Page 7 of 30 FirstFirst ... 5678917 ... LastLast
Results 61 to 70 of 294

Thread: Announcement: WEPBuster Beta Finally Released!

  1. #61
    Junior Member
    Join Date
    Dec 2007
    Posts
    63

    Default

    Hey, could i use your refined code to test on mine, getting knowwhere fast and i'm not an expert like most of the crew here!

  2. #62
    Just burned his ISO
    Join Date
    Jan 2010
    Posts
    9

    Default

    Quote Originally Posted by Tiptoe View Post
    Hey, could i use your refined code to test on mine, getting knowwhere fast and i'm not an expert like most of the crew here!
    I can let you have it any day... this is an open source code... But you will need to use the precompile aircrack-ng 4 wepbuster. In BT4, all I had to do was copy the extracted files to /usr/bin and /usr/sbin.

    So where do you want me to send the code?

  3. #63
    Member alacrityathome's Avatar
    Join Date
    Jan 2010
    Posts
    248

    Default Hmmmm.....anybody getting a similar result?

    Using the Alfa r8187 (wlan1 in both monitor and managed mode) with Ubuntu 9.04 and with my own AP (which does not have Mac filtering and is on WEP):


    Pwning "xxxxxxxxxx" (xx:xx:xx:xx:xx:xx)

    Checking for mac filtering... FILTERED!!!



    Got this error:

    14:51:00 Denied (code 10), open (no WEP) ?





    No client found. Skipping...



    As I mentioned, there is no MAC filtering on my AP and it is on WEP at the moment. Any suggestions to resolve this?

    Thanks.

    Neat script....otherwise.

    Alacrity

  4. #64
    Member
    Join Date
    May 2009
    Posts
    102

    Default

    Quote Originally Posted by alacrityathome View Post
    Using the Alfa r8187 (wlan1 in both monitor and managed mode) with Ubuntu 9.04 and with my own AP (which does not have Mac filtering and is on WEP):


    Pwning "xxxxxxxxxx" (xx:xx:xx:xx:xx:xx)

    Checking for mac filtering... FILTERED!!!



    Got this error:

    14:51:00 Denied (code 10), open (no WEP) ?





    No client found. Skipping...



    As I mentioned, there is no MAC filtering on my AP and it is on WEP at the moment. Any suggestions to resolve this?

    Thanks.

    Neat script....otherwise.

    Alacrity


    Not sure about this one, but I made the script to do a one time fake authentication to check for mac filtering and SKA, as soon as it gets an error , it will decide that the AP is mac filtered. Can you try doing the same manually?. Just do a fakeauth once and tell me what the AP is sending back. The problem with different APs is that you can't really tell what the error code means. They are not always the same for every brand, so the script just looks for the string /code/ to check for mac filtering, and /Switching/ to check for SKA.

  5. #65
    Member alacrityathome's Avatar
    Join Date
    Jan 2010
    Posts
    248

    Default

    wif1bust,

    Many thanks for your quick response....and your background info. When I do a manual or standard aireplay-ng -1 command I get:

    john@john-laptop:~$ sudo aireplay-ng -1 6000 -o 1 -q 10 -e LOCKNEST -a xx:xx:xx:xx:xx -h 00:c0:ca:1b:f3:e6 wlan1

    [sudo] password for john:

    16:39:33 Waiting for beacon frame (BSSID: xx:xx:xx:xx:xx:xx) on channel 1



    16:39:33 Sending Authentication Request (Open System) [ACK]

    16:39:33 Authentication successful

    16:39:33 Sending Association Request [ACK]

    16:39:33 Association successful :-) (AID: 1)

    16:39:43 Sending keep-alive packet [ACK]

    16:39:53 Sending keep-alive packet [ACK]


    Let me know what else I need to look for or check. Is there a command or software to get more details on the AP response? The fake authentication with the r8187 has been very consistent and positive up until operating within this script.....so I hope I can help debug it.

    AP is a D-Link Draft N DIR-655. I will try a google on error codes also.

    Or, I could adjust your script to circumvent the mac filtering check.

    Or, Change routers to make sure I have the script running correctly.

    A


    EDIT: Tried another router and get:

    Pwning "xxxxxxxx" (xx:xx:xx:xx:xx:xx)
    Checking for mac filtering... NONE!! =)
    Trying to associate... SUCCESS!!!
    Starting to inject...
    Sending Deauth...
    Counting IVs...(hit ENTER to skip this AP)
    Stopping all forks..

    Now with this router, I have no problem with the mac filtering error.....but why would it stop all forks and move on to the next AP? With both routers, straight aircrack-ng commands and cracking works, airoscript works, and ws2.tcl script works.

    Let me know if you have any recommendations.

    A

  6. #66
    Member
    Join Date
    May 2009
    Posts
    102

    Default

    Quote Originally Posted by alacrityathome View Post
    wif1bust,

    Many thanks for your quick response....and your background info. When I do a manual or standard aireplay-ng -1 command I get:

    john@john-laptop:~$ sudo aireplay-ng -1 6000 -o 1 -q 10 -e LOCKNEST -a xx:xx:xx:xx:xx -h 00:c0:ca:1b:f3:e6 wlan1


    Let me know what else I need to look for or check. Is there a command or software to get more details on the AP response? The fake authentication with the r8187 has been very consistent and positive up until operating within this script.....so I hope I can help debug it.

    AP is a D-Link Draft N DIR-655. I will try a google on error codes also.

    Or, I could adjust your script to circumvent the mac filtering check.

    Or, Change routers to make sure I have the script running correctly.

