Results 1 to 5 of 5

Thread: WEP Crack Aireplay-ng

  1. #1
    Just burned his ISO kiloraw's Avatar
    Join Date
    Jan 2010
    Location
    On the side, in the middle, compass points east
    Posts
    9

    Default WEP Crack Aireplay-ng

    First i must say, wonderful job on the vol. 4. I think going to Ubuntu to will be well worth it, sucks for the guru's right now, but like I said it will be worth it.

    As for my problem:
    Scenario:
    At work, trying to crack a AP WEP. I will have to do this alot more, since it will be my job to test the security of wireless AP, which will have WPA2. Trying to crack WEP now, for knowledge and seems logical. The AP has know clients, and the ESSID is not broadcasted. I decided to ask what was the AP's ESSID for my co-worker, so that I could troubleshoot, if it was a user error or not.

    Card: 3945 iwl

    airmon-ng
    airmon-ng stop (interface)
    ifconfig (interface) down
    macchanger --mac 00:11:22:33:44:55 (interface)
    airmon-ng start (interface)

    airodump-ng (interface)
    airodump-ng -c (channel) -w (file name) --bssid (bssid) (interface)


    aireplay-ng -1 0 -a (bssid) -h 00:11:22:33:44:55 -e (essid) (interface)

    The command above is were i get stuck, aircrack tutorial says to "Do not proceed to the next step until you have the fake authentication running correctly."

    The terminal comes back and states
    Sending Authentication Request (shared) [ACK]
    Authentication 1/2 successful
    Sending encrypted challenge
    Attack was unsuccessful
    Then gives me a list of reason's why it did not work.

  2. #2
    Junior Member
    Join Date
    Jan 2010
    Posts
    41

    Default Re: WEP Crack Aireplay-ng

    I dont think a fake authentication will work when AP use shared key.

  3. #3
    Member Mr-Protocol's Avatar
    Join Date
    Jan 2010
    Location
    Ohio
    Posts
    142

    Default Re: WEP Crack Aireplay-ng

    You can fake auth with an access point with WEP. It is ment to be run in another terminal, not the one running airodump. I think to "recover" WEP through just using the command line tools you will have a terminal open for Airodump, one for the fake auth, and another for injection if your card supports it. Your card may not support injection which may be why you get the list of errors. Use aireplay-ng injection test to see if your card supports it.

  4. #4
    Just burned his ISO SuspectZero's Avatar
    Join Date
    Jan 2010
    Posts
    16

    Default Re: WEP Crack Aireplay-ng

    how far are you from the ap? is the ap in the building to the left of your building or to the right?
    Take What You Can, Give Nothing Back...

  5. #5
    Senior Member lordplagueis's Avatar
    Join Date
    Jan 2010
    Location
    Virginia
    Posts
    106

    Default Re: WEP Crack Aireplay-ng

    Quote Originally Posted by kiloraw View Post
    First i must say, wonderful job on the vol. 4. I think going to Ubuntu to will be well worth it, sucks for the guru's right now, but like I said it will be worth it.

    As for my problem:
    Scenario:
    At work, trying to crack a AP WEP. I will have to do this alot more, since it will be my job to test the security of wireless AP, which will have WPA2. Trying to crack WEP now, for knowledge and seems logical. The AP has know clients, and the ESSID is not broadcasted. I decided to ask what was the AP's ESSID for my co-worker, so that I could troubleshoot, if it was a user error or not.

    Card: 3945 iwl

    airmon-ng
    airmon-ng stop (interface)
    ifconfig (interface) down
    macchanger --mac 00:11:22:33:44:55 (interface)
    airmon-ng start (interface)

    airodump-ng (interface)
    airodump-ng -c (channel) -w (file name) --bssid (bssid) (interface)


    aireplay-ng -1 0 -a (bssid) -h 00:11:22:33:44:55 -e (essid) (interface)

    The command above is were i get stuck, aircrack tutorial says to "Do not proceed to the next step until you have the fake authentication running correctly."

    The terminal comes back and states
    Sending Authentication Request (shared) [ACK]
    Authentication 1/2 successful
    Sending encrypted challenge
    Attack was unsuccessful
    Then gives me a list of reason's why it did not work.
    aireplay-ng -1 0 -e (network name) -a (access point MAC address) -h (your mac address) (monitor mode interface)

Similar Threads

  1. How to crack WPA on a cluster
    By MikeCa in forum BackTrack Howtos
    Replies: 12
    Last Post: 02-04-2011, 02:12 AM
  2. WEP Crack Aireplay-ng
    By kiloraw in forum Beginners Forum
    Replies: 3
    Last Post: 01-24-2010, 01:05 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •