Results 1 to 9 of 9

Thread: tkiptun-ng get arp request

  1. #1
    Just burned his ISO
    Join Date
    Nov 2008
    Posts
    1

    Default tkiptun-ng get arp request

    tkiptun-ng works!

    but if you are not getting arp request look the source code.
    tkiptun-ng works in 802.11e wirelesse network
    if you dont get arp paquet, you are not in 802.11e network
    or you have not actived it.

  2. #2
    Just burned his ISO
    Join Date
    Jan 2008
    Posts
    12

    Default

    Quote Originally Posted by mlksdk View Post
    you are not in 802.11e network
    or you have not actived it.
    do u mean that the AP should be in 802.11e mode ? and if not , how to switch it on..

    thanks

  3. #3
    Just burned his ISO
    Join Date
    Apr 2008
    Posts
    19

    Default

    xnoor the AP and the client need to both support 802.11e. You can check your access point by logging into it. I know my Belkin AP has an option for QoS mode under the wireless section.

  4. #4
    Junior Member
    Join Date
    Feb 2010
    Posts
    27

    Default

    Quote Originally Posted by mlksdk View Post
    tkiptun-ng works!

    but if you are not getting arp request look the source code.
    tkiptun-ng works in 802.11e wirelesse network
    if you dont get arp paquet, you are not in 802.11e network
    or you have not actived it.
    Would you please post some tutorial of what have you done ?!

    coz i tried really hard and got several results but all of them never lead to

    Success

  5. #5
    Member imported_vvpalin's Avatar
    Join Date
    Apr 2009
    Posts
    442

    Default

    Quote Originally Posted by xnoor View Post
    do u mean that the AP should be in 802.11e mode ? and if not , how to switch it on..

    thanks
    802.11e is QoS .. if you do a little reading youll find its implemented for IP-Phones and the like to receive priority over the bandwidth.

    Some AP's have this on by default, especially the ones that come with that fancy sticker that says voip support.

    My ddwrt supports it but it need to be enabled in the firmware .. thats really the only way to turn it on. I will say that airodump can spot AP's that have this turned on you just need to know what to look for.

    As for the actual attack ive never done it myself so i dont have a clue what steps need to be taken ... one thing that kinda bothered me tho while doing some searching, and pretty much the main reason im posting here is.

    What exactly does this attack do .. i know it will give you a few bytes of the passcode, but is there a way to plug that into cowpatty or aircrack to speed up the cracking process?
    Using backtrack for the first time is like being 10 years old again with the keys to a Ferrari.

  6. #6
    Just burned his ISO
    Join Date
    Jul 2009
    Posts
    2

    Default

    !!!help!!!
    i'm stuck to capture.
    my computer have successful michael=>> but can't not capture a handshake.
    i use iwl3945. somebody can solve!!!please, help me(i'm very poor).
    [IMG]img40.imageshack.us/img40/9125/snapshot4n.png[/IMG]

  7. #7
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default

    Quote Originally Posted by 828298 View Post
    !!!help!!!
    i'm stuck to capture.
    my computer have successful michael=>> but can't not capture a handshake.
    i use iwl3945. somebody can solve!!!please, help me(i'm very poor).
    [IMG]img40.imageshack.us/img40/9125/snapshot4n.png[/IMG]
    What does "michael" and your financial status have to do with capturing a handshake?
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

  8. #8
    Just burned his ISO
    Join Date
    Jul 2009
    Posts
    2

    Default

    somebody can step by step show me how to crack wpa tkip use tkiptun-ng by iwl3945

  9. #9
    Junior Member
    Join Date
    Jan 2010
    Location
    Canada
    Posts
    84

    Default

    Quote Originally Posted by vvpalin View Post
    802.11e is QoS .. if you do a little reading youll find its implemented for IP-Phones and the like to receive priority over the bandwidth.

    Some AP's have this on by default, especially the ones that come with that fancy sticker that says voip support.

    My ddwrt supports it but it need to be enabled in the firmware .. thats really the only way to turn it on. I will say that airodump can spot AP's that have this turned on you just need to know what to look for.

    As for the actual attack ive never done it myself so i dont have a clue what steps need to be taken ... one thing that kinda bothered me tho while doing some searching, and pretty much the main reason im posting here is.

    What exactly does this attack do .. i know it will give you a few bytes of the passcode, but is there a way to plug that into cowpatty or aircrack to speed up the cracking process?
    It doesnt reverse the passcode, it reverses the encryption "seed" so to speak,

    WPA uses a seperate encryption "seed" for each client, thus getting a single "seed" allows you to read that clientss transmissions and gain recon before even touching the network (get the IPs/netmask if its not using DHCP, learn who is most active, and maybe why, etc)

    I use the word seed very loosely because that is not the actual term but is the nicest way to put it.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •