Advice for my WEP/WPA Cracker

[Benzene]

Been trying grimwepa for a bit and am having some issues. I have an intel 4965 card and I have tried to crack my WEP router but for some reason most of the time it doesn't seem to inject the packets correctly. I have used the fragmentation and ARP attacks. The only one that worked was the fragmentation and it worked once out of like 50 times I tried it. It says in the airodump-ng window "interface mon1 down" or that it is fixed to a channel other then the AP. The time it did work though this comment was absent from the first line of text. If need be I can give you a screenshot. Also if I start up my card in the console before opening grimwepa it still claims it needs to start the card (wlan0) in monitor mode and starts it as mon1 and mon0 is absent, as if it isn't there. The same errors occur even running under this mon1 interface.

Thanks for any help you can give me, and when the program did work that once, it worked very well.

[mixit]

To those with the 4965 chipset, it may be helpful if you were to let derv know whether or not grimwepa detected your chipset. I believe you should get some sort of message indicating that it has detected you have the 4965 chipset.

Check airodump-ng to make sure that you are still collecting data packets also. You should be able to create traffic on the network since its yours. For whatever reason, sometimes the wireless card seems to freeze and stops collecting data packets even if they exist. Not sure what the solution is, but just something to note.

Also, try "killall wicd wicd-client dhclient wpa_supplicant" before you start using the tool. The 4965 chipset is extremely finicky; everything has to be just right for it to work. Luckily I just got a new laptop and don't have to deal with it anymore

Good luck

[fjecp]

Nice tool, indeed! But unfortunately, I cannot use it

My laptop is a centrino one, with IPW2200, the "real" adapter is ETH1 and it creates a "virtual" one RTAP0 for being able to monitor and inject.

In fact the airodump and aireplay commands I have to issue when doing it "manually" are:

airodump-ng --bssid ......... -w dumpxx rtap0
aireplay-ng -4 ......... -i rtap0 eth1

When I execute grimwepa in BT4, it finds ETH1, but it doesn't find RTAP0, so, no way.

derv82, is there any possibility of including this hardware and IPW2200 in your tool? Is there any thing we could do by ourselves for being able to use such a good tool?

Thanks !

[shamanvirtuel]

this adapters are really sketchy ....

buy a better supported one ...

[fjecp]

It works really very fine for me, the only con is that all the commands have to be issue one by one.... this tool made it much more easy.... I don't feel it would be too difficult to do the modification, my problem is that I have NO knowledges of Java.

The other adapter I have, WL-682 USB I'm not able to have it recognised by BT4.

[cotiess]

Hello Derv82 you could make your program was compatible with Sponwpa Spoonwep2 and because each uses a different version of aircrak and therefore if you use one you can not use the other.
Sorry for my English, I am using a translator.

[UniCx]

hello derv82,
well sometimes..... grimwepa fails to inject..... i get as a come out
wep : either your card cant not inject or the AP is a pre shared key PSK
well my card can inject because with simple wep keys it works
so which attack to choose or what to with if the wep is Shared Key Authentication or (PSK but as far as i know that is only for wpa/wpa2)..???

[yourkitteh]

Hi! i am new here, i just downloaded virtualbox and have installed backtrack 4 on it. I have no experience with either linux or backtrack. i wanted to try out the grimwepa, but when i look in the list of wifi devices, there is no one there.. Please help me.

[derv82]

well sometimes..... grimwepa fails to inject..... i get as a come out
wep : either your card cant not inject or the AP is a pre shared key PSK
well my card can inject because with simple wep keys it works
so which attack to choose or what to with if the wep is Shared Key Authentication or (PSK but as far as i know that is only for wpa/wpa2)..???

UniCx,

Sometimes when you cannot inject, it is because you are too far from the router. If that isn't the problem, then it probably has something to do with Shared Key Authentication (SKA).

When I was writing Grim Wepa, I tried getting Shared Key Authentication to work, but airodump-ng would never create the .xor file. I figured it was a problem with my wireless card or router, or maybe my version of aircrack-ng (v1.0 r1661).

If you wish, you could start a shared key authentication manually via the command line BEFORE running Grim Wepa. Then injection should work for you!

There's a detailed explanation of how to authenticate with a Shared Key WEP encrypted router here: shared_key [Aircrack-ng]

I plan on writing a newer, more feature-filled version of Grim Wepa (v2.0) this summer, when I'm not bogged down with school and work. Hopefully I can get this feature working!!!

All the best,
Derv

[derv82]

Hi! i am new here, i just downloaded virtualbox and have installed backtrack 4 on it. I have no experience with either linux or backtrack. i wanted to try out the grimwepa, but when i look in the list of wifi devices, there is no one there.. Please help me.

You should definitely learn the steps behind what Grim Wepa automates before you start using it. The program is meant for people that know how to use the aircrack-ng suite via command-line so that they don't have to type the commands each time.

First and foremost, you need to learn your way around linux. I suggest reading online how to maneuver and manipulate files/directories via the linux command line, and also how the application/argument structure works. A guide that can tell you nearly everything you need to know to get around in Linux is here: Linux.ie :: The Beginners Linux Guide
Once you get a feel for typing commands into the console, you can be ready to move on.

Second, you need to know if your wireless card is compatible. To know that, you need to know the brand, model, and chipset of your wifi card. If it's a USB wireless dongle, you can type 'lsusb' at the console to see what Backtrack sees your card as. Compare your wireless card and chipset to the compatibility list of wireless chipsets can be found here: compatibility_drivers [Aircrack-ng] Sometimes you need to install patched drivers in order for the wireless cards to work in Backtrack, and sometimes you need to buy a new wifi card.

Third, you need to understand how everything works. I suggest using a tutorial or guide to help walk you through the process; a decent tutorial for cracking WEP for beginners can be found here: Cracking WEP Using Backtrack: A Beginner's Guide - Ryan Underdown

Other than that, everything you want to do can be found using Google. If you want to know more about something, or if you have a question, GOOGLE IT! If you want to crack WPA, type "Backtrack crack wpa" and sift through the results. You should only post a question on these forums AFTER you've gone through every possible Google result and still have no answer (protip: posts should be few and far between).