Results 1 to 7 of 7

Thread: .cap file simple question

  1. #1
    eltoro1999@yahoo.com
    Guest

    Default .cap file simple question

    Hey guys, just out of curiosity, after you crack a network, does backtrack keep the .cap file it used? and, can you use the same file to crack that same network again?

    Also, is the key logged anywhere after you breach a network?

    thx.

  2. #2
    Just burned his ISO
    Join Date
    Oct 2008
    Posts
    11

    Default

    I think that the .cap files are saved in /root (assuming that's where you're running your commands from). If you're doing a live install with no changes, the cap files will be removed when you poweroff or reboot. I don't see any reason you couldn't use the same file on the same network, unless the key changed.

  3. #3
    Member
    Join Date
    Sep 2008
    Posts
    146

    Default

    assuming you use airodump with the " -w filename" command it will write a file called "filename-01.cap" to your root directory. From there you can move it where ever you want or even use a different cracking program since most will accept the .cap format even under windows.
    Morpheus: "You take the blue pill - the story ends, you wake up in your bed and believe whatever you want to believe. You take the red pill - you stay in Wonderland and I show you how deep the rabbit-hole goes."

    Neo: "What if I take both?"

    Morpheus: "Don't do that! You end up like Nick Nolte!"

  4. #4
    eltoro1999@yahoo.com
    Guest

    Default

    Quote Originally Posted by Buck1320 View Post
    I think that the .cap files are saved in /root (assuming that's where you're running your commands from). If you're doing a live install with no changes, the cap files will be removed when you poweroff or reboot. I don't see any reason you couldn't use the same file on the same network, unless the key changed.
    Thx for answering, yes im running it from a live cd, i noticed because i was testing my network a few times to see what was the least amount of IVs it took to break the key, and everytime i booted into BT the .cap file was not where it was saved the previous time, thats why i asked.

    I noticed also that everytime i boot into BT there is internet connection,obviously once i start configuring my card the connection drops, is there a command to enable that internet connection again, i tried the very obvious,
    # ifconfig [interface] up
    # airmon-ng start [interface]

    since thats the only card configuration i do so far, but the wireless manager within Start>Backtrack doesnt pick up any signal.

    The reason i ask this is because im still reading on dual booting and im not comfortable yet to try it, and i'd like to have that internet connection available while on BT so i can read and try things a little easier.

    ty

  5. #5
    Just burned his ISO
    Join Date
    Oct 2008
    Posts
    11

    Default

    You have to put your card into monitor mode before anything will show up in the wireless manager. Try searching the forums, there have been a few threads that cover this.

  6. #6
    Member
    Join Date
    Sep 2008
    Posts
    306

    Default

    Quote Originally Posted by Buck1320 View Post
    You have to put your card into monitor mode before anything will show up in the wireless manager. Try searching the forums, there have been a few threads that cover this.
    That's wrong! How do you hit on it? Monitor mode is to gahter all the frames arround, and some devices even cannot send any packets in that mode.
    If you go to attemp internet connection, you wouldn't use monitor mode.

    Thx for answering, yes im running it from a live cd, i noticed because i was testing my network a few times to see what was the least amount of IVs it took to break the key, and everytime i booted into BT the .cap file was not where it was saved the previous time, thats why i asked.
    You are surprised about that? You are on a live cd ... so how should the file be saved on a read only medium. To get your changes saved, you've to do a install, or search the forum for the changes options.

    Since the wireless manager still is very buggy use the command line.
    To get your internet working with WEP type the following:

    • iwconfig <interface> essid "name_of_your_net" key "your_WEP_key"
    • iwconfig <interface> up
    • dhclient <interface>

    I will also advice you to use the USB-Version with changes.
    I think that's the best choice for you atm.

    Good luck,
    Be sensitive in choosing where you ask your question. You are likely to be ignored, or written off as a loser, if you:

    * post your question to a forum where it's off topic
    * post a very elementary question to a forum where advanced technical questions are expected, or vice-versa
    * cross-post to too many different newsgroups
    * post a personal e-mail to somebody who is neither an acquaintance of yours nor personally responsible for solving your problem

  7. #7
    eltoro1999@yahoo.com
    Guest

    Default

    Quote Originally Posted by terminal86 View Post
    You are surprised about that? You are on a live cd ... so how should the file be saved on a read only medium. To get your changes saved, you've to do a install, or search the forum for the changes options.
    I wasnt surprised by it, i just didnt know... ty very much for the info, ill try that next time. Also, i know this doesnt relate to the topic of the thread but i was testing ARP poisoning on my network, after folowing all the steps in the tutorial i was logging in to my email from the "victim pc" but there was nothing showing up on the "attacker" so i went under plugins and clicked on the option to check if the ARP poisoning was succesful and it hadnt been....

    any input on this?

    Quote Originally Posted by terminal86 View Post
    Since the wireless manager still is very buggy use the command line.
    To get your internet working with WEP type the following:

    • iwconfig <interface> essid "name_of_your_net" key "your_WEP_key"
    • iwconfig <interface> up
    • dhclient <interface>

    I will also advice you to use the USB-Version with changes.
    I think that's the best choice for you atm.

    Good luck,
    I gave this a try, im having a little trouble tho, the second command i think you meant "ifconfig" instead of "iwconfig", and after the third command i get this:

    Internet Systems Consortium DHCP Client V3.0.6
    Copyright 2004-2007 Internet Systems Consortium.
    All rights reserved.


    wifi0: unknown hardware address type 801
    ath0: unknown hardware address type 802
    wifi0: unknown hardware address type 801
    ath0: unknown hardware address type 802
    Listening on LPF/ath0/
    Sending on LPF/ath0/
    Sending on Socket/fallback
    DHCPDISCOVER on ath0 to 255.255.255.255 port 67 interval 7
    DHCPDISCOVER on ath0 to 255.255.255.255 port 67 interval 9
    DHCPDISCOVER on ath0 to 255.255.255.255 port 67 interval 14
    DHCPDISCOVER on ath0 to 255.255.255.255 port 67 interval 19
    DHCPDISCOVER on ath0 to 255.255.255.255 port 67 interval 12
    No DHCPOFFERS received.
    No working leases in persistent database - sleeping.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •