A few problems with Backtrack

[Stikky]

Hey all.

So I'm new, obviously, and I know I'm gonna be one of those annoying people who posts a million questions on their first post so I apologise in advance, please don't kill me!

I'm new to everything, to be honest, I was a windows user all my life until recently (semi) switching to Linux. I still have windows on my desktop but my laptop runs Ubuntu 7.10 now (was trying to get it to dual boot but yeah, apparently Ubuntu had other ideas and wiped my HD) so I am slowly getting used to it. I was reading about backtrack and decided to try some experiements on my home router (running 128bit WEP encryption) and have so far been unable to get anywhere near cracking it..

I have an old VIAO laptop and the wireless adapter is an ipw2100, according to iwconfig and, as far as I know, it does not support packet injection. This sucks, addmitadly, and (for realism) I have not been using my wireless network anymore than I normally would and have got nowhere near the required number of IVs to crack 128bit encryption. I can get like 1000, if I'm lucky, in a 24hr period but it's been as low as 100.. Pretty lame. So what is my question? Well, the same as everyone's, I guess:

Why are there so few IVs?
How can I get more without packet injection?
Is a --deauth attack the same as packet injection? (I.e. if my card doesnt inject, will it not --deauth either?)
If I were to upgrade my wireless card, which chipset is the best, atheros? Prism?
How hard is it to change a miniPCI card in a laptop? I'd rather not have a PCMCIA card sticking out..
Will USB adapters work? I read somewhere they don't.

That's about it for the wireless/cracking questions, but I do have another little story relating to backtrack that confuses me a bit, maybe someone could shed some light?

I tried to install backtrack onto a USB stick (2gb SanDisk Cruzer Micro) which I bought specially, I wanted to save my capture files and generally use it as a normal Linux distro so I followed the instructions and it didnt work. At all. It copied about 5mb of data onto my USB stick (using the backtrack installer from the live CD and /boot as the source) and that was it. Didn't work at all. That's fine, I deleted all the partitions to try again and now my 2gb stick is showing only as 50mb!!! No matter what I do, it ONLY shows up as 50mb (the first partition that the instructions made me make was 50mb) and I can't get my remaining memory back! I would still like it on a USB stick, ideally, but if that's not possible, I'd like my 2 gig back . Any help would be appreciated!

Thanks in advance and sorry again for coming in and asking a million questions..

Stikky

[Stikky]

Ok, so, I got an overwhelming response to my last thread (no one replied ) and thought I'd try my luck again, allow me to explain..

My last thread, I realize, didnt really ask any specific questions or identify any specific problems I have so I figured I'd try again, this time asking a specific question about the wep_crack program (or script, I dont really know the difference) because I decided to try something different...

I tried using wep_crack since my card doesnt inject (I don't think) and I didnt have a wordlist handy so I just used a -b attack on my Kismet dump file to see what I could get.. The thing is, I live in an appartment complex and there are lots of routers around, not just mine, and the output I got was this:

Code:

bt wep_tools # ./wep_crack -b /root/Kismet-Nov-05-2007-1.dump
success: seed 0x001a1009,  [generated by aaaahq{a]
wep key 1: 35 71 00 be b9
wep key 2: d9 32 28 b2 84
wep key 3: ac 8a 5d 4f 26
wep key 4: ca d8 6e 55 d5
428042 guesses in 1.34 seconds:  320210.95 guesses/second

So I don't know what to make of this. What does it mean? Why do I have 4 keys? None of them are my key so who's keys are they and how do I find out which network they belong to? Also, did it really guess someone's key in 1.34 seconds? If so, why do people bother with the packet injection and all that stuff? 1.34 seconds is MUCH faster than you can get with the aircrack suite!

One final question; how do I make it select ONLY my network to crack? I know there's a -n option and it says that's the "network number" but I dont know what that means, how do I know which number my network is?

Thanks in advance, I hope someone answers this time!!
Stikky

P.s. If anyone's wondering about my 2gb flash drive, i fixed that too, I downloaded gparted (only 50mb?! Awesome!) and it BLEW partition magic out of the water, it really did, it is a fantastic tool and it fixed it right up..

[balding_parrot]

Ok, so, I got an overwhelming response to my last thread (no one replied ) and thought I'd try my luck again, allow me to explain..

Do Not Start Another Thread When You Already Have One Asking The Same Thing.

So now both threads are now merged.

GIVE PEOPLE A CHANCE TO ANSWER

[Stikky]

Do Not Start Another Thread When You Already Have One Asking The Same Thing.

So now both threads are now merged.

GIVE PEOPLE A CHANCE TO ANSWER

Sorry, balding_parrot My bad.. Thanks for merging them, I won't do it again!!

[bitza]

Stikky, I am a newbie too, but I can answer at least one of your questions: yes, you can use an USB adapter. I in fact am at the second one in two months, an Alfa AWUS 036H.
I will recommend this one for it extreme sensitivity. I get around 12db more than with the previous one (a Minitar), which was already better than my old DELL PCMCIA adapter. You will need two USB ports, though, as it's transmit power is also extremely high (~500mW). But you can reach far more AP's with it.
The chipset is realtek rtl8187, which is perfectly supported with BT2.due to it's performance,it's price is higher than average USB adapters.
You can also use the alfa awus036s, which is cheaper, chipset ralink RT2500. Both feature an external RP-SMA connector, where you can plug the provided rubber ducky, or an external directive antenna (I am an antenna freak, experimenting with different designs!)
You can also consider the TP link WN321G, chipset Ralink RT2571WF
Hope this heps!