Results 1 to 9 of 9

Thread: Airmon-ng : capturing only small portion of the wireless packets? (AWUS036H)

  1. #1
    Just burned his ISO
    Join Date
    Apr 2010
    Posts
    2

    Red face Airmon-ng : capturing only small portion of the wireless packets? (AWUS036H)

    Hi forum!
    First of all thanks for this awesome pentest tool backtrack!

    I have a problem capturing wireless traffic with aircrack. I searched around for a solution but did not find anything. I am able to get into monitor mode and capture traffic. The problem is, I can only see some parts (5% or less) of the actually traffic being sent.

    To demonstrate the problem, I setup :
    • A wireless siemens router with an open wireless (no encryption).
    • Laptop with a built in wifi running Windows XP.
    • VMWare running Backtrack 4, connected to an ALFA Networks AWUS036H network adapter.


    the commands I am using :
    Code:
    airmon-ng start wlan0
    Works great, mon0 has been created. Now, lets try to capture the traffic :

    Code:
    airodump-ng mon0
    I can see some of the traffic. lets try to be more specific and dump only router's traffic :

    Code:
    airodump-ng mon0 -c 6 -w output --bssid 00:1B:9E:1D:7E:B0
    While i was capturing the traffic, I went back to XP and browsed the administration webpage of the router.

    Even after refreshing the page several time, airodump did not see any data packet :



    Also when i was at my friend's house, i tried to use Wireshark on his open wireless network (yup, I know its not secure), and I saw alot of beacons and SOME tcp packets, but certainly not all of the packets.

    Any idea why my network card is capturing only small portion of the packets being sent?

  2. #2
    Just burned his ISO
    Join Date
    Apr 2010
    Posts
    2

    Default Re: Airmon-ng : capturing only small portion of the wireless packets? (AWUS036H)

    Just asking. Are you sure that you but it to listen rigth channel?(-c 6) I made same mistake when i was starting with that.

  3. #3
    Member joker5bb's Avatar
    Join Date
    Feb 2010
    Posts
    166

    Default Re: Airmon-ng : capturing only small portion of the wireless packets? (AWUS036H)

    how is that Airmon-ng?

  4. #4
    Member
    Join Date
    Jan 2010
    Location
    Helsinki, Finland
    Posts
    235

    Default Re: Airmon-ng : capturing only small portion of the wireless packets? (AWUS036H)

    I dont know if this helps, but first I do
    Code:
     airmon-ng stop wlan0

  5. #5
    Member
    Join Date
    Feb 2010
    Posts
    103

    Default Re: Airmon-ng : capturing only small portion of the wireless packets? (AWUS036H)

    when browsing admin webpage did this happen over wifi or wire?
    ,, It's the flower of light in the field of darkness that's giving me the strength to carry on.,,
    Eli says:,,No, it's, uh, Johnny Cash, Live at Folsom Prison,,

  6. #6
    Senior Member
    Join Date
    Feb 2010
    Posts
    146

    Default Re: Airmon-ng : capturing only small portion of the wireless packets? (AWUS036H)

    airmon-ng DOES NOT capture anything, it is there to put you card into monitor mode, and take it out of monitor mode. that is it
    open source = open minds, human knowledge belongs to the world

  7. #7
    Just burned his ISO
    Join Date
    Apr 2010
    Posts
    2

    Default Re: Airmon-ng : capturing only small portion of the wireless packets? (AWUS036H)

    when browsing admin webpage did this happen over wifi or wire?
    over wifi of course

    airmon-ng DOES NOT capture anything, it is there to put you card into monitor mode, and take it out of monitor mode. that is it
    how is that Airmon-ng?
    Come on, guys! Its just terminology. read the content and see the actual problem.

    Are you sure that you but it to listen rigth channel?(-c 6)
    Yeah, its channel 6. you can actually see that on the screenshot as well.

    airmon-ng stop wlan0
    tried that as well, still not capturing every packet.

    Its so frustrating, because the laptop, the ALFA and the router are all on the same table, but still i see nothing.
    I'm starting to think maybe its the driver? or hardware? Fortunately I am able to use the same ALFA network card for connecting wireless networks regularly and it works well - only on monitor mode it has problems capturing.

  8. #8
    Member
    Join Date
    Jan 2010
    Location
    Helsinki, Finland
    Posts
    235

    Default Re: Airmon-ng : capturing only small portion of the wireless packets? (AWUS036H)

    Quote Originally Posted by calcdotexe View Post
    Its so frustrating, because the laptop, the ALFA and the router are all on the same table, but still i see nothing.
    could you be too near that router? what if you try to use gerix wifi cracker to capture data. Have you updated aircrack-ng. I updated metasploit, aircrack-ng, etc using FastTrack webQui and there update all.

  9. #9
    Senior Member
    Join Date
    Feb 2010
    Posts
    146

    Default Re: Airmon-ng : capturing only small portion of the wireless packets? (AWUS036H)

    Quote Originally Posted by calcdotexe View Post
    over wifi of course



    Come on, guys! Its just terminology. read the content and see the actual problem.


    Yeah, its channel 6. you can actually see that on the screenshot as well.


    tried that as well, still not capturing every packet.

    Its so frustrating, because the laptop, the ALFA and the router are all on the same table, but still i see nothing.
    I'm starting to think maybe its the driver? or hardware? Fortunately I am able to use the same ALFA network card for connecting wireless networks regularly and it works well - only on monitor mode it has problems capturing.
    if you can't get the terminology right, then how can we be expected to get the answer right? "no dude, just format your hard drive, it totally makes it go faster" "...you mean defragment...right?" <-- case in point

    try /etc/init.d/wicd stop then ifconfig wlan0 down ; airmon-ng start wlan0 ; ifconfig mon0 up ; ifconfig <-- to make sure wlan0 didn't come up with mon0, if it did put it down, and finally airodump-ng -c 6 -w cap mon0
    open source = open minds, human knowledge belongs to the world

Similar Threads

  1. Not capturing packets correctly
    By Isohump in forum OLD Wireless
    Replies: 8
    Last Post: 01-06-2010, 07:59 AM
  2. Kismet not Capturing Cryptd Packets
    By lcaseyva in forum OLD Newbie Area
    Replies: 0
    Last Post: 06-06-2009, 05:58 AM
  3. Capturing packets and reding the TCP/IP header?
    By me-$-on in forum OLD Wireless
    Replies: 6
    Last Post: 01-15-2009, 10:42 AM
  4. help capturing packets with rtl8187l and airodump
    By roadrash in forum OLD Newbie Area
    Replies: 18
    Last Post: 09-16-2008, 01:25 PM
  5. Problems capturing packets. Some help?!
    By Niko67 in forum OLD Newbie Area
    Replies: 1
    Last Post: 06-06-2008, 07:32 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •