Results 1 to 10 of 10

Thread: yet another incomplete 4 way handshake thread..

  1. #1
    Member skor78's Avatar
    Join Date
    Jul 2009
    Posts
    140

    Default yet another incomplete 4 way handshake thread..

    Hi everyone,

    I'm sorry to repeat such thread, but i've read allot and didn't found an concise answer for this..
    I'm trying to use cowpatty to crack my own network wpa-tkip key, and i'm having incomplete 4-way handshake every single time.
    After many deauth. captures, i decided to put my clt, monitor pc and my ap all side-by-side, and instead of deauth. attacks, i've connected and disconnected several times to my ap and i could see in my mon. pc that i was capturing the HS's, and even after half a dozen handshakes captured, i'm still having this error..

    Can you guys give me some pointers?

    Thanx!

  2. #2
    Member CKing's Avatar
    Join Date
    Mar 2010
    Location
    downtown, riverfront
    Posts
    83

    Default Re: yet another incomplete 4 way handshake thread..

    What adapter, and client OS are you using? Is the client using an N adapter? What packets are/arent captured?
    A true gentleman, a good hearty guy.

  3. #3
    Member skor78's Avatar
    Join Date
    Jul 2009
    Posts
    140

    Default Re: yet another incomplete 4 way handshake thread..

    nop, b/g adapter (rtl8187 sniffing and atheros 9285 in client), OS win vista, all packets are captured.
    Last edited by skor78; 11-21-2010 at 03:49 AM.

  4. #4
    Member CKing's Avatar
    Join Date
    Mar 2010
    Location
    downtown, riverfront
    Posts
    83

    Default Re: yet another incomplete 4 way handshake thread..

    Which of the handshake packets are missing to make it incomplete? What program is reporting the handshake as incomplete? I've heard that some people have problems with capturing handshakes on vista/win7 but my tests on win7 machines have all worked flawlessly. Other than that I can't see why it wouldn't work. I assume you have it on the right channel, not hopping, right?
    A true gentleman, a good hearty guy.

  5. #5
    Member skor78's Avatar
    Join Date
    Jul 2009
    Posts
    140

    Default Re: yet another incomplete 4 way handshake thread..

    Quote Originally Posted by CKing View Post
    Which of the handshake packets are missing to make it incomplete? What program is reporting the handshake as incomplete? I've heard that some people have problems with capturing handshakes on vista/win7 but my tests on win7 machines have all worked flawlessly. Other than that I can't see why it wouldn't work. I assume you have it on the right channel, not hopping, right?
    Good question.. How can i check wich packets are missing?
    Like i said in my first post, coWPAtty.
    Don't believe everything you hear.. wpa is a communication protocol completely independent from OS.. OS merely serves as interface to interpret send/recieved information and store the keys database..
    Obviously, as i'm sniffing my AP, which is on a fixed channel..

  6. #6
    Junior Member
    Join Date
    Mar 2010
    Posts
    43

    Default Re: yet another incomplete 4 way handshake thread..

    Think cking meant thats airodump was on a fixed channel not your ap.

  7. #7
    Member CKing's Avatar
    Join Date
    Mar 2010
    Location
    downtown, riverfront
    Posts
    83

    Default Re: yet another incomplete 4 way handshake thread..

    Quote Originally Posted by skor78 View Post
    Good question.. How can i check wich packets are missing?
    Like i said in my first post, coWPAtty.
    Don't believe everything you hear.. wpa is a communication protocol completely independent from OS.. OS merely serves as interface to interpret send/recieved information and store the keys database..
    Obviously, as i'm sniffing my AP, which is on a fixed channel..
    You can check which packets are missing by opening the capture file in wireshark and filtering eapol packets. Theres a good tutorial at the aircrack-ng site.
    Sorry I missed the cowpatty part. Try analyzing it with pyrit (superior to cowpatty anyways) and see what you get.
    I agree that windows shouldn't be messing with a standard protocol but hey you never know, and as I said my personal tests don't support the claim.
    Some people are under the impression that by using channel hopping they can monitor all packets on all channels, I had to make sure you weren't one of them, no offence was intended.

