So I'm trying to crack my own AP following a newbie guide that someone else posted earlier. I'm trying to figure out why I can't seem to get any ARP requests...maybe someone can tell me what I'm doing wrong here. Here's what I've done so far.
1. Fire up Kismet, find my AP "Linksys", press ENTER to get the BSSID
2. Go back to the main screen of Kismet, press "C" to see connected clients, grab one of the MAC addresses
3. Store the BSSID in a variable (Export AP=00:11:22:33:44:55)
4. Store the Client MAC in a variable (Export MAC="66:77:88:99:00:11)
5. Fire up airodump using the following command
airodump-ng -w capture -c 6 -a $AP ath16. Start another Konsole screen, store the variables again, and get the DeAuth attack ready using the following command:
aireplay-ng -e Linksys -a $AP -c $MAC --deauth 10 ath17. Start another Konsole screen, store the variables again, execute the following command:
aireplay-ng --arpreplay -b $AP -h $MAC ath1*I get something that says "The interface MAC (some MAC) doesn't math the specified MAC (-h).
Finally, I execute the previous DeAuth command.
The Konsole reading the packets gives notices that read "Notice: got a deauth/disassoc packet. Is the source MAC associated?". It goes right on reading the packets. It's been a little over half an hour to 45 minutes and about 60k packets have been read but still 0 ARP requests.
Any ideas? Thanks!!