Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: Confusion with BT and TEW-441/madwifi-ng

  1. #1
    Junior Member carrot's Avatar
    Join Date
    Nov 2007
    Posts
    25

    Default Confusion with BT and TEW-441/madwifi-ng

    I'm trying to learn how to crack WEP. I've been doing a bunch of reading and following (ryanunderdown<DOT>com/2007/02/12/cracking-wep-using-backtrack/) this guide. I have a laptop with built-in wireless. It can be put into monitor mode, but that's about it. I also have a TrendNet TEW-441PC Cardbus adapter. It has an Atheros chipset. (It's listed (madwifi<DOT>org/wiki/Compatibility/Trendnet) here , so I figure that means it should work fine?)
    I keep running into problems when following that guide. I don't understand all the wireless adapters BT keeps listing. I type iwconfig and I get the following:

    ***************************

    lo no wireless extensions (local loopback, right)

    eth0 no wireless extensions (onboard ethernet?)

    eth1 Here it lists a bunch of information about my on board wireless. Nickname is "Broadcom 4311"

    wifi0 no wireless extensions (huh... I don't get this one....)

    ath0 again, it lists some information about the wireless adapter

    ****************************

    Here's some other information. I don't know what you need to know, so I'll just post what information I'm sure of that I think is relevant.

    ath0 can't be put in monitor mode.

    When I start up kismet, it asks me which wireless adapter to use. If I choose eth1, all is fine and dandy. It puts eth1 in Monitor mode and works. If I choose ath0, it lists this:

    ath0 Atheros madwifi-ng VAP (parent: wifi0) (VAP cannot be put in monitor mode)

    Then when I do iwconfig again, there's a new adapter, kis. It's in monitor mode. I assume that's kismet making its own, right?



    When i choose wifi0 however, it lists this:

    ath0 Atheros madwifi-ng VAP (parent: wifi0)
    ath1 Atheros madwifi-ng VAP (parent: wifi0) (monitor mode enabled)

    When i do iwconfig, it has ath0, still in managed mode, ath1 in monitor mode, and kis in monitor mode.





    I'm trying to make sense of all these random virtual devices. I want to know which one to use/not use on the different steps in that tutorial.
    Sorry if this is as clear as mud.
    Thank you!!
    A little nonsense now and then is relished by the wisest men.
    -Willy Wonka-

  2. #2
    Senior Member
    Join Date
    Apr 2007
    Posts
    3,385

    Default

    If your just wanting to crack WEP and you got an Atheros chipped card...

    Theres only 1 tutorial that rises above all others..actually 2 on WEP,..and their E-Z VIDEOS..they'll walk you step by step in the 2 most preferred WEP attacks. (The -3 Arp Request attack) and the -4 (Korek chopchop attack) You'll find these truly one of a kind E-Z VIDEOS in the tutorial section on this site. Ones stickied and the others usually on the first page or 2. Theres also more advanced WPA/WPA2 E-Z Videos...for when your ready. The guy who made them took a lot of time making them to help people like you. And I honestly think he did a very good job at explaining all the steps as easy as humanly possible.

    Be sure and thank him in his video threads. I'm 100% positive that he'll respond to any question you may have....after all..he's a great guy.
    [CENTER][FONT=Book Antiqua][SIZE=5][B][COLOR=blue][FONT=Courier New][COLOR=red]--=[/COLOR][/FONT]Xploitz[FONT=Courier New][COLOR=red]=--[/COLOR][/FONT][/COLOR][/B][/SIZE][/FONT][FONT=Courier New][COLOR=Black][SIZE=6][B] ®[/B][/SIZE][/COLOR][/FONT][/CENTER]
    [CENTER][SIZE=4][B]Remote-Exploit.orgs Master Tutorialist.[/B][/SIZE][SIZE=6][B]™
    [/B][/SIZE]
    [URL="http://forums.remote-exploit.org/showthread.php?t=9063"][B]VIDEO: Volume #1 "E-Z No Client WEP Cracking Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=7872"][B]VIDEO: Volume #2 "E-Z No Client Korek Chopchop Attack Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=8230"][B]VIDEO: Volume #3 "E-Z WPA/WPA2 Cracking Tutorial"[/B][/URL]

    [URL="http://forums.remote-exploit.org/showthread.php?t=8041"][B]VIDEO: Volume #4 "E-Z Cracking WPA/WPA2 With Airolib-ng Databases"[/B][/URL]
    [/CENTER]

  3. #3
    Developer
    Join Date
    Mar 2007
    Posts
    6,124

    Default

    Quote Originally Posted by -=Xploitz=- View Post
    If your just wanting to crack WEP and you got an Atheros chipped card...

