Page 1 of 2 12 LastLast
Results 1 to 10 of 17

Thread: Trouble capturing IVs

  1. #1
    Junior Member
    Join Date
    May 2007
    Posts
    60

    Default Trouble capturing IVs

    I am having trouble capturing enough IVs.

    I set up airodump to capture IVs from a certain AP.

    Then I started aireplay and then deauth. Aireplay says that it is capturing the ARPs (got up to about 40 or 50) and it is saying "123342 packets sent."

    However, when I look back at airodump, its only raising the IVs about 10 every 5 minutes! Shouldnt it be faster than that?

    I got up to about 200 IVs after 15 minutes. Any ideas? Am I doing something wrong or does it usually take this long one aireplay is replaying the ARP requests?

    THanks

  2. #2
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default

    If theres a client connected I dont even deauth. Just run the aireplay 3 attack untill you capture a packet. your ivs should increase dramaticly. couple of things ive noticed though. 1.kismet and airo dump do not like to work together. 2-leetmode slows down injection for whatever reason. 3-unless you lock airodump the the specific channel it will bogg out after a while and lose all data.

    4-try using aircrack-ptw. I can crack my 64 bit key with 20-30,000 ivs instead of 250,000 like with aircrack-ng

  3. #3
    Junior Member
    Join Date
    May 2007
    Posts
    60

    Default

    What do you mean run aircrack 3? I am running airodump-ng, then aireplay-ng with the --arpreplay tag, then aireplay-ng with the --deauth tag, then aircrack-ng.

    ALSO, under the "compatible cards list" on the Backtrack site, it says this for my MiniPCI:

    IPW3945

    * Driver : IPW3945
    * Special Notes : Enable the drivers via KDE menu or cd /usr/src/drivers/ipw3945-1.2.0/ && ./load
    * Special Notes : Enters monitor mode, but cannot inject
    * Special Notes : You may need to start the image with "bt irqpoll" Good way to tell: you see what looks like function call backtraces on startup and the suggestion to run "bt irqpoll" scrolls by pretty fast. Check your dmesg for more details if it scrolls too fast for you.

    What will it do if I type bt irqpoll? Will that help? Is it not working because it can't "inject"?

    Thanks in advance

  4. #4
    Member
    Join Date
    Oct 2006
    Posts
    130

    Default

    Move closure to your router. If you can't.... Quite cracking someones AP, It's illegal

  5. #5
    Moderator theprez98's Avatar
    Join Date
    Jan 2010
    Location
    Maryland
    Posts
    2,533

    Default

    Quote Originally Posted by bound4h View Post
    I am having trouble capturing enough IVs.

    I set up airodump to capture IVs from a certain AP.

    Then I started aireplay and then deauth. Aireplay says that it is capturing the ARPs (got up to about 40 or 50) and it is saying "123342 packets sent."

    However, when I look back at airodump, its only raising the IVs about 10 every 5 minutes! Shouldnt it be faster than that?

    I got up to about 200 IVs after 15 minutes. Any ideas? Am I doing something wrong or does it usually take this long one aireplay is replaying the ARP requests?

    THanks
    200 IVs in 15 minutes is nothing more than normal internet traffic. In fact, it seems like less. The simple answer to this seems to me that you're not injecting properly.
    "\x74\x68\x65\x70\x72\x65\x7a\x39\x38";

  6. #6
    Junior Member
    Join Date
    May 2007
    Posts
    60

    Default

    A) I am cracking my own AP.

    B) From the notes I posted, it looks like the IPW3945 has problems injecting.


    Any ideas?

  7. #7
    Moderator theprez98's Avatar
    Join Date
    Jan 2010
    Location
    Maryland
    Posts
    2,533

    Default

    Quote Originally Posted by bound4h View Post
    A) I am cracking my own AP.

    B) From the notes I posted, it looks like the IPW3945 has problems injecting.


    Any ideas?
    Yes. Get a supported card!
    "\x74\x68\x65\x70\x72\x65\x7a\x39\x38";

  8. #8
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default

    why would you think your card will inject when the wiki of the site that created the backtrack cd says"* Special Notes : Enters monitor mode, but cannot inject"

  9. #9
    Junior Member
    Join Date
    May 2007
    Posts
    60

    Default

    Found those special notes a little too late.

  10. #10
    Moderator theprez98's Avatar
    Join Date
    Jan 2010
    Location
    Maryland
    Posts
    2,533

    Default

    Quote Originally Posted by bound4h View Post
    Found those special notes a little too late.
    Well, at least you know now why it wasn't working. And knowing is half the battle...
    "\x74\x68\x65\x70\x72\x65\x7a\x39\x38";

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •