how to begin surfing after associating with aireplay-ng

[rugebiker]

Hi, I am watching some good tutorials, and I turned on MAC filer in my router. I am doing some testing about bypassing the MAC filter with aireplay-ng like this: aireplay-ng --fakeauth 10 -e MYSSID -h FAKEISSD mon0 , so after it says Association successfull ;-) , how can I begin browsing the web? I tried to request an ip with dhcpd wlan0 but it just timed out and didn't give me an ip. I also looked on the forums and on google and I didn't find an answer for this. So the question is, after the association, what do I need to do so I can start using the web?

Thanks in advance.

[shadowzero]

I think you might be a little confused. If you already have a valid MAC address that's recognized by the access point, you can just assign that to your network card, and provided you have the WEP/WPA key (or the access point doesn't use them), you can request an IP from the access point.

The fake auth attack just associates your MAC address with the access point so you can launch further attacks to try to crack the WEP/WPA key.

[cgelici]

shadowzero is right.

If I were you I would setup another client (e.g. smartphone) with a MAC that is not blacklisted in the filter. Then use aireplay to de-auth that MAC and use macchanger to change your own MAC into the smartphone's MAC. Then you should be able to connect...

[rugebiker]

so I already tried changing the MAC and it worked! Thanks for that. Also I want to ask, when you associate to the AP with aireplay-ng, you cannot just ask for an ip (e.j. dhcpd wlan0 )? so you just associate to crack the WEP/WPA?
thanks

[cgelici]

You use aireplay-ng --fakeauth to associate with the AP. This is needed for the attacks that follow after like chopchop and fragment attacks. These attacks are required for the cracking process.

You can connect to the AP when you have successfully obtained the key, be it WEP or WPA/2. If when connecting you don't automatically get an IP you can try to use "dhclient" to request one.

[shadowzero]

From the fake authentication documentation:

The fake authentication attack allows you to perform the two types of WEP authentication (Open System and Shared Key) plus associate with the access point (AP). This is only useful when you need an associated MAC address in various aireplay-ng attacks and there is currently no associated client.

Fake authentication doesn't mean you've faked the WEP key and are now authenticated with the access point. It's simply used as a stepping stone to further attacks.

[rugebiker]

oo okok got it, so it is just like a tool for some other hacking processes. Thank you very much.