Results 1 to 5 of 5

Thread: BT3 and aireplay-ng deauth

  1. #1
    Just burned his ISO
    Join Date
    Apr 2009
    Posts
    9

    Default BT3 and aireplay-ng deauth

    I am sorry if this is the wrong place to post this, but it seems this is the ONLY place I can post right now.

    Anyway, I am completely new to Linux and BT3 for that matter, but over the past week I have been trying to crack my WEP/WPA2 keys and been coming short every time.

    Currently I am using BT3 and aireplay-ng to try to deauth one of my other clients form the AP I am testing against.
    I was watching Xploit videos and followed everything in the WPA2 video, but right now the deauthenticaion attacks seems to have no effect.

    I have an Intel 3945ABG card and this is the sequence of commands I ran:

    modprobe -r iwl3945
    modprobe ipwraw
    airmon-ng start wifi0
    airodump-ng wifi0
    airodump-ng -c 6 -w psk --bssid MYAPBSSID wifi0
    aireplay-ng -0 1 -a MYAPBSSID -c MYCLIENT wifi0

    the last command returns:

    Sending 64 directed DeAuth. STMAC: [MYCLIENT] [0| 0 ACKs]

    any idea why I can't get the client deautheticated?

    many thanks

  2. #2
    Member imported_vvpalin's Avatar
    Join Date
    Apr 2009
    Posts
    442

    Default

    aireplay-ng -0 10 -a MYAPBSSID wifi0

    or

    aireplay-ng -0 0 -a MYAPBSSID -c MYCLIENT wifi0

    should work ... you also might need to get closer

  3. #3
    Just burned his ISO
    Join Date
    Apr 2009
    Posts
    9

    Default

    Quote Originally Posted by vvpalin View Post
    aireplay-ng -0 10 -a MYAPBSSID wifi0

    or

    aireplay-ng -0 0 -a MYAPBSSID -c MYCLIENT wifi0

    should work ... you also might need to get closer
    I will give this a shot. thank you. Also I am right next to the AP. 2 feet literally

  4. #4
    Just burned his ISO
    Join Date
    Sep 2009
    Posts
    3

    Default

    I have an intel 4965ang and I am using the latest BT4 release.

    I followed Mixit's guide step by step (the guide which was here until a few hours ago and now is gone).

    I was finally able to run MixIt's "fakeit" shell script (I had copied and save it in windows so it had windows-style newlines - and the bash' parser sucks).

    I then ran aireplay -3 which I think is what MixIt's guide said (it had disappeared by the time).
    After a short while I got 1 ARP without need for the deauth thing. After the ARP was receuved, aireplay started apparently reinjecting packets: it printed a huge lot of "Read nnnnn packets (got 1 ARP and 0 ACK), sent nnnnnn".

    However, if I understand correctly, the purpose of all this is to accelerate the traffic so that more data packets are captured.
    Well, in the airodump windows the flow of data packets (there is another client communicating with the router) didn't accelerate a bit.
    It did capture a huge lot of packets flowing between my own Mac and the router, but the number of "#Data" packets didn't accelerate its growth.

    I then tried Airocrack, but the number of IVs grows is almost equal to the number of DATA packets, it is NOT influenced by the explosion of presumably reinjected packets; that is, running aireplay is not accelerating the process of cracking the key in any way. I still have to wait the number of data packet to reach some tens of thousand "naturally".

    I don't know if this means that injection is not working at all.

    Any ideas?

  5. #5
    Member mixit's Avatar
    Join Date
    Jan 2010
    Posts
    104

    Default

    @ matteosistisette

    1. This is called thread hijacking since you are not commenting on the OP's question.

    2. You double posted this question here:

    http://forums.remote-exploit.org/bt4...65-agn-14.html

    3. The fakeit.sh script was not mine as I mentioned in the other thread you commented on. I don't want to take credit for it, but I do not remember the author offhand.

    4. Try following the post below mine in the other thread by tripkip. Also, as mentioned in this thread, make sure you're close enough to the AP.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •