Results 1 to 7 of 7

Thread: airodump-ng: not enough packets, even with aireplay-ng

  1. #1
    Just burned his ISO
    Join Date
    May 2007
    Posts
    4

    Default airodump-ng: not enough packets, even with aireplay-ng

    I used BackTrack2 and this guide:

    www [dot] smallnetbuilder [dot] com/content/view/30114/98/1/2/

    ...to try to hack my first WEP network.

    I used airmon-ng to find a WEP-encrypted network with at least one client. I used airodump-ng to start capturing packets. I used aireplay-ng to perform an active attack. That seemed to be working fine: it sent thousands of packets in 1 minute.

    But, back in airodump-ng, after 1 minute it had only captured 11 packets! Obviously, I can't wait long enough for it to capture the recommended 300,000 packets.

    The PWR was -1, which I think means full signal strength (an unsecured wlan nearby I knew was full signal strength also was listed as PWR -1). So, it's not a signal strength issue.

    Why would the packets be captured so slowly, even using an active attack via aireplay-ng? What can I try?

    If I simply have to give up and try hacking another network, that's fine. I just want to understand what's going on.

    Many thanks, pros!

  2. #2

    Exclamation

    Quote Originally Posted by lukeprog View Post
    I used BackTrack2 and this guide:

    www [dot] smallnetbuilder [dot] com/content/view/30114/98/1/2/

    ...to try to hack my first WEP network.

    I used airmon-ng to find a WEP-encrypted network with at least one client. I used airodump-ng to start capturing packets. I used aireplay-ng to perform an active attack. That seemed to be working fine: it sent thousands of packets in 1 minute.

    But, back in airodump-ng, after 1 minute it had only captured 11 packets! Obviously, I can't wait long enough for it to capture the recommended 300,000 packets.

    The PWR was -1, which I think means full signal strength (an unsecured wlan nearby I knew was full signal strength also was listed as PWR -1). So, it's not a signal strength issue.


    Why would the packets be captured so slowly, even using an active attack via aireplay-ng? What can I try?

    If I simply have to give up and try hacking another network, that's fine. I just want to understand what's going on.

    Many thanks, pros!
    I've highlighted in Red on purpose, if this is YOUR network, then you should be getting Full power from it, or it could be your card your using, but Im not going to say too much on this, as I think you maybe banned already lol for THIS >>>>>>

    If I simply have to give up and try hacking another network, that's fine. I just want to understand what's going on.

    IT IS ILLEGAL TO HACK ANOTHER NETWORK WITHOUT THEIR PERMISSION SO WHY SHOULD WE HELP YOU???

  3. #3
    Good friend of the forums williamc's Avatar
    Join Date
    Feb 2010
    Location
    Chico CA
    Posts
    285

    Default

    So you get thousands of packets before you start airplay? Are you using your client as the attacking computer?
    You need an access point, a client active on the network (download Windows SP2 or something), and an attack PC with a injectable card.

    Post back with what your using, chipset, AP brand.

    William

  4. #4

    Default

    1. You are sending thousands of packets, but that doesn't mean the AP is sending any. You may not be reaching them.
    2. PWR -1 does not mean full power. It means you probably have a broadcom card and therefore the power can not be displayed. You have no way to know what your power is. Therefore the problem may actually be your power level.


    I've highlighted in Red on purpose, if this is YOUR network, then you should be getting Full power from it, or it could be your card your using, but Im not going to say too much on this, as I think you maybe banned already lol for THIS >>>>>>

    If I simply have to give up and try hacking another network, that's fine. I just want to understand what's going on.

    IT IS ILLEGAL TO HACK ANOTHER NETWORK WITHOUT THEIR PERMISSION SO WHY SHOULD WE HELP YOU???
    I am sure what he meant is that he has various networks that he maintains for various purposes with various WEP keys with various routers. He wouldn't do anything illegal, of course.