    A


    EDIT: Tried another router and get:

    Pwning "xxxxxxxx" (xx:xx:xx:xx:xx:xx)
    Checking for mac filtering... NONE!! =)
    Trying to associate... SUCCESS!!!
    Starting to inject...
    Sending Deauth...
    Counting IVs...(hit ENTER to skip this AP)
    Stopping all forks..

    Now with this router, I have no problem with the mac filtering error.....but why would it stop all forks and move on to the next AP? With both routers, straight aircrack-ng commands and cracking works, airoscript works, and ws2.tcl script works.

    Let me know if you have any recommendations.

    A

    First of all, when testing just one router, you can create a "known_ap.txt" and put it's mac in there so all others will be skipped. Further, limit the scan duration and channel (whichever the faulty router is in) so you won't have to wait that long. Then, the latest SVN revision of README.TXT contains the actual aircrack-ng commands I used. You can also easily see it in the source and by doing 'ps ax |grep air'. IIRC, the fakeauth command i used for mac filtering check is:

    "aireplay-ng -1 1 -a 'bssid' $inject_iface -e 'ssid' -h $macaddress -D 2>&1"

    of which there is no -o 1 -q 10.. Try if that particular command will give you the same result.


    So far, there is no easier way to skip mac filtering check other than modifying few lines or by just commenting the entire:

    ########## BEGIN MAC ADDRESS FILTER AND SHARED KEY AUTHENTICATION CHECK ####################

    Everyting in between....

    ########## END MAC ADDRESS FILTER AND SHARED KEY AUTHENTICATION CHECK ####################

  7. #67
    Member alacrityathome's Avatar
    Join Date
    Jan 2010
    Posts
    248

    Default

    wif1bust3r,

    Thanks for your inputs. Interesting.....and yes I get an odd combination of a successful authentication plus a denied code 10!

    john@john-laptop:~$ sudo aireplay-ng -1 1 -a xx:xx:xx:xx:xx:xx wlan1 -e LOCKNEST -h 00:c0:ca:1b:f3:e6 -D 2>&1

    22:09:32 Sending Authentication Request (Open System) [ACK]
    22:09:32 Authentication successful
    22:09:32 Sending Association Request [ACK]
    22:09:32 Denied (code 10), open (no WEP) ?

    22:09:35 Sending Authentication Request (Open System) [ACK]
    22:09:35 Authentication successful
    22:09:35 Sending Association Request [ACK]
    22:09:35 Denied (code 10), open (no WEP) ?

    22:09:38 Sending Authentication Request (Open System) [ACK]
    22:09:38 Authentication successful
    22:09:38 Sending Association Request [ACK]
    22:09:38 Denied (code 10), open (no WEP) ?

  8. #68
    Member
    Join Date
    May 2009
    Posts
    102

    Default

    Quote Originally Posted by alacrityathome View Post
    wif1bust3r,

    Thanks for your inputs. Interesting.....and yes I get an odd combination of a successful authentication plus a denied code 10!

    john@john-laptop:~$ sudo aireplay-ng -1 1 -a xx:xx:xx:xx:xx:xx wlan1 -e LOCKNEST -h 00:c0:ca:1b:f3:e6 -D 2>&1

    22:09:32 Sending Authentication Request (Open System) [ACK]
    22:09:32 Authentication successful
    22:09:32 Sending Association Request [ACK]
    22:09:32 Denied (code 10), open (no WEP) ?

    22:09:35 Sending Authentication Request (Open System) [ACK]
    22:09:35 Authentication successful
    22:09:35 Sending Association Request [ACK]
    22:09:35 Denied (code 10), open (no WEP) ?

    22:09:38 Sending Authentication Request (Open System) [ACK]
    22:09:38 Authentication successful
    22:09:38 Sending Association Request [ACK]
    22:09:38 Denied (code 10), open (no WEP) ?

    That explains everything I guess. Try adding -o 1 to your aireplay-ng arguments...

  9. #69
    Member alacrityathome's Avatar
    Join Date
    Jan 2010
    Posts
    248

    Default

    Works without the "-D 2>&1". Same error otherwise.

    john@john-laptop:~$ sudo aireplay-ng -1 1 -a xx:xx:xx:xx:xx:xx wlan1 -e LOCKNEST -h 00:c0:ca:1b:f3:e6
    22:43:13 Waiting for beacon frame (BSSID: xx:xx:xx:xx:xx:xx) on channel 1

    22:43:13 Sending Authentication Request (Open System) [ACK]
    22:43:13 Authentication successful
    22:43:13 Sending Association Request [ACK]
    22:43:13 Association successful :-) (AID: 1)
    22:43:14 Sending Authentication Request (Open System) [ACK]
    22:43:14 Authentication successful
    22:43:14 Sending Association Request [ACK]
    22:43:14 Association successful :-) (AID: 1)
    22:43:15 Sending Authentication Request (Open System) [ACK]
    22:43:15 Authentication successful
    22:43:15 Sending Association Request [ACK]
    22:43:15 Association successful :-) (AID: 1)
    22:43:16 Sending Authentication Request (Open System) [ACK]
    22:43:16 Authentication successful
    22:43:16 Sending Association Request [ACK]
    22:43:16 Association successful :-) (AID: 1)
    22:43:17 Sending Authentication Request (Open System) [ACK]
    22:43:17 Authentication successful

  10. #70
    Member
    Join Date
    May 2009
    Posts
    102

    Default

    Quote Originally Posted by alacrityathome View Post
    Works without the "-D 2>&1". Same error otherwise.
    22:43:17 Authentication successful


    I see.. -D doesn't work on some APs. I might just remove it then. I guess that particular AP accepts association requests only after sending beacons.

Page 7 of 30 FirstFirst ... 5678917 ... LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •