Results 1 to 3 of 3

Thread: airodump saves only one cap file of wpa handshake

Hybrid View

  1. #1
    Just burned his ISO
    Join Date
    Aug 2007
    Posts
    7

    Default airodump saves only one cap file of wpa handshake

    Hallo,

    I tried to get the WPA Key from my AP where a client is connected.
    After running aireplay deauth attack, airodump shows that the WPA handshake was captured.
    I used this command:
    airodump-ng -c 11 -w psk --bssid apmac wlan0
    But there is only one cap file called psk-01.cap, I think there have to be 4 cap files?
    So the dictionary attack with aircrack-ng and the right passphrase in the dict failed.
    Why is there only one cap file?

  2. #2
    Senior Member
    Join Date
    Apr 2007
    Posts
    3,385

    Default

    Cause thats all it takes!

    If you look at my WPA/WPA2 video thread...you'll see that certain versions of aircrack fail to detect special characters..spaces..Capital letters..use my video thread and download the version of aircrack-ng I used when I made the video. You can verify your capture with wireshark...



    Just a helpful wireshark filter hint....

    to view only your EAPOL handshake(s) type this in the display filters

    The filter for WPA2 is eapol.keydes.type == 2

    and for WPA its eapol.keydes.type == 254

    Type in the bolded text above EXACTLY spaces and all to get the filters working.This will quickly tell you if there are any handshakes or all 4 handshakes in the file.
    [CENTER][FONT=Book Antiqua][SIZE=5][B][COLOR=blue][FONT=Courier New][COLOR=red]--=[/COLOR][/FONT]Xploitz[FONT=Courier New][COLOR=red]=--[/COLOR][/FONT][/COLOR][/B][/SIZE][/FONT][FONT=Courier New][COLOR=Black][SIZE=6][B] ®[/B][/SIZE][/COLOR][/FONT][/CENTER]
    [CENTER][SIZE=4][B]Remote-Exploit.orgs Master Tutorialist.[/B][/SIZE][SIZE=6][B]™
    [/B][/SIZE]
    [URL="http://forums.remote-exploit.org/showthread.php?t=9063"][B]VIDEO: Volume #1 "E-Z No Client WEP Cracking Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=7872"][B]VIDEO: Volume #2 "E-Z No Client Korek Chopchop Attack Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=8230"][B]VIDEO: Volume #3 "E-Z WPA/WPA2 Cracking Tutorial"[/B][/URL]

    [URL="http://forums.remote-exploit.org/showthread.php?t=8041"][B]VIDEO: Volume #4 "E-Z Cracking WPA/WPA2 With Airolib-ng Databases"[/B][/URL]
    [/CENTER]

  3. #3
    Just burned his ISO
    Join Date
    Aug 2007
    Posts
    7

    Default

    thanks for your hint, I tried wireshark and it shows actually 4 handshakes.
    The right passphrase is in the dictionary but the attack with aireplay-ng 0.9 failed. But why? The AP has the newest firmware, could it be that the AP is patched for the dictionary attack?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •