Slow packet collection

[ShahZ]

Hello! I'm quite new to backtrack4 and linux, and I am trying to crack my WEP network - but I am collecting data packets FAR too slow. If somone could tell me what I am doing wrong, it would be very kind.

Here's what I did:

First, I changed my wireless card's mac address randomly. Then I started dumping to a file with airodump-ng (obviously, I specified the network's channel and BSSID). Then, while it was still dumping, I started various attacks, namely injection and fragmentation, and also FakeAuth. Whichever I tried, it made almost no difference in the number of packets coming in. It is very frustrating. After 15 minutes, I got about a 100 data packets. After 1 hour, I got a nice total of ZERO ARPs.

I tried an the injection test with aireplay, and it said it was working. 95%

At this rate, I would never crack it while I am still alive! And yet its supposed to be easy. I am very frustrated. Should I buy another wifi card and try it out? Thanks in advance!

[Archangel-Amael]

Why would you need to change your mac address to a random one?

[ShahZ]

I didn't. I was following a guide, like I said I am quite new. Anyway, I was testing things out to see if it works... It said if your card doesnt support chaging the mac address then most probably it isnt supported. Well - I wanted to make it a point that it is capable of doing it.

So, to conclude, my card is "supported", and yet packet injection stays at 0pps (even though when I run the aireplay test it says it works), and packet collection is too slow.
Moreover, I cant use mon0, only wlan0. Does this have anything to do with it? airodump-ng mon0 doesn't work for me.


Do you know if I am doing something wrong? Ill post my card's name and the commands I when I get home.

[jimmy]

Perhaps there isn't enough traffic. l assume this is your rig, so you'd be close enough.
l know your learning the command-line process, but have you tried the Gerix tool [in BT4] or Grimwepa [a tool like spoonwep - hosted here], just to see what they do.

[Duracell3]

A couple things:

1. What car are you using?
2. You will probably need to setup a fake-auth first, and then try to replay the packets. Were you able to successfully fake-auth? If you are and can't find any ARP packets, you will need some usage from an already connected client. Deauth that client, or use fragmentation or chop-chop and see what happens.

[ShahZ]

What car are you using?

If you meant card :P
then I am using a RaLink2537 - rt73usb it's a cheap wifi card.

[ShahZ]

Thanks for your reply Jimmy, I tried those programs out, but personally, I prefer a CLI

I think I found out what was the problem,thanks to duracell....

While trying to authenticate, I was getting this:

aireplay-ng -1 0 -a <Mac address of AP> -h <mac address on allow list> -e <AP name(Bssid)> wlan0

Code:

18:37:05  Sending Authentication Request (Open System) [ACK]
18:37:05  Authentication successful
18:37:05  Sending Association Request [ACK]
18:37:05  Got a deauthentication packet! (Waiting 3 seconds)
!

Big problem for an intruder.

Note: I am between the router and my other computer, which is downloading files. Also, I forgot to mention that I have MAC filtering on my router. I tried changing my mac using macchanger wlan0 --mac=<the mac> to a mac address that was on the "allow list" of my router - but the results didn't even change! I think it isn't being fooled by the macchanger...

Don't get mad if I said anything stupid

Update**
Once Mac filtering was removed from the router, the fake auth worked instantly. So it's definitely the problem.
Looks like there's no way to get around it! Anyone have any ideas?

Thanks!