    Theres only 1 tutorial that rises above all others..actually 2 on WEP,..and their E-Z VIDEOS..they'll walk you step by step in the 2 most preferred WEP attacks. (The -3 Arp Request attack) and the -4 (Korek chopchop attack) You'll find the truly one of a kind E-Z VIDEOS in the tutorial section on this site. Ones stickied and the others usually on the first page or 2. Theres also more advanced WPA/WPA2 E-Z Videos...for when your ready. The guy who made them took a lot of time making them to help people like you. And I honestly think he did a very good job at explaining all the steps as easy as humanly possible.

    Be sure and thank him in his video threads. I'm 100% positive that he'll respond to any question you may have....after all..he's a great guy.
    OHHH........Brother

  4. #4
    Senior Member
    Join Date
    Apr 2007
    Posts
    3,385

    Default

    Quote Originally Posted by purehate View Post
    OHHH........Brother
    /me <<Shakes the haters off>>

    C'mon..I rarely promote my videos like this. Besides..I wanted to see his reaction. You know I'm proud of those videos.
    [CENTER][FONT=Book Antiqua][SIZE=5][B][COLOR=blue][FONT=Courier New][COLOR=red]--=[/COLOR][/FONT]Xploitz[FONT=Courier New][COLOR=red]=--[/COLOR][/FONT][/COLOR][/B][/SIZE][/FONT][FONT=Courier New][COLOR=Black][SIZE=6][B] ®[/B][/SIZE][/COLOR][/FONT][/CENTER]
    [CENTER][SIZE=4][B]Remote-Exploit.orgs Master Tutorialist.[/B][/SIZE][SIZE=6][B]™
    [/B][/SIZE]
    [URL="http://forums.remote-exploit.org/showthread.php?t=9063"][B]VIDEO: Volume #1 "E-Z No Client WEP Cracking Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=7872"][B]VIDEO: Volume #2 "E-Z No Client Korek Chopchop Attack Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=8230"][B]VIDEO: Volume #3 "E-Z WPA/WPA2 Cracking Tutorial"[/B][/URL]

    [URL="http://forums.remote-exploit.org/showthread.php?t=8041"][B]VIDEO: Volume #4 "E-Z Cracking WPA/WPA2 With Airolib-ng Databases"[/B][/URL]
    [/CENTER]

  5. #5
    Developer
    Join Date
    Mar 2007
    Posts
    6,124

    Default

    Quote Originally Posted by -=Xploitz=- View Post
    /me <<Shakes the haters off>>

    C'mon..I rarely promote my videos like this. Besides..I wanted to see his reaction. You know I'm proud of those videos.
    I'm not hating I swear. i think they are EXCELLENT and PROFESSIONAL videos. I was just giving you a hard time cuz we are double first home boys

  6. #6
    Senior Member
    Join Date
    Apr 2007
    Posts
    3,385

    Default

    Quote Originally Posted by purehate View Post
    I'm not hating I swear. i think they are EXCELLENT and PROFESSIONAL videos. I was just giving you a hard time cuz we are double first home boys
    Don't you feel funny every time you say that in public?? I know I do super double first homeboy.
    [CENTER][FONT=Book Antiqua][SIZE=5][B][COLOR=blue][FONT=Courier New][COLOR=red]--=[/COLOR][/FONT]Xploitz[FONT=Courier New][COLOR=red]=--[/COLOR][/FONT][/COLOR][/B][/SIZE][/FONT][FONT=Courier New][COLOR=Black][SIZE=6][B] ®[/B][/SIZE][/COLOR][/FONT][/CENTER]
    [CENTER][SIZE=4][B]Remote-Exploit.orgs Master Tutorialist.[/B][/SIZE][SIZE=6][B]™
    [/B][/SIZE]
    [URL="http://forums.remote-exploit.org/showthread.php?t=9063"][B]VIDEO: Volume #1 "E-Z No Client WEP Cracking Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=7872"][B]VIDEO: Volume #2 "E-Z No Client Korek Chopchop Attack Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=8230"][B]VIDEO: Volume #3 "E-Z WPA/WPA2 Cracking Tutorial"[/B][/URL]

    [URL="http://forums.remote-exploit.org/showthread.php?t=8041"][B]VIDEO: Volume #4 "E-Z Cracking WPA/WPA2 With Airolib-ng Databases"[/B][/URL]
    [/CENTER]

  7. #7
    Developer
    Join Date
    Mar 2007
    Posts
    6,124

    Default

    I saw it on one of those old seventies movies. its a great term, right up there with jive. OK were hijacking the thread. Back to helping this dude.

