Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: Small question regarding ARPs

  1. #1
    Just burned his ISO
    Join Date
    Nov 2008
    Posts
    5

    Question Small question regarding ARPs

    I've read some other topics but have been getting mixed messages. I'm using a Belkin 54g Wireless USB stick which shows up as rausb0 (using VMWare version). I collect data at a fair rate, and when I run
    Code:
    aireplay-ng -1 0 -a (bssid) -h xx:xx:xx:xx:xx rausb0
    after the first, or sometimes second attempt it says authenticated. The problem is that when I run
    Code:
    aireplay-ng -3 -b (bssid) -h xx:xx:xx:xx:xx rausb0
    It says reading packets, but neither the ARPs nor the ACKs climb.
    Any help will be greatly appreciated!

  2. #2
    Member
    Join Date
    Apr 2007
    Posts
    155

    Default

    If your interface isnt 'ath0' dont count on injecting packets. EVER.
    This is a hackers forum :P
    root ~# aircrack-ng pwnd-01.cap
    Lenovo Thinkpad R500, OS: Ubuntu 8.10, BackTrack3, Windows XP (VirtualBox), Windows Vista, Windows 7 beta

  3. #3
    Senior Member
    Join Date
    Apr 2008
    Posts
    2,008

    Default

    Quote Originally Posted by Shavx View Post
    If your interface isnt 'ath0' dont count on injecting packets. EVER.
    How many times do you need to be corrected on this point before you get it? Stop telling people that only Atheros based chipsets are capable of injection, this is not the case.

    To the OP, the reason that you are not seeing any ARPs is most likely that there is no active client connected to the AP. Generally no ARP-requests will be broadcasted for you to intercept unless there is at least one client currently connected.
    -Monkeys are like nature's humans.

  4. #4
    Senior Member Talkie Toaster's Avatar
    Join Date
    Jun 2008
    Location
    Scotland
    Posts
    131

    Default

    Quote Originally Posted by Shavx View Post
    If your interface isnt 'ath0' dont count on injecting packets. EVER.
    Do you work for Atheros or something?

    Remember that your advice is of absolutely no value to anyone dealing with the VMWare version, who will have to use a usb based device.


    @Rycas I totally agree with =Tron=, but could you please try something for me? do the aireplay -3 BEFORE the fake auth (the aireplay -1 option), someone on the board suggested it the other day incase a arp packet is generated at the fake auth step which you would normally miss, I'm afraid i have not had time to check myself yet.......

    TT
    Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning.

  5. #5
    Developer
    Join Date
    Mar 2007
    Posts
    6,124

    Default

    Quote Originally Posted by Shavx View Post
    If your interface isnt 'ath0' dont count on injecting packets. EVER.
    This is the last warning you will get. If you continue to make statements which are not true I will remove your posting privileges permanently . This behavior is unacceptable. I have also sent you a PM on the matter so you cant say you didn't see the post.

  6. #6
    Just burned his ISO
    Join Date
    Nov 2008
    Posts
    5

    Default

    Wow. Thanks Tron! Very helpful. I will try collecting ARPs when someone is associated. And Talkie, I will try your suggestion the next time, but i think u need to be associated. Thanks and I guess I will update with my results...! Thanks!

  7. #7
    Just burned his ISO
    Join Date
    Nov 2008
    Posts
    5

    Default

    *Only double posting because I'm not sure if I edit you will get the info*
    Talkie, when I tried out skipping the authorization part of aireplay-ng, it WORKED! wow, I couldn't believe it. Thanks! One last question I was able to crack a WEP key with only 10k DATA once and it was done immediately; I assumed it was 64 bit. This time, I had about 20k DATA but was unable to crack. I used 64 and 128 with no avail. So, even though I've read you need in the hundred thousands, I'm just curious as to why the amount of DATA needed varies so much, what would be an average amount if DATA needed, and how can I tell what bit encryption the WEP key is?

  8. #8
    Senior Member
    Join Date
    Apr 2008
    Posts
    2,008

    Default

    Quote Originally Posted by Rycus View Post
    *Only double posting because I'm not sure if I edit you will get the info*
    Talkie, when I tried out skipping the authorization part of aireplay-ng, it WORKED! wow, I couldn't believe it. Thanks! One last question I was able to crack a WEP key with only 10k DATA once and it was done immediately; I assumed it was 64 bit. This time, I had about 20k DATA but was unable to crack. I used 64 and 128 with no avail. So, even though I've read you need in the hundred thousands, I'm just curious as to why the amount of DATA needed varies so much, what would be an average amount if DATA needed, and how can I tell what bit encryption the WEP key is?
    Interesting to hear that the tip given by Talkie Toaster worked, will have to try this one out myself.

    As for your question, the main reason for why you are able to crack your WEP key using so few IVs is that the PTW algorithm used by aircrack-ng is constantly being improved. Although you should not expect to be able to crack 128 bit keys consistently with only 20 000 IVs, hundreds of thousands of IVs is rarely needed anymore. And there is no way to tell how long a key is being used, apart from trial and error or actually knowing it beforehand.
    -Monkeys are like nature's humans.

  9. #9
    Member
    Join Date
    Jun 2007
    Posts
    218

    Default

    Originally posted by Talkie Toaster:

    @Rycas I totally agree with =Tron=, but could you please try something for me? do the aireplay -3 BEFORE the fake auth (the aireplay -1 option), someone on the board suggested it the other day incase a arp packet is generated at the fake auth step which you would normally miss, I'm afraid i have not had time to check myself yet.......
    Fake authentication will not produce an arp packet.

    http://aircrack-ng.org/doku.php?id=f...authentication

  10. #10
    Senior Member Talkie Toaster's Avatar
    Join Date
    Jun 2008
    Location
    Scotland
    Posts
    131

    Default

    Quote Originally Posted by level View Post
    Originally posted by Talkie Toaster:

    Fake authentication will not produce an arp packet.

    http://aircrack-ng.org/doku.php?id=f...authentication
    Fake authentication SHOULD NOT produce a arp, however......

    The problem here is with the crappy Wireless APs being given away to home users, they can produce arp packets just for fun!

    A common free router in the UK is a Thomson Speedtouch based BT HomeHub, this thing generates 3 arp's every minute of the day, even when no-one is connected! Even fully updated ones will produce a arp for fake-auth for some reason, some Netgears too, if i find more I'll post up for people to ponder over.....

    TT
    Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •