Page 1 of 3 123 LastLast
Results 1 to 10 of 22

Thread: got ivs, but nothing inside..

  1. #1
    Junior Member
    Join Date
    Aug 2007
    Posts
    25

    Default got ivs, but nothing inside..

    hey guys/girls,

    i tried many hours to figure out why my airodump files are empty. i use the livecd and save ivs in /root/ but i use editor to open them and see it's nothing inside.

    i can see that i got many read packets but no recievers. i don't know if it's the dump or root direction that's wrong. any ideas? (do i have to do it right in step3?)


    cheers

  2. #2
    Member
    Join Date
    May 2007
    Posts
    138

    Default

    Erm...what "editor" are you using to view the packets?

    What codes are you using for airodump?

    What "step 3"?

    Can you see how if we actually knew what you were doing then we might be able to help you?

    So many questions, I just hope mine make a bit more sense to you than yours do to me

  3. #3
    Senior Member shamanvirtuel's Avatar
    Join Date
    Mar 2010
    Location
    Somewhere in the "Ex" human right country
    Posts
    2,988

    Default

    i hope you don't try to open ivs files in editor ???

    to simply see if a cap file contains ivs :
    ivstools --convert FILE.CAP test.ivs

    ex:
    ivstools --convert ARPAMPLI-01.cap test.ivs
    Opening ARPAMPLI-01.cap
    Creating test.ivs
    Read 39593 packets.
    Written 38291 IVs.

    this process take maybe one seconds and is useful......

    for ivs file : exemple with the previously created ivs file from my cap file

    aircrack-ng test.ivs | grep "WEP"
    1 00:1A:6B:04:9E:2F Livebox-a5a3 WEP (38291 IVs)

    (type ctrl+c for exit....)

    that's all, and it's far away the best ways i know to do such of operations,
    ...

    hope helps
    Watch your back, your packetz will belong to me soon... xD

    BackTrack :
    Giving Machine Guns to Monkeys since 2006

  4. #4
    Junior Member
    Join Date
    Aug 2007
    Posts
    25

    Default

    i pasted the link to show you the step3 but i am not allow to post links hehe.
    hxxp://ryanunderdown.com/2007/02/12/cracking-wep-using-backtrack/
    i use this code:

    airodump-ng --ivs --write /root/testme --channel 11 rausb0

    could it be the "stations" are empty? means no clients connect to Ap?
    i use "wkrite" (?) to see the content but there is nothing inside to see...


    cheers

  5. #5
    Senior Member shamanvirtuel's Avatar
    Join Date
    Mar 2010
    Location
    Somewhere in the "Ex" human right country
    Posts
    2,988

    Default

    lol it' a text editor !!!!!!!!

    you can open it in a prog called wireshark for analisys if you want or simply try the commands i gave...

    cap or ivs is not a text file.....
    Watch your back, your packetz will belong to me soon... xD

    BackTrack :
    Giving Machine Guns to Monkeys since 2006

  6. #6
    Member
    Join Date
    May 2007
    Posts
    138

    Default

    Thanks for the lesson there shaman...I've just learnt something new

    cam_oai: Firstly, I could be wrong but I think you mean Kwrite...which is a text editor, so no wonder you don't see anything!

    Secondly, airodump will automatically write files to the root folder, so you don't need to direct it to...although if you wanted it to write somewhere else then your code is technically correct, (that won't be your problem by the way, I'm just suggesting you could save typing is all).

    Could you post a copy/screenshot of your airodump capture?
    Just a text copy & paste would do...or if you have somewhere to host it then post a copy of your capture file.

    I suspect that you are capturing IVs with that code, but it's good practice to use the --bssid <AP MAC Address> in order to filter any packets that aren't from your AP as well.

    You can find a video here which documents the whole process:
    http://forums.remote-exploit.org/showthread.php?t=7633
    Just make sure you thank our master tutor afterwards though!

    Having read the tutorial you're using, it is all correct but I wouldn't bother with the Kismet bit personally...it's just extra hassle now that you've got your network's details.

    Xploitz's video uses a newer version of aircrack than comes with BT, so use the codes from your tutorial and use the video to understand the process...I'm sure you're getting IVs, (if you've followed the steps you posted), although it has nothing to do with "Step 3".

    There is also tons of info on these forums about how to do it, just do a search or read this thread: http://forums.remote-exploit.org/showthread.php?t=7939

  7. #7
    Junior Member
    Join Date
    Aug 2007
    Posts
    25

    Default

    dohhh...
    just need to see the content(if there is any in that ivs).
    stil the size is too small (4b)

    so if no clients connected, i can't get the key? no key = no ivs ?

    cheers

  8. #8
    Member
    Join Date
    May 2007
    Posts
    138

    Default

    no key = no ivs ?
    Erm...I think what you mean is "No IVs = No key"!

    Do you mind me asking about your router?

    Some models cause problems and you may need a different workaround, maybe if you could post the make and model we'll be able to help you better

  9. #9
    Junior Member
    Join Date
    Aug 2007
    Posts
    25

    Default

    Quote Originally Posted by TrialAndError View Post
    Erm...I think what you mean is "No IVs = No key"!

    Do you mind me asking about your router?

    Some models cause problems and you may need a different workaround, maybe if you could post the make and model we'll be able to help you better
    right now i try the linksys, but i can try other routers tomorrow. because i only have 1 access to linksys, that must be why i can't "see" the key.

    since i use the livecd, i have to reboot and access to windows again if i dont remember the command lines LOL.

    one think i can't get same result, that is in the aireplay, i can see it "Read 320" but not arp or sent packets.

  10. #10
    Member
    Join Date
    May 2007
    Posts
    138

    Default

    Hmmm....Linksys is usually ok.

    What model is it or can you only see it in Kismet?

Page 1 of 3 123 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •