Why don't you just simply use airodumg-ng (+aireplay-ng) to capture the handshake?
airbase-ng capture wpa/wpa2 handshake
Has anyone got airbase-ng to capture the 4-way WPA/WPA2 handshake?
I tried as per the documentation to run "airbase-ng -c 5 -e wifitest -Z 4 ath0", client associates to my AP, but only produces to EAPoL packets instead of 4. i tried with WPA (airbase-ng -c 5 -e wifitest -z 2 ath0) and WPA2 with no luck.
Searching for this, I see the same command I entered in many different examples on capturing WPA/WPA2 handshake.
Thanks!
Why don't you just simply use airodumg-ng (+aireplay-ng) to capture the handshake?
Be sensitive in choosing where you ask your question. You are likely to be ignored, or written off as a loser, if you:
* post your question to a forum where it's off topic
* post a very elementary question to a forum where advanced technical questions are expected, or vice-versa
* cross-post to too many different newsgroups
* post a personal e-mail to somebody who is neither an acquaintance of yours nor personally responsible for solving your problem
I believe what you are suggesting is to capture 4-way handshake when someone is already connected to an AP.
I believe airbase-ng serves to capture a 4-way WPA/WPA2 handshake from a pc that is probing to connect to his own AP. airbase-ng will send out beacons for a specific essid so that client then connects to you as is the case with Cafe Latte attacks for WEP clients.
If I am right, then airbase-ng should be able to capture a 4-way handshake for WPA/WPA2 from a probing pc. If this is the case, what am I missing?
Thx!
Posting Permissions