  8. #8
    Junior Member carrot's Avatar
    Join Date
    Nov 2007
    Posts
    25

    Default

    Quote Originally Posted by purehate View Post
    I saw it on one of those old seventies movies. its a great term, right up there with jive. OK were hijacking the thread. Back to helping this dude.
    lol, no worries. It was fun to read.

    Anyway, I have a quick question. (On second thought, I probably should have posted this in the video's thread... Oh well)
    I get to the step where I type aireplay-ng -3.... I start it, but I don't get a single ARP request for the longest time. I have a test network set up, and the only way I get anything is if I join the network with another computer. I jump right back off with it, but by that time backtrack is going like crazy. Is there anyway to make it get over that first initial hump without connecting a client?

    Also, how can you tell whether your target is using 64-bit or 128-bit encryption?


    Thanks again!!
    A little nonsense now and then is relished by the wisest men.
    -Willy Wonka-

  9. #9
    Senior Member
    Join Date
    Apr 2007
    Posts
    3,385

    Default

    My network at the time of recording was 64 bit..but with PTW on the latest aircrack-ng suite...rarely more than 40000 or 50,000 IVS is needed with 128 bit.

    Have you updated aircrack-ng to the latest Developmental version?? If not..I suggest you do so now.

    About your question...if you have a client alreaDY CONNECTED TO YOUR NETWORK (sorry caps locked on me..lol)...........you can use the command ping on the connected client..example

    ping 111.111.111.111

    either on a windows command prompt or in a Linux shell window.

    Since your getting arps when you connect with the other computer..that tells you that your all set up correctly and not channel hopping...so thats the good news.

    The bad news is that PATIENCE is needed for this attack to work..your litterally waiting on an arp request to be spit out by your router / AP..so depending on how often the AP or router sptis em out..it could take seconds..up to an hour...more than likely though..no more than 30 minutes usually.

    Also, not every Router / AP responds to the -3 attack..you need to learn ALL attacks. I have a video on the -4 korek chopchop attack on the first or second page. It will usually work when the -3 doesnt. Theres also the -5 fragmentation attack. See the aircrack-ng MAIN site (not its forums) for more info.

    Hope this helps ya.

    I told you the creator of those videos was a good guy.
    [CENTER][FONT=Book Antiqua][SIZE=5][B][COLOR=blue][FONT=Courier New][COLOR=red]--=[/COLOR][/FONT]Xploitz[FONT=Courier New][COLOR=red]=--[/COLOR][/FONT][/COLOR][/B][/SIZE][/FONT][FONT=Courier New][COLOR=Black][SIZE=6][B] ®[/B][/SIZE][/COLOR][/FONT][/CENTER]
    [CENTER][SIZE=4][B]Remote-Exploit.orgs Master Tutorialist.[/B][/SIZE][SIZE=6][B]™
    [/B][/SIZE]
    [URL="http://forums.remote-exploit.org/showthread.php?t=9063"][B]VIDEO: Volume #1 "E-Z No Client WEP Cracking Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=7872"][B]VIDEO: Volume #2 "E-Z No Client Korek Chopchop Attack Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=8230"][B]VIDEO: Volume #3 "E-Z WPA/WPA2 Cracking Tutorial"[/B][/URL]

    [URL="http://forums.remote-exploit.org/showthread.php?t=8041"][B]VIDEO: Volume #4 "E-Z Cracking WPA/WPA2 With Airolib-ng Databases"[/B][/URL]
    [/CENTER]

  10. #10
    Junior Member carrot's Avatar
    Join Date
    Nov 2007
    Posts
    25

    Default

    Haha, he's a great guy!

    I would like to use the new version of aircrack, but I'm running off of a LiveCD. Do you know how to update it with the latest stuff? And If new versions of aircrack keep coming out, will I just be updating and burning CD's like once a week? (I know the answer to this is in the forum, I just didn't look. Don't kill me! )

    As for the other attacks, I should start learning them. I tried the -4 attack, but it kept on spitting out an error, even though I was following the video step by step. I'll post more info in the video's thread when I'm ready.
    I'll go take a look at the fragmentation attack.

    Quick question. When you're going through the steps and doing your attack, what does the aireplay-ng -1 0 do? It says something like fake authentication, but what does that mean?

    My network at the time of recording was 64 bit..but with PTW on the latest aircrack-ng suite...rarely more than 40000 or 50,000 IVS is needed with 128 bit.
    I'm interested it doing an attack with 0 prior knowledge, is there a way to analyze either the network or the packets and find out which it is?

    Also, what kind of fancy new tools are in the developmental version of aircrack?

    Thanks again for all your help!!


    P.S. I go back and read my post to check it...... noobieness.... lol.
    But hey, it works for me. My last name really is newby.
    A little nonsense now and then is relished by the wisest men.
    -Willy Wonka-

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •