Results 1 to 2 of 2

Thread: When watching for packets to ARP replay, is it necessary that..

  1. #1
    Just burned his ISO
    Join Date
    Jun 2007
    Posts
    1

    Default When watching for packets to ARP replay, is it necessary that..

    ..The following flags are:

    FromDS = 0
    ToDS = 1


    I'm just wondering if these packets occur "Naturally" - I'm having a go at busting the WEP on an AP that has one connected client, and seemingly low activity.. I left aireplay going overnight, filtering for ARP packets that matched the above criteria (along with the other criteria of bssid = ap mac, source mac = client mac, dest mac = ffff...) and not one packet in 2.5 million fitted the criteria.. I'm just wondering if I got the criteria wrong, because a packet that is:

    FromDS = 1
    ToDS = 0
    BSSID = AP MAC
    SourceMAC = client MAC
    DestMAC = ffff....

    Happens along every ten seconds or so..

    I so far havent succeeded in carrying out a deauth, and I think it may be because I'm using an Intel Centrino 2915/2200 card.. Aireplay says these cards cannot be used for deauth attacks..

    So.. if I leave the laptop watching and waiting, will the packet that I want happen along at some point in time?

    Tia

  2. #2
    Member Eristic's Avatar
    Join Date
    Aug 2006
    Posts
    188

    Default

    Quote Originally Posted by cjard View Post
    ..The following flags are:

    FromDS = 0
    ToDS = 1


    I'm just wondering if these packets occur "Naturally" - I'm having a go at busting the WEP on an AP that has one connected client, and seemingly low activity.. I left aireplay going overnight, filtering for ARP packets that matched the above criteria (along with the other criteria of bssid = ap mac, source mac = client mac, dest mac = ffff...) and not one packet in 2.5 million fitted the criteria.. I'm just wondering if I got the criteria wrong, because a packet that is:

    FromDS = 1
    ToDS = 0
    BSSID = AP MAC
    SourceMAC = client MAC
    DestMAC = ffff....

    Happens along every ten seconds or so..

    I so far havent succeeded in carrying out a deauth, and I think it may be because I'm using an Intel Centrino 2915/2200 card.. Aireplay says these cards cannot be used for deauth attacks..

    So.. if I leave the laptop watching and waiting, will the packet that I want happen along at some point in time?

    Tia

    I may not understand what you are saying, but did you say that Aireplay says that your card cannot be used for a deautho attack, and you're trying to do a deauth attack? Did they mean you cannot inject with that card? If that's the case, how do you expect to do a replay? Hmm...


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •