got ivs, but nothing inside..
hey guys/girls,
i tried many hours to figure out why my airodump files are empty. i use the livecd and save ivs in /root/ but i use editor to open them and see it's nothing inside.
i can see that i got many read packets but no recievers. i don't know if it's the dump or root direction that's wrong. any ideas? (do i have to do it right in step3?)
cheers
Erm...what "editor" are you using to view the packets?
What codes are you using for airodump?
What "step 3"?
Can you see how if we actually knew what you were doing then we might be able to help you?
So many questions, I just hope mine make a bit more sense to you than yours do to me
i hope you don't try to open ivs files in editor ???
to simply see if a cap file contains ivs :
ivstools --convert FILE.CAP test.ivs
ex:
ivstools --convert ARPAMPLI-01.cap test.ivs
Opening ARPAMPLI-01.cap
Creating test.ivs
Read 39593 packets.
Written 38291 IVs.
this process take maybe one seconds and is useful......
for ivs file : exemple with the previously created ivs file from my cap file
aircrack-ng test.ivs | grep "WEP"
1 00:1A:6B:04:9E:2F Livebox-a5a3 WEP (38291 IVs)
(type ctrl+c for exit....)
that's all, and it's far away the best ways i know to do such of operations,
...
hope helps
Watch your back, your packetz will belong to me soon... xD
BackTrack : Giving Machine Guns to Monkeys since 2006
i pasted the link to show you the step3 but i am not allow to post links hehe.
hxxp://ryanunderdown.com/2007/02/12/cracking-wep-using-backtrack/
i use this code:
airodump-ng --ivs --write /root/testme --channel 11 rausb0
could it be the "stations" are empty? means no clients connect to Ap?
i use "wkrite" (?) to see the content but there is nothing inside to see...
cheers
lol it' a text editor !!!!!!!!
you can open it in a prog called wireshark for analisys if you want or simply try the commands i gave...
cap or ivs is not a text file.....
Watch your back, your packetz will belong to me soon... xD
BackTrack : Giving Machine Guns to Monkeys since 2006
Thanks for the lesson there shaman...I've just learnt something new
cam_oai: Firstly, I could be wrong but I think you mean Kwrite...which is a text editor, so no wonder you don't see anything!
Secondly, airodump will automatically write files to the root folder, so you don't need to direct it to...although if you wanted it to write somewhere else then your code is technically correct, (that won't be your problem by the way, I'm just suggesting you could save typing is all).
Could you post a copy/screenshot of your airodump capture?
Just a text copy & paste would do...or if you have somewhere to host it then post a copy of your capture file.
I suspect that you are capturing IVs with that code, but it's good practice to use the --bssid <AP MAC Address> in order to filter any packets that aren't from your AP as well.
You can find a video here which documents the whole process:
http://forums.remote-exploit.org/showthread.php?t=7633
Just make sure you thank our master tutor afterwards though!
Having read the tutorial you're using, it is all correct but I wouldn't bother with the Kismet bit personally...it's just extra hassle now that you've got your network's details.
Xploitz's video uses a newer version of aircrack than comes with BT, so use the codes from your tutorial and use the video to understand the process...I'm sure you're getting IVs, (if you've followed the steps you posted), although it has nothing to do with "Step 3".
There is also tons of info on these forums about how to do it, just do a search or read this thread: http://forums.remote-exploit.org/showthread.php?t=7939
dohhh...
just need to see the content(if there is any in that ivs).
stil the size is too small (4b)
so if no clients connected, i can't get the key? no key = no ivs ?
cheers
Erm...I think what you mean is "No IVs = No key"!no key = no ivs ?
Do you mind me asking about your router?
Some models cause problems and you may need a different workaround, maybe if you could post the make and model we'll be able to help you better
right now i try the linksys, but i can try other routers tomorrow. because i only have 1 access to linksys, that must be why i can't "see" the key.Originally Posted by TrialAndError
Erm...I think what you mean is "No IVs = No key"!
Do you mind me asking about your router?
Some models cause problems and you may need a different workaround, maybe if you could post the make and model we'll be able to help you better
since i use the livecd, i have to reboot and access to windows again if i dont remember the command lines LOL.
one think i can't get same result, that is in the aireplay, i can see it "Read 320" but not arp or sent packets.
Hmmm....Linksys is usually ok.
What model is it or can you only see it in Kismet?
Posting Permissions