  5. #5
    Just burned his ISO
    Join Date
    May 2007
    Posts
    4

    Default

    Samsung,

    You seem suspicious (not a bad thing!), so I'll take the time to explain my whole situation. I'm traveling through California, staying with strangers. All of them have wireless and are cool with me using it, but many of them have lost the WEP key. Obviously they don't want to reset their routers, so I want to know how to retrieve their passwords and use their networks. Because this has happened so many times, I'm anticipating this issue with many future hosts as well, and so I'm trying to learn how to hack WEP.



    williamc,

    No, I do not get thousands of packets before I start airplay. Airplay sends thousands of packets, but airodump still only gets about a dozen data packets in a minute (and I need 300,000). This is true even though there is one client connected (my travel host).

    AP brand is linksys. My wireless card chipset is "Intel PRO/Wireless 2915ABG Net." I'm booting to a BackTrack2 liveCD, and my machine normally runs WinXP SP2.

    Thanks.

  6. #6

    Thumbs down

    Quote Originally Posted by lukeprog View Post
    Samsung,

    You seem suspicious (not a bad thing!), so I'll take the time to explain my whole situation. I'm traveling through California, staying with strangers. All of them have wireless and are cool with me using it, but many of them have lost the WEP key. Obviously they don't want to reset their routers, so I want to know how to retrieve their passwords and use their networks. Because this has happened so many times, I'm anticipating this issue with many future hosts as well, and so I'm trying to learn how to hack WEP.



    williamc,

    No, I do not get thousands of packets before I start airplay. Airplay sends thousands of packets, but airodump still only gets about a dozen data packets in a minute (and I need 300,000). This is true even though there is one client connected (my travel host).

    AP brand is linksys. My wireless card chipset is "Intel PRO/Wireless 2915ABG Net." I'm booting to a BackTrack2 liveCD, and my machine normally runs WinXP SP2.

    Thanks.
    but many of them have lost the WEP key. Obviously they don't want to reset their routers, so I want to know how to retrieve their passwords and use their networks.

    This is what makes me suspicious..!!! IF they are letting you use their wireless, don't you know you can literally browse to their router via their IP address & under ''wireless/security'' you can view/change/ the key?? Im sorry, but I will not help you on this one

  7. #7
    Senior Member
    Join Date
    Apr 2007
    Posts
    3,385

    Default

    Quote Originally Posted by lukeprog View Post
    The PWR was -1, which I think means full signal strength (an unsecured wlan nearby I knew was full signal strength also was listed as PWR -1). So, it's not a signal strength issue.
    Its -1 because your using a Broadcom chipset or a unsupported card more than likely. And Broadcom drivers are still "experimental" and sketchy at best. Buy a supported Atheros card,.... or if you need usb buy the alfa 500mw.


    EDIT

    n/m I think yours is a Centrino?
    Chipset Centrino a/b/g
    Windows driver (monitor mode) NO
    Linux Drivers YES
    Note NO, but YES for ipw3945 with ipwraw-ng drivers.


    Centrino a/b/g
    ipw2915 ipw2915 uses ipw2200 driver (See this thread for alpha injection support.)
    ipw3945 For ipw3945 you can use the ipwraw-ng driver or see Live Distros for WifiWay which includes patches for injection.


    Its all here>>>>

    http://aircrack-ng.org/doku.php?id=c...ef125d7dac9f3f
    [CENTER][FONT=Book Antiqua][SIZE=5][B][COLOR=blue][FONT=Courier New][COLOR=red]--=[/COLOR][/FONT]Xploitz[FONT=Courier New][COLOR=red]=--[/COLOR][/FONT][/COLOR][/B][/SIZE][/FONT][FONT=Courier New][COLOR=Black][SIZE=6][B] ®[/B][/SIZE][/COLOR][/FONT][/CENTER]
    [CENTER][SIZE=4][B]Remote-Exploit.orgs Master Tutorialist.[/B][/SIZE][SIZE=6][B]™
    [/B][/SIZE]
    [URL="http://forums.remote-exploit.org/showthread.php?t=9063"][B]VIDEO: Volume #1 "E-Z No Client WEP Cracking Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=7872"][B]VIDEO: Volume #2 "E-Z No Client Korek Chopchop Attack Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=8230"][B]VIDEO: Volume #3 "E-Z WPA/WPA2 Cracking Tutorial"[/B][/URL]

    [URL="http://forums.remote-exploit.org/showthread.php?t=8041"][B]VIDEO: Volume #4 "E-Z Cracking WPA/WPA2 With Airolib-ng Databases"[/B][/URL]
    [/CENTER]

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •