Printable View
What am I doing wrong?
I'm running airodump-ng and specifying my MAC, so I'm only collecting on one network. I've collected over 1.6 million beacons (although they don't help cracking) and 257,000+ data packets, but aircrack-ng in another tab isn't yet successful.
I've also installed wepattack and it fails, too.
What am I doing wrong?
try increasing the "fudgefactor"
aircrack-ng -f 4 cap01.cap
sometimes this is the difference between cracking in 250,000 ivs and 5,000 ivs
Are you certain you're targeting one AP? Make sure in airodump that you're only looking at the AP of choice. If not, make sure you set the MAC of the AP and the corresponding channel.
Interesting. By the time I cracked it (~2M beacons, 350k data packets, 75k IVs) I also noticed that the number of IVs wasn't nearly as high as the number of packets. I usually have 80% of my data packets including IVs, but this time it was closer to 25%. So I guess the number of IVs was still in the "normal" range for cracking the password, but it's strange that I had to collect so many data packets to get there.Quote:
Originally Posted by crweedon
I'll work on the -f switch, thanks for that tip. Am I right in reading that it'll take longer (trying a broader range of keys), but can often require fewer captured IVs?
Yes, you read that correctly.Quote:
Originally Posted by eeepclover
But keep your eye on the ball: For purposes of cracking WEP, beacon count matters not. It's the data packets count that you require.
I agree, beacon count is pointless, but it's the IVs in the data packets that count, right? Not just data packets.Quote:
Originally Posted by kidFromBigD
It's really the IVs that matter, not the data packets, right? What do you see is usually the relationship between the two? I know that "most data packets have IVs", but is it 60%? 95%? What do you usually see?Quote:
Originally Posted by kidFromBigD
yes it is the IV count you are looking for a very simply broken down explanation of this is wiki: initialization vector