tkiptun-ng get arp request

[mlksdk]

tkiptun-ng works!

but if you are not getting arp request look the source code.
tkiptun-ng works in 802.11e wirelesse network
if you dont get arp paquet, you are not in 802.11e network
or you have not actived it.

[xnoor]

you are not in 802.11e network
or you have not actived it.

do u mean that the AP should be in 802.11e mode ? and if not , how to switch it on..

thanks

[imported_Zer0|Day]

xnoor the AP and the client need to both support 802.11e. You can check your access point by logging into it. I know my Belkin AP has an option for QoS mode under the wireless section.

[rashwan]

tkiptun-ng works!

but if you are not getting arp request look the source code.
tkiptun-ng works in 802.11e wirelesse network
if you dont get arp paquet, you are not in 802.11e network
or you have not actived it.

Would you please post some tutorial of what have you done ?!

coz i tried really hard and got several results but all of them never lead to

Success

[imported_vvpalin]

do u mean that the AP should be in 802.11e mode ? and if not , how to switch it on..

thanks

802.11e is QoS .. if you do a little reading youll find its implemented for IP-Phones and the like to receive priority over the bandwidth.

Some AP's have this on by default, especially the ones that come with that fancy sticker that says voip support.

My ddwrt supports it but it need to be enabled in the firmware .. thats really the only way to turn it on. I will say that airodump can spot AP's that have this turned on you just need to know what to look for.

As for the actual attack ive never done it myself so i dont have a clue what steps need to be taken ... one thing that kinda bothered me tho while doing some searching, and pretty much the main reason im posting here is.

What exactly does this attack do .. i know it will give you a few bytes of the passcode, but is there a way to plug that into cowpatty or aircrack to speed up the cracking process?

[828298]

!!!help!!!
i'm stuck to capture.
my computer have successful michael=>> but can't not capture a handshake.
i use iwl3945. somebody can solve!!!please, help me(i'm very poor).
[IMG]img40.imageshack.us/img40/9125/snapshot4n.png[/IMG]

[Archangel-Amael]

!!!help!!!
i'm stuck to capture.
my computer have successful michael=>> but can't not capture a handshake.
i use iwl3945. somebody can solve!!!please, help me(i'm very poor).
[IMG]img40.imageshack.us/img40/9125/snapshot4n.png[/IMG]

What does "michael" and your financial status have to do with capturing a handshake?

[828298]

somebody can step by step show me how to crack wpa tkip use tkiptun-ng by iwl3945

[hitthemlow]

802.11e is QoS .. if you do a little reading youll find its implemented for IP-Phones and the like to receive priority over the bandwidth.

Some AP's have this on by default, especially the ones that come with that fancy sticker that says voip support.

My ddwrt supports it but it need to be enabled in the firmware .. thats really the only way to turn it on. I will say that airodump can spot AP's that have this turned on you just need to know what to look for.

As for the actual attack ive never done it myself so i dont have a clue what steps need to be taken ... one thing that kinda bothered me tho while doing some searching, and pretty much the main reason im posting here is.

What exactly does this attack do .. i know it will give you a few bytes of the passcode, but is there a way to plug that into cowpatty or aircrack to speed up the cracking process?

It doesnt reverse the passcode, it reverses the encryption "seed" so to speak,

WPA uses a seperate encryption "seed" for each client, thus getting a single "seed" allows you to read that clientss transmissions and gain recon before even touching the network (get the IPs/netmask if its not using DHCP, learn who is most active, and maybe why, etc)

I use the word seed very loosely because that is not the actual term but is the nicest way to put it.