Results 1 to 8 of 8

Thread: WEP Crack Help Needed

  1. #1
    Just burned his ISO
    Join Date
    Jul 2007
    Posts
    2

    Default WEP Crack Help Needed

    Hi, I'm new to the forums, and am trying to explore other areas of CS besides java, mysql, and php.

    Let me give you guys the run-down.

    1) I have my own wireless router at my residence that I would like to experiment with.
    2) I have an Acer Aspire 5100, purchased in May 2007. Dual booted with Vista and Ubuntu 7.04.
    3) I am running Back Track 2 Final off of a CD.
    4) I am trying to follow this tutorial: simple_wep_crack located at the aircrack-ng website (I'd post the URL, under 15 posts! )


    I first enter:

    airmon-ng stop ath0

    The system responds:

    Interface Chipset Driver

    wifi0 Atheros madwifi-ng
    ath0 Atheros madwifi-ng VAP (parent: wifi0) (VAP destroyed)

    I then enter iwconfig to make sure that there are no other wireless interfaces, and there are none.

    I then enter:

    airmon-ng start wifi0 6

    Six being the channel my router is set to. I get this response:

    Interface Chipset Driver

    wifi0 Atheros madwifi-ng
    ath0 Atheros madwifi-ng VAP (parent: wifi0) (monitor mode enabled)

    So far, so good. However, when I type iwconfig, my system responds:

    lo no wireless extensions.

    wifi0 no wireless extensions.

    eth0 no wireless extensions.

    ath0 IEEE 802.11g ESSID:"" Nickname:""
    Mode:Monitor Frequency:2.437 GHz Access Point: Not-Associated
    Bit Rate:0 kb/s Tx-Power:31 dBm Sensitivity=0/3
    Retry: off RTS thr: off Fragment thr: off
    Encryption key: off
    Power Management: off
    Link Quality=0/94 Signal level=-95 dBm Noise level=-95 dBm
    Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0
    Tx excessive retries:0 Invalid misc:0 Missed beacon:0

    The setting for Access Point should be the MAC address of my wireless card. For some reason it's not showing up here, does anyone know why?

    If I disable WEP on my router, and connect freely then run iwconfig my MAC address shows when I run the iwconfig command.

    Any help is greatly appreciated, and I look forward to my time here on the forums!

  2. #2
    Junior Member
    Join Date
    Jul 2007
    Posts
    47

    Default

    As a quick test, try running the airmon-ng start wifi0 command again and start up another virtual adaptor, see if this one looks correct.

  3. #3
    Member
    Join Date
    Apr 2007
    Posts
    163

    Default

    The setting for Access Point should be the MAC address of my wireless card.
    who said that? you only got a wireless card monitoring the channel 6. as far as i can see, this is correct.
    The answer is 42.

  4. #4
    Moderator theprez98's Avatar
    Join Date
    Jan 2010
    Location
    Maryland
    Posts
    2,533

    Default

    Quote Originally Posted by shlumph View Post
    The setting for Access Point should be the MAC address of my wireless card. For some reason it's not showing up here, does anyone know why?
    What you're seeing is correct; your atheros card is set to monitor mode on channel 6. That's all you told it to do. To change the settings for this card, you'd have to do it manually with the iwconfig command, but that's not necessary at this point if you're cracking WEP.
    "\x74\x68\x65\x70\x72\x65\x7a\x39\x38";

  5. #5
    Just burned his ISO
    Join Date
    Jul 2007
    Posts
    2

    Default

    Quote Originally Posted by theprez98 View Post
    What you're seeing is correct; your atheros card is set to monitor mode on channel 6. That's all you told it to do. To change the settings for this card, you'd have to do it manually with the iwconfig command, but that's not necessary at this point if you're cracking WEP.
    That seems logical, thanks for your insight. So, when I'm associating my MAC with my AP's MAC, I can use my MAC that I see when I'm already connected to my AP when it's security is off? ...I hope that was clear.

    For example, my next step would be the command:


    aireplay-ng -1 0 -e shlumph -a F1:F2:F3:F4:F5:F6 -h 00:01:02:03:04:05 ath0


    00:01:02:03:04:05 being my MAC that I see when I'm connected to my open network. And F1:F2:F3:F4:F5:F6 being my AP's MAC.

    However, I get the error:

    ioctl(SIOCGIFINDEX) failed: No such device


    At face value, to me, this could mean two things. I'm too far from my router (I know the MAC is right because it's on a sticker right on the router, and in kismet), OR I'm entering the wrong MAC for my laptop. I'm copying the exact address of my laptop from when I'm connected to the open network, though.

    Any ideas as to why this error is showing up? Even if I try setting my address through macchanger beforehand, the same error appears.

  6. #6
    Moderator theprez98's Avatar
    Join Date
    Jan 2010
    Location
    Maryland
    Posts
    2,533

    Default

    Quote Originally Posted by shlumph View Post
    That seems logical, thanks for your insight. So, when I'm associating my MAC with my AP's MAC, I can use my MAC that I see when I'm already connected to my AP when it's security is off? ...I hope that was clear.

