Results 1 to 8 of 8

Thread: Wep cracking no clients AND no ssid???

  1. #1
    Just burned his ISO
    Join Date
    Apr 2007
    Posts
    12

    Default Wep cracking no clients AND no ssid???

    Hi. I'm having a bit of a problem. I've researched this for a while on here with no luck so far.

    To date, I've cracked 64 bit wep using airodump-ng, aireplay-ng, and aircrack. I had the ssid, and I had a client on the ap downloading a large file. Worked great.

    My problem now is two-fold. I've set up an ap with no clients. I know the ssid but I still can't crack it. I'm using a fragmentation attack with a card that supports injection(I also tested it via wireshark). It will read packets searching for a data packet. It found 1, I entered y then pressed enter. It sent the fragmented packet....got no answer....still nothing, repeating....
    Still nothing, trying another packet....
    No answer, repeating....etc.

    So I let it read packets again, found another. Entered "y" and still nothing. Read more packets, nothing.

    Is fragmentation ever going to work?

    Also another big question of mine is, how can I crack Wep with no clients and no ssid??? Kismet never catches the ssid. I can't deauth any clients because there are none.

    Thanks for any help, Evo.

  2. #2
    Just burned his ISO
    Join Date
    Mar 2007
    Posts
    18

    Default

    I had a similar issue, however, 1st mistake was, I mistyped my mac address while doing it (I suggest not actually using yours, but a spoofed one using macchanger). My second issue was that I was doing this before I did a fake auth. The fake auth attack created a working packet that I could use with packetforge to create an arp-request packet, that I could then inject succsesfully. If you want to check it out, heres what I did;

    tazforum.thetazzone.com/viewtopic.php?t=6611

  3. #3
    Junior Member
    Join Date
    Apr 2007
    Posts
    72

    Smile

    Put it into a fragmentation attack...go have an espresso...come back...and it will have it set up for you..."use this fragment? yes or no?

    May take some time. I pulled down 2000 packets before it had a fragment ready.

    I also run both a chop chop and a fragmentation attack at the same time in two different terminals on the same laptop.

    You gotta love this stuff.

    Do the no ssid next. But first do the no cllient first...which is a pretty typical situation.

    Thank me later.

  4. #4
    Just burned his ISO
    Join Date
    Mar 2007
    Posts
    18

    Default

    you can't just use the fragment, you have to use the fragment to put into packetforge to create the right kind of packet to inject, alacityathome is pretty wrong.

  5. #5
    Junior Member
    Join Date
    Feb 2007
    Posts
    86

    Default

    If you have no client connected ( wlan or lan ) you have no data to collect thus cannot attack the AP unless you have previously collected data.

  6. #6
    Moderator theprez98's Avatar
    Join Date
    Jan 2010
    Location
    Maryland
    Posts
    2,533

    Default

    Quote Originally Posted by rumburak514 View Post
    If you have no client connected ( wlan or lan ) you have no data to collect thus cannot attack the AP unless you have previously collected data.
    This is not correct. There are a number of tutorials available on clientless WEP cracking using the fragmentation attack. Also, a LAN client even if connected will not produce any wireless traffic.
    "\x74\x68\x65\x70\x72\x65\x7a\x39\x38";

  7. #7
    Junior Member
    Join Date
    Feb 2007
    Posts
    86

    Default

    The tutorials are about the situation when you see no client :
    http://www.aircrack-ng.org/doku.php?...ith_no_clients
    but to do the fragmentation you need the WEP encrypted data thus either it is from previous session or from a nonvisible client, as there is no data obtain from fakeauth. When you read any tutorial look at the MAC's in collected packets used to frag attack.
    LAN client can send data through wireless when addressing wireless client.

  8. #8
    Just burned his ISO
    Join Date
    Apr 2007
    Posts
    12

    Default

    Quote Originally Posted by rumburak514 View Post
    The tutorials are about the situation when you see no client :
    but to do the fragmentation you need the WEP encrypted data thus either it is from previous session or from a nonvisible client, as there is no data obtain from fakeauth. When you read any tutorial look at the MAC's in collected packets used to frag attack.
    LAN client can send data through wireless when addressing wireless client.
    Thanks. This link has gotten me farther than anything so far.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •