Can't get any ARP WUSB54GC
Hi,
Does somebody know why I can't get any ARPs with BT2 and Linksys WUSB54GC ? Here's what I've done :
-Downloaded rt73-ASPJ-1.1.0.tgz
-Installed with :
-> "/usr/bin/tgz2lzm rt73-ASPJ-1.1.0.tgz rt73-ASPJ-1.1.0.lzm"
Then I've reloaded rt73
-> "rmmod rt73"
-> "modprobe rt73"
Then
-> "ifconfig rausb0 up"
-> "iwconfig rausb0 mode monitor channel 10 rate 1M"
-> "airmon-ng start rausb0"
Then
-> "airodump-ng --write tuto --channel 10 --bssid APBSSID rausb0
-> (Another Konsole) aireplay-ng -3 -e APESSID -b APMAC -h MACSTATION rausb0
What did I miss ?
Thanks in advance
Hi, I bought a WUSB54GC today and it's working out of the box with BT3 beta running off a usb drive.
I just had to run "ifconfig rausb0 up" and then "airmon-ng start rausb0 10" (10 is the channel).
I can't post the links but they can be found at aircrack-ng.org under Tutorial -> Simple WEP Crack & How to crack WPA/WPA2
I had similar issues. Try running different aireplay attacks instead of 3.
Try :
Attack 2: Interactive packet replay
and
Attack 5: Fragmentation attack
I was able to successfully get arp replies in this way with this card.
I tried this method but I didn't have more ARPs...Originally Posted by jakeblat
I tried
-> "aireplay-ng -2 -b MACAP -h MACWUSB54GC rausb0", same with -5 but It doesn't seem to have an important impact on Ivs, I've got 15 Ivs in 5min...
I had problems with that card as well...
Try a chopchop attack (that's -3), and then use packetforge to make your own packet for sending.
Also, check what aircrack-ng --test shows.
Shaamaan
Free will is an illusion...
Shaamaan, thanks for your answer but what's the exact command for packetforge ?
On BT3, aircrack-ng -9 works well, about 70%.
I had everything working yesterday, but it's not working today. I've followed exactly the same steps and not had any luck.
I've run "aireplay-ng -9 rausb0" and got some strange results.
First run:
Second run:Code:Trying broadcast probe requests... No Answer... Found 1AP Trying directed probe requests... 00:00:00:00:00:00 - channel: 1 - 'test' Ping (min/avg/max): 4.072ms/35.774ms/84.050ms Power: 103.62 13/30: 43% Injection is working
The % seems to vary from 0% to 43% yet i'm not changing anything.Code:Trying broadcast probe requests... No Answer... Found 1AP Trying directed probe requests... 00:00:00:00:00:00 - channel: 1 - 'test' 0/30: 0%
1)chopchop is -4
2) bgirkal seems like u missed fake auth.... also u can try "aireplay -9 -a apmac -B iface" and see what it gives. Make sure you lock right channel.
3) just finished attack with wusb54gc ( ~350 #/s ). Used -5 to get .xor then built arprequest with packetforge, then aireplay -2 -r arprequest iface.
4) for -3 need to be patient...
5) good night
1) I'll try with -4, so i'll write
-> "aireplay-ng -4 -e ESSID -b MACAP -h MACSTATION rausb0. Is it right ?
2) I've tried fakeauth, it worked but It had no impact on injection...
3) If you could give me the exact commands on BT3, It will help me a lotI don't really know how packetforge works...
4) Without traffic, I've got 1000 IVS, running 4hrs...
Thanks a lot for the help you're giving me
Tried "aireplay-ng -4 -e ESSID -b MACAP -h MACSTATION rausb0" on BT3, didn't increase IVs...
Posting Permissions