    For example, my next step would be the command:


    aireplay-ng -1 0 -e shlumph -a F1:F2:F3:F4:F5:F6 -h 00:01:02:03:04:05 ath0


    00:01:02:03:04:05 being my MAC that I see when I'm connected to my open network. And F1:F2:F3:F4:F5:F6 being my AP's MAC.
    I don't understand what you're trying to do. If you have an open network, there is no need to crack WEP. If you're trying to crack WEP, you can't do it on an open network, and being associated/connected with an open network would mean your card is in managed mode and won't be able to inject.
    "\x74\x68\x65\x70\x72\x65\x7a\x39\x38";

  7. #7
    Member
    Join Date
    Oct 2006
    Posts
    130

    Default

    Quote Originally Posted by shlumph View Post
    However, I get the error:

    ioctl(SIOCGIFINDEX) failed: No such device


    At face value, to me, this could mean two things. I'm too far from my router (I know the MAC is right because it's on a sticker right on the router, and in kismet), OR I'm entering the wrong MAC for my laptop. I'm copying the exact address of my laptop from when I'm connected to the open network, though.

    Any ideas as to why this error is showing up? Even if I try setting my address through macchanger beforehand, the same error appears.

    Why ath0?? Read your commands you posted.

  8. #8
    Senior Member PrairieFire's Avatar
    Join Date
    Apr 2007
    Posts
    705

    Default

    Results using your commands:
    Code:
    bt ~ # airmon-ng stop ath0
    
    
    Interface       Chipset         Driver
    
    wifi0           Atheros         madwifi-ng
    ath0            Atheros         madwifi-ng VAP (parent: wifi0) (VAP destroyed)
    
    bt ~ # airmon-ng start wifi0 1
    
    
    Interface       Chipset         Driver
    
    wifi0           Atheros         madwifi-ng
    ath0            Atheros         madwifi-ng VAP (parent: wifi0) (monitor mode enabled)
    
    bt ~ # iwconfig
    lo        no wireless extensions.
    
    eth0      no wireless extensions.
    
    wifi0     no wireless extensions.
    
    ath0      IEEE 802.11g  ESSID:""  Nickname:""
              Mode:Monitor  Frequency:2.412 GHz  Access Point: 00:11:22:33:44:55
              Bit Rate:0 kb/s   Tx-Power:31 dBm   Sensitivity=0/3
              Retry:off   RTS thr:off   Fragment thr:off
              Encryption key:off
              Power Management:off
              Link Quality=0/94  Signal level=-96 dBm  Noise level=-96 dBm
              Rx invalid nwid:0  Rx invalid crypt:0  Rx invalid frag:0
              Tx excessive retries:0  Invalid misc:0   Missed beacon:0
    
    bt ~ # aireplay-ng -1 0 -e "M.A.D." -a 55:44:33:22:11:00 -h 00:11:22:33:44:55 ath0
    15:32:25  Waiting for beacon frame (BSSID: 55:44:33:22:11:00)
    15:32:26  Sending Authentication Request
    15:32:26  Authentication successful
    15:32:26  Sending Association Request
    15:32:26  Association successful :-)
    bt ~ #
    Now testing wrong NIC mac:
    Code:
    bt ~ # aireplay-ng -1 0 -e "M.A.D." -a 55:44:33:22:11:00 -h 00:11:22:33:44:54 ath0
    The interface MAC (00:11:22:33:44:55) doesn't match the specified MAC (-h).
            ifconfig ath0 hw ether 00:11:22:33:44:54
    15:36:35  Waiting for beacon frame (BSSID: 55:44:33:22:11:00)
    15:36:36  Sending Authentication Request
    15:36:36  Authentication successful
    15:36:36  Sending Association Request
    15:36:37  Association successful :-)
    bt ~ #
    Testing Wrong AP Mac:
    Code:
    bt ~ # aireplay-ng -1 0 -e "M.A.D." -a 55:44:33:22:11:01 -h 00:11:22:33:44:55 ath0
    15:39:01  Waiting for beacon frame (BSSID: 55:44:33:22:11:01)
    15:39:03  No such BSSID available.
    15:39:03  Sending Authentication Request
    15:39:05  Sending Authentication Request
    15:39:07  Sending Authentication Request
    15:39:09  Sending Authentication Request
    15:39:11  Sending Authentication Request
    15:39:13  Sending Authentication Request
    15:39:15  Sending Authentication Request
    
    Attack was unsuccessful. Possible reasons:
    
        * Perhaps MAC address filtering is enabled.
        * Check that the BSSID (-a option) is correct.
        * Try to change the number of packets (-o option).
        * The driver/card doesn't support injection.
        * This attack sometimes fails against some APs.
        * The card is not on the same channel as the AP.
        * You're too far from the AP. Get closer, or lower
          the transmit rate.
    
    bt ~ #
    Conclusion: Something else is wrong.
    Μολὼν λαβέ - Great spirits encounter heavy opposition from mediocre minds.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •