Results 1 to 2 of 2

Thread: BT3 + Fusion - Basic question

  1. #1
    Just burned his ISO
    Join Date
    Jan 2008
    Posts
    2

    Default

    Hi,

    First post (and yes, I *have* read through all the "read this first!" posts).

    I've searched through the forums and it appears as though what I'm doing *is* supported but I may be doing something noob-like.

    I have a 17" Macbook Pro 2.33 GHz Core 2 Duo running OS X 10.5.1. I have the latest version of VMWare's Fusion (1.1.1 build 72241) and the latest BackTrack3 iso image. I'm using a Linksys WUSB54G v4 dongle (rt2570).

    When I issue airmon-ng start rausb0 I get this:

    Interface Chipset Driver

    rausb0 Ralink USB rt2570 (monitor mode enable)Invalid command: forceprishmheader


    Is the "Invalid command" message expected? I ask because I get the same thing if I boot my Dell Inspiron 8200 off of the BT3 CD (again, using the WUSB54G dongle).

    If I issue an iwconfig after the first airmon-ng command the rausb0's mode is still managed. If I issue the same airmon-ng command a second time, iwconfig then reports that the device *is* in monitor mode.

    If I now issue an airodump-ng command I can see the APs around me, as well as clients associated with those APs.

    So I *think* everything is working.

    When the tuts state "you must wait for 100K IVs", I don't know if that means the number reported under the "Beacons" column in airodump-ng's output. Clarification there would be appreciated.

    Thanks!

    Macified

    Quote Originally Posted by macified View Post
    When the tuts state "you must wait for 100K IVs", I don't know if that means the number reported under the "Beacons" column in airodump-ng's output. Clarification there would be appreciated.
    I guess this was too basic of a question. Just in case anyone else is similarly confused:

    The beacons are NOT the same as IVs. The #Data column in airodump-ng's output represents the IV count.

  2. #2
    Member
    Join Date
    Jan 2008
    Posts
    194

    Default

    I can't help you with the ralink issue but I can make a comment on the IVs...

    Starting aircrack-ng while you're collecting the IVs negates the need to watch how many you're collecting. Aircrack does that for you and will try every 5k IVs. I find that a 64b WEP requires anywhere from 25k to 30k IVs. Just start aircrack-ng on the cap file that you're collecting to at the same time.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •