? I think wireshark can't do this.
like we use sslstrip over lan?

---

You will need the certificate to sniff this (i believe). Yes you can use sslstrip to remove the need for this ;)

Thanks for the tutorial. I try to my AP(for understand how its work, this way better). But. I get the data(cookie, and not the .authbasic(wireshark)). And now i want to find solution how to use thats all i have at this moment. Because no passwords(some times logins in cookie) i get. Or they in md5(?).

And i want to ask there is one tool for use with the captured and decrypted data wifizoo v1.3. Why you not use this tool? BTW i thy to use it but unsuccessful. He wont read the encrypted data(airdecap-ng).

Thanks for the tutorial ,very helpful :) :) :)