Possible Wrong Decrypted Key From Aircrack ?

Hey everyone,

So after cracking WEP's and testing out aircrack for a while, I managed to try a "hidden network" I was able to retrieve the hidden essid and everything was running like it was suppose to be, using airodump and aireplay. It may be a coincidence but aircrack did its job and KEY FOUND! Decrypted 100% and all that good stuff. Gave me a loooong HEX WEP and thats it, no additional passphrase or ASCII, nothing. Just the long WEP Key.

I attempted to connect using the key and taking out the " : " in between each set of numbers like you always do, and over and over I kept getting "bad password" errors using the wifi network manager in BT4 R2. I even changed the properties for different WEP encryption's and still failed at connecting.

I know that most of you would think, as would I, that there would have been something after the long wep key, but there was not. I am curious if it was possible that aircrack gave me wrong information? Has this happened to anyone else?

Also, if the router is set up to only accept certain MAC addresses, would I still get a bad password error?

Thanks for reading the novel everyone. Unfortunately I do not have all of the information saved in a convenient file or screen shot. You will just have to take my word for it. Thanks everyone.

http://www.grape-info.com/doc/linux/...ck-ng-0.6.html

This guide seems to show what you need. The difference between the process you are describing and the process this guide describes is that you should not be removing the colons. This guide also is using the command line to connect to access point. I believe that you are using WICD which I have not had any luck using to connect to my home access point.

It sounds like it's not your access point and what you are doing is illegal... Maybe you should try to configure your own network to the settings you want to test.
Anyway, sounds like MAC filtering to me.

Try to first crack your own domain and ask permission to owner if it isn't yours. Comax is right, you sound like your breaking into others wireless connection.

Can you connect to your own AP without bad password or the AP you are trying with the correct password supplied by the owner?.

If not try the following, I have had bad password problems several times and each time solved by :-

removal # aptitude remove network-manager
restart # /etcinit.d/wicd restart

Dynamic wep anyone?

Yes, I can connect no problem to my own network. By the way, I DO have permission to crack the WEP. Regardless of that fact, it is still a legitimate issue and would still require a solution.

Quote:

---

Originally Posted by gunrunr

Dynamic wep anyone?

---

Meh. It's not much widespread and I surely think he would know about it if it was his network. And what are the odds for the wep key to change immediately after cracking ? Mac filtering suits best and it surely is something you forget to turn off when cracking your wep key.

(Spoiler : might contain some irony. Not directed to you gunrunr ;) )

none taken, im also skeptical of those people who black out or xx out their mac addresses on here what are you hiding, the oui and hardware address are no longer unique and don't really have to be hidden, and don't hide NATed addresses like 172.128.54.1 too no reason. on the other hand hiding thew address on the outside of your network is worth obfuscating!

For what it's worth, on a network with a long WEP key I did get a false positive result from Aircrack. It said that it had cracked the key value and gave a result, but it wasn't correct (since it was my network, I actually knew this!). I tried to use it to connect to my net, just in case it was a value that somehow matched the hash for my AP WEP key (assuming the AP uses hashes...) and it didn't work. Bad password message and all.

Ran the whole process over again, re-generated 1.3 million IVs from my AP, ran aircrack and got a different result, this time the correct WEP key. So actually, yes, aircrack can occasionally give a false positive.