I'm following the instructions from abitaz's blog (awesome so far!). I'm running a linksys router - I set the encryption down to WEP. I've got a second laptop downloading all kinds of stuff and generating lots of traffic.
I've got airodump-ng monitoring the channel (and it's working correctly). Now, I'm trying to use aireplay-ng to inject packets (I don't understand this very well yet).
The command abitaz suggets using is: aireplay-ng -3 -e 07B402920894 rausb0
-3 Is the kind of attack (but I'm not sure what kind of attack that is) and -e (according to the help file) lets me specify the SSID of the target AP.
So, the BSSID of my target AP is 00:0F:66:00:6A:1D. (As displayed by airodump-ng, however aireplay asks me to enter it without the colons)
So, when I enter the command, I see the following happen:
bt ~ # aireplay-ng -3 -e 000F66006A1D rausb0
No source MAC (-h) specified. Using the device MAC (00:0E:3B:09:C2:A1)
22:35:14 Waiting for beacon frame (ESSID: 000F66006A1D) on channel 6
22:35:24 No such BSSID available.
Please specify a BSSID (-a).
bt ~ #
However, this is what I see in airodump:
00:0F:66:00:6A:1D 101 100 18836 41088 10 6 48 WEP WEP Anarchia
There are tons of beacons! So, I'm lost. Help? Thanks