This things i have done on Backtrack 4f:
1) I've set on my Laptop (Aspire 5920G) my Card into Monitor mode.
Found varios tuts for my Laptop. For many people arp Injecting seems to be working.
2) Scan with airodump-ng my WEP network, with the right channel and saving into file.
3) Association with the network (airodump-ng -1 6000 .....)
i got the smily and it's semms to be working. in Scanning with airodump-ng i see my mac-addr connected.
4) then i trie the arp Reinject attack (aireplay-ng -9 -b ....) .
After some time i got my thirst ARP request. And aireplay start's to send packets, but the arp's doesn't increas and i get no IV's. in my airodump-ng also only beacons and me sending packts are increasing, but the #Data from App doesn't increas.
I already tested -9 with my card on my Network and i got 80-100%. So injecting must be working i think.
While the arp -9 attack is working i am associated with the app.
I've looked many tutorial's already and searched in many forums and also i've tried the Troubleshooting from the Aircrack Site (Aircrack-ng).
The biggest Problem is, that i doesn't understand why it is not working -.- , because everything looks to be right, and evrything i checked is working correct. So i hope someone could help me with my Problem.
Thx for Help
Yes yuo'r right, was my fault. I surly associated with aireplay-ng xD
I will try the Fragmentation attack.
Today, i tested one other thing and got the same result.
I connected to the network with an other computer (Computer a).
started monitoring. then tried the -3 attack with this associated client. So it looks like that:
Aireplay-ng -3 -b (Access point mac) -h (Computer a mac) mon0
Got the same Problem, i only get some arp's from the Computer a. so the injecting startet. Packets increasing for Computer a, but the Data did not increas.
Hello i was having the same thing last day
One thing you should check is:
1- Are you sure you open the good file (i mean the one where the Ivs are and not another old file)
And try to ping with the other computer (the one who's connect to web) to an ip which doesn't exists i mean something like
$> ping 192.168.1.25 (and no computer with this local ip)
This sould increase IV's very very fast if this don't you should retry autentification or something else
I made some Pictures of what i do and the porblems i have.
I added X's to the mac Addresses.
AP mac-addr: 00:xx:3F:xx:53:31
Client mac-addr: 00:xx:E0:xx:AD:CC
my mac-addr: 00:xx:10:xx:2D:7B
So i have a WEP AP at home with hidden SSID (trini) and a client connected to my AP.
- airmon-ng start Wlan0 (upper left window)
- airodump-ng -c 5 -w test --bssid 00:xx:3F:xx:53:31 mon0 (upper right window)
- aireplay-ng -9 -e trini -a 00:xx:3F:xx:53:31 mon0 (lower left window)
As in the Picture, the Injection test is successful
- aireplay-ng -1 6000 -q 35 -e trini -a 00:xx:3F:xx:53:31 -h 00:xx:10:xx:2D:7B mon0
(lower left window: also successful Association)
- aireplay-ng -3 -e trini -b 00:xx:3F:xx:53:31 -h 00:xx:10:xx:2D:7B mon0
(lower right window)
After i got the ARP:
As descriebed before in the upper Right window you can see that only the Packets are increasing, but the Data is not increasing. It's only at 400 becouse i was eating after the 3th Picture. I waited some minuts while injecting, but the Data das not increase!!!
I also tried the Fragmentation attack, but was not successful.
After i made attack, and confirmed the Package. i got this:
And that was for every Packet i confirmed.
Hope someone can Help me out.
Can realy no one help ???
I can offer some advice... Make sure you keep experimenting. I had a similar situation quite awhile ago when I was working on wireless. My AP doesnt have the strongest signal so giving aireplay a -x option with something less than the default of 500.
FYI i generally stick with aireplay -3.
-x is packets per second, so slowing it down can make the attack more effective with some equipment or if you have poor signal. Another thing I noticed is sometimes for certain commands in the aircrack suite, I needed to use mon0 or wlan0 for the interface. For instance using mon0 would not get any IVs but would inject fine, and wlan0 would inject and get IVs. It wasnt the same for all commands. For example, I might associate using mon0 interface but use aireplay -3 with wlan0 interface. I'm not sure why this is, but I believe it may be how some wlan chipsets handle the aircrack applications. It pays to have a couple of different wireless chipsets to try these attacks with. One adapter may work better than the other, even if injection tests ok
Last edited by iproute; 11-24-2010 at 08:50 PM.
The Problem was solved by installing Backtrack R2.