Still have problem capturing WPA handshake

**cr1spyj0nes** · 03-20-2009, 09:23 AM

in backtrack 4 do as i say,
boot cd
login (root,toor)
in console put
root@bt:/etc/init.d/networking stop
root@bt:/etc/init.d/NetworkManager stop
root@bt:killall networking
root@bt:killall NetworkManager
and try then

**harry123** · 03-20-2009, 11:01 AM

From this website, I notice that I may need to update the driver or patch it

**imported_charlescywong** · 03-20-2009, 07:33 PM

Thanks. I have done it. I can de-auth my laptop so it cannot access the internet (type of DOS attack). But I still cannot capture all the 4-way handshake. I use Wireshark to find out there is EAPOL data in it... Is it because I capture only part of the handshake but not the whole set of the handshake?

Also, do I need to update the dictionary in order to find out the key... this is the first time I use the dictionary......

**imported_charlescywong** · 03-20-2009, 08:15 PM

Also, I try to save the data in the root folder, but don't know why, when I log out and login again next time, all the data disappear!
When I try to run aircrack, it sometimes hang... why?

**kazalku** · 03-20-2009, 11:38 PM

Originally Posted by charlescywong

Also, I try to save the data in the root folder, but don't know why, when I log out and login again next time, all the data disappear!

Are you running BT from CD or it's installed in HDD?

**imported_charlescywong** · 03-21-2009, 12:43 AM

Originally Posted by kazalku

Are you running BT from CD or it's installed in HDD?

I am running my BT3 and BT4 beta in VMWare.

Also when I capture WPA packet, even I can't capture the handshake, but when I want to use wireshark to look at it, it freeze, system hangs... Why is that? and any other choice other than wireshark that can perform packet analysis?

**drakoth777** · 03-21-2009, 12:58 AM

Concerning the issue you had with your card channel hopping. I saw in a few of your posts that process dhcpcd was running. Did you kill that process before testing if your card would still channel hop?

**imported_charlescywong** · 03-21-2009, 01:02 AM

Originally Posted by drakoth777

Concerning the issue you had with your card channel hopping. I saw in a few of your posts that process dhcpcd was running. Did you kill that process before testing if your card would still channel hop?

I have killed all the networking and network manager. So the card now stay fixed in one channel (channel 4).

**cr1spyj0nes** · 03-21-2009, 08:10 AM

Originally Posted by charlescywong

I have killed all the networking and network manager. So the card now stay fixed in one channel (channel 4).

Your welcome,

please print your airodump-ng output and your aireplay-ng output and will work out why you cant get the handshake.

**imported_charlescywong** · 03-21-2009, 05:01 PM

Originally Posted by cr1spyj0nes

Your welcome,

please print your airodump-ng output and your aireplay-ng output and will work out why you cant get the handshake.

Thank you very much. I manage to get the WPA handshake now... the problem is somtimes, I need to try several time....to get the handshake... 3 to 4 times to de-auth the client and re-auth...But I can't break the pre shared key becasue passphase not in dictionary... I think I need to download more wordlist to break the key. Actually I use a password --> "password", which is in the dictionary, but the aircrack-ng still say: Passphase not in dictionary...>.<

BackTrack Linux - Penetration Testing Distribution

Thread: Still have problem capturing WPA handshake

Thread Tools

Search Thread

Display

Posting Permissions