    Have you successfully captured handshakes in other situations, or is it just this one in particular?
    A true gentleman, a good hearty guy.

  8. #8
    Member skor78's Avatar
    Join Date
    Jul 2009
    Posts
    140

    Default Re: yet another incomplete 4 way handshake thread..

    Quote Originally Posted by CKing View Post
    You can check which packets are missing by opening the capture file in wireshark and filtering eapol packets. Theres a good tutorial at the aircrack-ng site.
    Sorry I missed the cowpatty part. Try analyzing it with pyrit (superior to cowpatty anyways) and see what you get.
    I agree that windows shouldn't be messing with a standard protocol but hey you never know, and as I said my personal tests don't support the claim.
    Some people are under the impression that by using channel hopping they can monitor all packets on all channels, I had to make sure you weren't one of them, no offence was intended.

    Have you successfully captured handshakes in other situations, or is it just this one in particular?
    nop, i've tested several captures in mine and my friends routers, wpa and wpa2, and i get incomplete hs every freakin' time!
    pyrit would be great, and although i love my ultra-portable, Clevo M72sr, the only flaw (HUGE!!) it has, it's his ultra-lame SiS672 GPU.. Not even the graphics driver works well in linux, so pyrit is not an option..
    I bet those people, unlike me aren't just trying to test cowpatty.. I've already successfully tested aircrack and pyrit, but with cowpatty, before, i was having a buffer overflow error, and now that it's working properly, i've downloaded renderman tables to test it and i can never get a complete hs to test it..

    Thanx for your tip on wireshark, unfortunately i have a full week of work ahead of me, and don't have much time to research this..
    If by any chance you have the tutorial link in the "tip of your tongue" please post it here, it will save me some precious time.. If not, that's cool, i'll look it up next weekend.

    Cheers!

    EDIT:

    christ.. lol, My english isn't that bad, but thanx!

    Just read in - http://www.backtrack-linux.org/forum...very-time.html - that i could try to patch cowpatty 4.6, but i think cowpatty in BT4R1 comes already patched.. also i'll try the -2 option, just in case..
    Last edited by skor78; 11-21-2010 at 10:26 PM.

  9. #9
    Member CKing's Avatar
    Join Date
    Mar 2010
    Location
    downtown, riverfront
    Posts
    83

    Default Re: yet another incomplete 4 way handshake thread..

    I am having difficulty understanding your post. I was suggesting pyrit just for the analyze function, you could also try stripping it for fun with pyrit, these features dont require a gpu.
    wpa_capture [Aircrack-ng]
    A true gentleman, a good hearty guy.

  10. #10
    Member skor78's Avatar
    Join Date
    Jul 2009
    Posts
    140

    Default Re: yet another incomplete 4 way handshake thread..

    Good Morning!

    Thanx King! I assumed it was for cracking it.. As soon as i have some time available, i'll try your recommendations..
    Just ask what you didn't understood, i'll try to explain it better..

    Gotta run, i'm late for work! Have a nice week, mine will be a little hell..

    Cheers!

Similar Threads

  1. WPA Handshake Help
    By ishusoftware in forum Beginners Forum
    Replies: 7
    Last Post: 11-15-2010, 02:55 PM
  2. iwlist wlan0 scan returns incomplete Cell 24???
    By g1ic7h in forum OLD BackTrack 4 General Support
    Replies: 17
    Last Post: 12-07-2009, 02:16 AM
  3. Incomplete TKIP four-way exchange every time!
    By Ahemsa in forum OLD Newbie Area
    Replies: 15
    Last Post: 09-19-2009, 08:56 PM
  4. Desktop settings lost on BT3 incomplete shutdown
    By imported_bulgin in forum OLD Newbie Area
    Replies: 0
    Last Post: 08-20-2008, 10:21 PM
  5. Replies: 1
    Last Post: 07-28-2008, 11:31 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •