Page 1 of 2 12 LastLast
Results 1 to 10 of 16

Thread: WPa Passphrase trouble?

  1. #1
    Just burned his ISO
    Join Date
    Mar 2010
    Posts
    22

    Default WPa Passphrase trouble?

    Why dosnt airodump capture the wpa passphrase?
    I've set up my wlan with: wlanconfig ath0 create wlandev wifi0 wlanmode monitor
    changed macc with macchanger, brought the ath0 up, set it to listen with wlanconfig ath0 channel 13

    starting airodump-ng -w test -c 13 ath0

    connecting to my AP with my other computer but yet i am not getting the passphrase? also used the deauth attack wich results in nothing, client get's d/c and connected again but no pass phrase captured from airodump.


    What am I doing wrong? in whireshark i got tons of eapol / key packets but no passphrase. I could use some help here, please.

  2. #2
    Senior Member
    Join Date
    Jan 2006
    Posts
    1,334

    Default

    Are you expecting the passphrase to just "show up" in Wireshark?
    It doesn't work like that


    Follow the guides in the "Tutorials and Guides" section

  3. #3
    Just burned his ISO
    Join Date
    Mar 2010
    Posts
    22

    Default

    No i dont expect the passphrase to just show up. My question was why dosn't airodump show that it has sniffed the passphrase packets, the four-way handshake when i force clients to d/c.

    I've followed a guide, this one. Check this out and tell me what i am doing wrong :S

    smallnetbuilder.com/content/view/30278/98/

  4. #4
    Junior Member aggtrfrad's Avatar
    Join Date
    Apr 2008
    Posts
    74

    Default

    maybe u only get the eapol packets from the AP, and you are missing the ones from the client, there's a huge difference in signal power between APs and clients. Also for airodump to capture the passphrase it needs to capture all four packets transmitted during the 4-way-handsake.
    Try opening wireshark (along with airodump) and set filtering to show eapol packets only. then deauthenticate one client (but send ONLY 1 deauth packet).
    well if you capture 4 packets at wireshark (two from AP->client and two from client->AP), but airodump still doesnt show that it got the handshake, then there is some problem with airodump. but I am 99% sure that you are missing packets.
    -Google is watching you

    -June 1, 2001, Microsoft CEO Steve Ballmer: "Linux is a cancer that attaches itself in an intellectual property sense to everything it touches."

  5. #5
    Senior Member shamanvirtuel's Avatar
    Join Date
    Mar 2010
    Location
    Somewhere in the "Ex" human right country
    Posts
    2,988

    Default

    aircrack-ng don't need the full handshake , with newer version according to Mister_X.

    it only needs half handshake .....
    Watch your back, your packetz will belong to me soon... xD

    BackTrack :
    Giving Machine Guns to Monkeys since 2006

  6. #6
    Just burned his ISO
    Join Date
    Mar 2010
    Posts
    22

    Default

    Quote Originally Posted by aggtrfrad View Post
    maybe u only get the eapol packets from the AP, and you are missing the ones from the client, there's a huge difference in signal power between APs and clients. Also for airodump to capture the passphrase it needs to capture all four packets transmitted during the 4-way-handsake.
    Try opening wireshark (along with airodump) and set filtering to show eapol packets only. then deauthenticate one client (but send ONLY 1 deauth packet).
    well if you capture 4 packets at wireshark (two from AP->client and two from client->AP), but airodump still doesnt show that it got the handshake, then there is some problem with airodump. but I am 99% sure that you are missing packets.
    The power shouldn't be any problem, since both computers are next to the AP since it's my own AP im testing on.And i've only sent the deauth attack once and got few eapol packets, but yet aircrack shows there's 0 WPA passphases captured :S Kinda wierd..

    And i'm getting the eapol packets from both AP and Client, yet it says there's no handshake, im all lost here, how come? And when i simply run aircrack <dumpfile> it says <AP-mac> <AP-name> EAPOL+WPA(0 Handshake)
    Not getting why airodump dosnt get the packets, anything else i can change in the airodump to get it?
    starting it with airodump -w output-file -c channel interface

    Help a newbie out here please :S

  7. #7

    Default

    Quote Originally Posted by slaffe View Post
    No i dont expect the passphrase to just show up. My question was why dosn't airodump show that it has sniffed the passphrase packets, the four-way handshake when i force clients to d/c.

    I've followed a guide, this one. Check this out and tell me what i am doing wrong :S

    smallnetbuilder.com/content/view/30278/98/

    Yes this is pretty standard way of testing your network & checking security of your passphrase, I might have missed it, but did you manage to get a wpa handshake? Have you successfully managed to follow the steps in the link you posted, or with any of the video or tutorials on this forum?

    *edit*
    I found this not sure if it will help in anyway, but hope it does a little

  8. #8
    Just burned his ISO
    Join Date
    Mar 2010
    Posts
    22

    Default

    No, i am not getting the WPA handshake that is supposed to be shown in airodump when you capture it. according to all guides i've seen. But i am not getting it, the client connects back to the ap but still not getting any handshake at all. I keep airodump running in the background while disconnecting the client both with aireplay and ffrom the computer to check if theres any difference but nope.

    Still not getting the handshake, why? :S

  9. #9

    Default

    Quote Originally Posted by slaffe View Post
    No, i am not getting the WPA handshake that is supposed to be shown in airodump when you capture it. according to all guides i've seen. But i am not getting it, the client connects back to the ap but still not getting any handshake at all. I keep airodump running in the background while disconnecting the client both with aireplay and ffrom the computer to check if theres any difference but nope.

    Still not getting the handshake, why? :S
    Tell you what, post your exact commands here so we can see your output, or you can follow my simple video tutorial here I use airolib-ng but that's just for speed, all the other commands are standard

  10. #10
    Just burned his ISO
    Join Date
    Mar 2010
    Posts
    22

    Default

    I've watched your vid and i am doing the exact thing as you are. I set up airodump as you do, start another terminal and start the deauth attack with aireplay and the client dissconnects but i am not getting the "WPA handshake" the client just connects back and keeps on running. Dosnt matter if i d/c the client/s 1 or 20 times, i am still not getting the WPA handshake. And i can't for the love of god figure out why :@

    Thanks alot for replying on my posts btw

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •