Page 1 of 2 12 LastLast
Results 1 to 10 of 15

Thread: I get no ARP requests

  1. #1
    Just burned his ISO
    Join Date
    Nov 2007
    Posts
    7

    Exclamation I get no ARP requests

    Hello,

    im from germany. this is the reason why my english is very bad...

    my problem:

    i configuered my network card and set it up
    (
    wlanconfig ath create wlandev wifi0 wlanmode monitor
    ifconfig ath1 up
    )

    then i began to capture replies with airodump
    (
    airpdump-ng -c 6 -w test -i ath1
    )
    all is ok, i get the AP with 40 PWR and 100 RXQ

    then i want to get arp requests with aireplay-ng, but first i send fake auth to test wheather its successfull
    (
    aireplay-ng -1 0 -e AP-NAME -a AP-MAC -h MY MAC ath1
    => the answer is: Association successfull !
    )
    so i thought i can begin to get ARP requests to crack the WEP Key

    (
    aireplay-ng -3 -b AP-MAC -h MY MAC ath1
    )
    => but theres the problem
    it reads thousands of packets but get 0 ARP requests and sents 0 packets!
    how could this be ?


    in between i had to change my mac, because aireplay said, that "The interface MAC (xxxxx) doesn't match the specified MAC (-h). ifconfig ath1 hw ether xxxx" but these two macs had no big difference, only the second digit was different. what else - i changed it, and the message never came again!


    slowly I fall into despair - i hope u can help me

  2. #2
    Senior Member
    Join Date
    Apr 2007
    Posts
    3,385

    Default

    Watch my video thats stickied in the tutorial section...and all your problems will go away.


    Quote Originally Posted by crunkymunky View Post
    in between i had to change my mac, because aireplay said, that "The interface MAC (xxxxx) doesn't match the specified MAC (-h). ifconfig ath1 hw ether xxxx" but these two macs had no big difference, only the second digit was different. what else - i changed it, and the message never came again!


    slowly I fall into despair - i hope u can help me

    That message means that your -h mac isn't your cards mac address. They MUST MATCH!!
    Put your cards real mac address in the -h option or use macchanger --mac 00:11:22:33:44:55 wifi0

    [CENTER][FONT=Book Antiqua][SIZE=5][B][COLOR=blue][FONT=Courier New][COLOR=red]--=[/COLOR][/FONT]Xploitz[FONT=Courier New][COLOR=red]=--[/COLOR][/FONT][/COLOR][/B][/SIZE][/FONT][FONT=Courier New][COLOR=Black][SIZE=6][B] ®[/B][/SIZE][/COLOR][/FONT][/CENTER]
    [CENTER][SIZE=4][B]Remote-Exploit.orgs Master Tutorialist.[/B][/SIZE][SIZE=6][B]™
    [/B][/SIZE]
    [URL="http://forums.remote-exploit.org/showthread.php?t=9063"][B]VIDEO: Volume #1 "E-Z No Client WEP Cracking Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=7872"][B]VIDEO: Volume #2 "E-Z No Client Korek Chopchop Attack Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=8230"][B]VIDEO: Volume #3 "E-Z WPA/WPA2 Cracking Tutorial"[/B][/URL]

    [URL="http://forums.remote-exploit.org/showthread.php?t=8041"][B]VIDEO: Volume #4 "E-Z Cracking WPA/WPA2 With Airolib-ng Databases"[/B][/URL]
    [/CENTER]

  3. #3
    Just burned his ISO
    Join Date
    Nov 2007
    Posts
    7

    Default

    Quote Originally Posted by -=Xploitz=- View Post
    Watch my video thats stickied in the tutorial section...and all your problems will go away.


    That message means that your -h mac isn't your cards mac address. They MUST MATCH!!
    Put your cards real mac address in the -h option or use macchanger --mac 00:11:22:33:44:55 wifi0

    I will watch your Video
    And i already changed the mac address with macchanger and then there is no message anymore ...but it doesnt work (i get no ARP requests!)

  4. #4
    Just burned his ISO
    Join Date
    Nov 2007
    Posts
    7

    Default

    there is an screenshot before changin the mac - but the only difference is that the mesage "the interface mac......" is away ^^

    xup.raidrush.ws/view.php?id=fae9b8da3d8e65903713cf0dbac5f

  5. #5
    Senior Member
    Join Date
    Apr 2007
    Posts
    3,385

    Default

    Ok...in airodump screenshot...see the connected client?? Why are you using that clients MAC address?? You dont do that.

    USE YOUR CARDS MAC ADDRESS after the -h option

    NOT THE CONNECTED CLIENTS!!!

    ONLY USE A CONNECTED CLIENT..if....

    your deauthing a connected client to generate an arp...or trying to capture a WPA/WPA2 4-way handshake.



    aireplay-ng -0 1 -a 00:14:6C:7E:40:80 -c 00:0F:B5:34:30:30 ath0 Where:
    • -0 means deauthentication
    • 1 is the number of deauths to send (you can send muliple if you wish); 0 means send them continuously
    • -a 00:14:6C:7E:40:80 is the MAC address of the access point
    • -c 00:0F:B5:34:30:30 is the MAC address of the client to deauthenticate; if this is omitted then all clients are deauthenticated
    • ath0 is the interface name
    then you can use aireplay -3 -b APMAC -h CLIENTMAC ath0



    But I'm telling you how to do it the "client-less" way. IT DOESN'T MATTER if a client is connected or not..my way works for both connected clients and a client-less environment. My way uses a clients connection to feed you the ARP's its sending between it and the AP / router. Or if its client-less...it waits for the AP / router to spit out an ARP request...then it captures it and resends it to the AP / router several times. (Injection)
    [CENTER][FONT=Book Antiqua][SIZE=5][B][COLOR=blue][FONT=Courier New][COLOR=red]--=[/COLOR][/FONT]Xploitz[FONT=Courier New][COLOR=red]=--[/COLOR][/FONT][/COLOR][/B][/SIZE][/FONT][FONT=Courier New][COLOR=Black][SIZE=6][B] ®[/B][/SIZE][/COLOR][/FONT][/CENTER]
    [CENTER][SIZE=4][B]Remote-Exploit.orgs Master Tutorialist.[/B][/SIZE][SIZE=6][B]™
    [/B][/SIZE]
    [URL="http://forums.remote-exploit.org/showthread.php?t=9063"][B]VIDEO: Volume #1 "E-Z No Client WEP Cracking Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=7872"][B]VIDEO: Volume #2 "E-Z No Client Korek Chopchop Attack Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=8230"][B]VIDEO: Volume #3 "E-Z WPA/WPA2 Cracking Tutorial"[/B][/URL]

    [URL="http://forums.remote-exploit.org/showthread.php?t=8041"][B]VIDEO: Volume #4 "E-Z Cracking WPA/WPA2 With Airolib-ng Databases"[/B][/URL]
    [/CENTER]

  6. #6
    Just burned his ISO
    Join Date
    Nov 2007
    Posts
    7

    Default

    Quote Originally Posted by -=Xploitz=- View Post
    Ok...in airodump screenshot...see the connected client?? Why are you using that clients MAC address?? You dont do that.

    USE YOUR CARDS MAC ADDRESS after the -h option

    NOT THE CONNECTED CLIENTS!!!

    ONLY USE A CONNECTED CLIENT..if....

    your deauthing a connected client to generate an arp...or trying to capture a WPA/WPA2 4-way handshake.



    aireplay-ng -0 1 -a 00:14:6C:7E:40:80 -c 00:0F:B5:34:30:30 ath0 Where:
    • -0 means deauthentication
    • 1 is the number of deauths to send (you can send muliple if you wish); 0 means send them continuously
    • -a 00:14:6C:7E:40:80 is the MAC address of the access point
    • -c 00:0F:B5:34:30:30 is the MAC address of the client to deauthenticate; if this is omitted then all clients are deauthenticated
    • ath0 is the interface name
    then you can use aireplay -3 -b APMAC -h CLIENTMAC ath0



    But I'm telling you how to do it the "client-less" way. IT DOESN'T MATTER if a client is connected or not..my way works for both connected clients and a client-less environment. My way uses a clients connection to feed you the ARP's its sending between it and the AP / router. Or if its client-less...it waits for the AP / router to spit out an ARP request...then it captures it and resends it to the AP / router several times. (Injection)
    i think u misunderstand me ^^ (or i misunderstand u^^)
    the connected client is my notebook - the entry in airpdump comes because of the fake auth of aireplay. there is another connected client (u cant it see on the screenshot) its my computer - and the AP is my router... and the mac adress after -h is the mac adress of my notebook (now changed with macchanger)

  7. #7
    Just burned his ISO
    Join Date
    Nov 2007
    Posts
    7

    Default

    yes u are right - germany banned "hacker tools", but this is no barrier for me.

    i think u misunderstood me. my computer is connected to the router and i try to get the wep key with my notebook. i've got 2 "machines". one of the connected clients is my computer, and my computer is already online.
    its clear, that i cannot be in managed and monitor mode at the same time.

    i watched your video - and i made everything same then u, but it only worked, when I changed my mac address to the mac address from my computer.

    how could this be?
    when i change my mac to the same mac which the computer has, i get ARPs (the computer disconnects from the router), but when I change my mac the another mac (f.e. 00:11:22:33:44:55) than i get no ARP requests.

    I made everything same than u your video!

  8. #8
    Senior Member
    Join Date
    Apr 2007
    Posts
    3,385

    Default

    After much consideration and with speaking with a fellow colleague ...

    I must regret to inform you that I and the members of this forum can no longer offer you any help. You may not be aweare of this..but German law has banned the use of any hacking tools..this includes BT2. If we help you..we are just as guilty of this crime as you. I know it may not necessarily be fair...but it is the law..and I / we will adhere to its law..no matter how "unfair" it may be.

    I'm sorry. And I hope you understand our position.




    Please see this thread and its links for verification.


    http://forums.remote-exploit.org/sho...hlight=germany
    [CENTER][FONT=Book Antiqua][SIZE=5][B][COLOR=blue][FONT=Courier New][COLOR=red]--=[/COLOR][/FONT]Xploitz[FONT=Courier New][COLOR=red]=--[/COLOR][/FONT][/COLOR][/B][/SIZE][/FONT][FONT=Courier New][COLOR=Black][SIZE=6][B] ®[/B][/SIZE][/COLOR][/FONT][/CENTER]
    [CENTER][SIZE=4][B]Remote-Exploit.orgs Master Tutorialist.[/B][/SIZE][SIZE=6][B]™
    [/B][/SIZE]
    [URL="http://forums.remote-exploit.org/showthread.php?t=9063"][B]VIDEO: Volume #1 "E-Z No Client WEP Cracking Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=7872"][B]VIDEO: Volume #2 "E-Z No Client Korek Chopchop Attack Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=8230"][B]VIDEO: Volume #3 "E-Z WPA/WPA2 Cracking Tutorial"[/B][/URL]

    [URL="http://forums.remote-exploit.org/showthread.php?t=8041"][B]VIDEO: Volume #4 "E-Z Cracking WPA/WPA2 With Airolib-ng Databases"[/B][/URL]
    [/CENTER]

  9. #9
    Just burned his ISO
    Join Date
    Nov 2007
    Posts
    7

    Default

    my post

    yes u are right - germany banned "hacker tools", but this is no barrier for me.

    i think u misunderstood me. my computer is connected to the router and i try to get the wep key with my notebook. i've got 2 "machines". one of the connected clients is my computer, and my computer is already online.
    its clear, that i cannot be in managed and monitor mode at the same time.

    i watched your video - and i made everything same then u, but it only worked, when I changed my mac address to the mac address from my computer.

    how could this be?
    when i change my mac to the same mac which the computer has, i get ARPs (the computer disconnects from the router), but when I change my mac the another mac (f.e. 00:11:22:33:44:55) than i get no ARP requests.

    I made everything same than u your video!
    but the german laws doesnt be effective to you, does it ? any security-man in germany neglect this law - its a work from a paranoic politican ^^
    (u can also send me an private message ^^)

  10. #10
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by crunkymunky View Post
    my post



    but the german laws doesnt be effective to you, does it ? any security-man in germany neglect this law - its a work from a paranoic politican ^^
    (u can also send me an private message ^^)
    It doesn't matter if you choose not to obey the laws or your nation or how wrong those laws appear to be, the law is the law and it should be obeyed.

    We choose not to help as that would make us accessories after the fact.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •