Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: aireplay command works but wont crack

  1. #1
    Junior Member
    Join Date
    Jan 2008
    Posts
    80

    Default aireplay command works but wont crack

    Hi can anyone enlighten me here I am using this command in aireplay without any success
    aireplay-ng -2 -p 0841 -c ff:ff:ff:ff:ff:ff -b 00:17:3F:5D:93:EF -h 00:0e:2e:cd:5d:53 rausb0

    I have successfully associated with my ap and all the data in airodump is whizzing up but when I run aircrack it wont crack the key even though ive had over 1 million iv,s ive followed the tutorials to the letter but it doesnt seem to work for me, I know my card is working and injecting because ive done the -9 test and it reports injection is working ok this is the only command ive had trouble with im using bt3 any help would be much appreciated.

    my apoligies i should have been more descriptive here are my commands

    airodump-ng -w fido13uk -c 11 --bssid xxxxxxxxxx rausb0

    assosiates sucessfully

    aireplay-ng -2 -p 0841 -c ff:ff:ff:ff:ff:ff -b 00:17:3F:5D:93:EF -h 00:0e:2e:cd:5d:53 rausb0

    use this packet y

    airodump then whizzes up the data packets


    i then type

    aircrack-ng *.cap

    ive had over 1 million iv,s but it keeps repeating failed next try 5000 iv,s

    tell me if im dumb
    You can learn more from other peoples mistakes than you can of your own

  2. #2
    Junior Member
    Join Date
    Mar 2008
    Posts
    28

    Default

    I'm guessing it's WEP encrypted. Do you know if it's 128 bit or 64 bit?

    The higher the encryption. The more data packets are needed. If the key is strong enough you made need 2 million. It varies. I've cracked some withing 8000 data packets and I've seen others that need more than 1 mil. Make sure it's *data* packets and not Beacons.

    In fact, when you use aireplay use --ivs so that it only stores the data packets relative to cracking it. Otherwise, just keep gathering more packets. There's nothing seemingly wrong with what your doing... *ahem*...
    [img]http://img.photobucket.com/albums/v693/DarkRagnarok/Sig.jpg[/img]

  3. #3

    Default

    According to what you posted, aircrack is saying that you don't even have 5000 IVs yet.

  4. #4
    Junior Member
    Join Date
    Jan 2008
    Posts
    80

    Default

    According to what you posted, aircrack is saying that you don't even have 5000 IVs yet.

    aircrack means that it will retry every 5000 iv,s not that it only aquired 5000 ive had over a million and they are data packets not beacons

    any help appreciated

    thanx dark could you enlighten me on where the use --ivs command goes ?
    You can learn more from other peoples mistakes than you can of your own

  5. #5

    Default

    I believe you are incorrect. It lets you know the total number of IVs it'll try with. Someone that knows otherwise, please correct me if I'm wrong. You may have a million packets, but not all packets are IVs.

    Quote Originally Posted by fido13uk View Post
    aircrack means that it will retry every 5000 iv,s not that it only aquired 5000 ive had over a million and they are data packets not beacons

    any help appreciated

    thanx dark could you enlighten me on where the use --ivs command goes ?
    The --ivs commend goes in the command anywhere before 'rausb0' and after airodump-ng, like airodump-ng -w fido13uk -c 11 --ivs --bssid xxxxxxxxxx rausb0. Please note that if you do this, you'll have to type aircrack-ng *.ivs, instead of *.cap

  6. #6
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default

    Abitaz is right as far as I know. Aircrack is telling you out of all the mess its only found 5000 usable ivs.


    Plus for the -2 attack to replay a packet this should be all you need aireplay-ng -2 -r arp-request ath0

  7. #7
    Junior Member
    Join Date
    Mar 2008
    Posts
    28

    Default

    Guys to be fair, if you fail to crack the key with the given amount of IVs, it actually does say try another 5000 IVs. Although I suspected he meant beacons and not data packets, I can attest that what he's claiming does happen.

    Edit: Fido, it shouldn't matter as long as it's before your wlan device. If you type aircrack-ng by itself, it should list all the arguments in the preferably order to use them. In other words, if you see the list and it says --ivs after one options and before another follow that pattern. Otherwise based on the command you're telling me, I'd say... before the first MAC address you entered.
    [img]http://img.photobucket.com/albums/v693/DarkRagnarok/Sig.jpg[/img]

  8. #8
    Junior Member
    Join Date
    Jan 2008
    Posts
    80

    Default

    Guys to be fair, if you fail to crack the key with the given amount of IVs, it actually does say try another 5000 IVs. Although I suspected he meant beacons and not data packets, I can attest that what he's claiming does happen.

    Edit: Fido, it shouldn't matter as long as it's before your wlan device. If you type aircrack-ng by itself, it should list all the arguments in the preferably order to use them. In other words, if you see the list and it says --ivs after one options and before another follow that pattern. Otherwise based on the command you're telling me, I'd say... before the first MAC address you entered.
    Thank you dark and all the other input on this subject. Aircrack states that it will try again to crack the key after another 5000 iv,s. I remember when i used bt2 it didnt state this but in bt3 it does at least i think thats what it means. I,le try the --ivs command instead and see if i get a different result though. btw dark I think aircrack means it tries every 5000 whilst airodump is still collecting data.
    You can learn more from other peoples mistakes than you can of your own

  9. #9
    Junior Member
    Join Date
    Mar 2008
    Posts
    28

    Default

    I manually stop airodump before I crack out of habit. I don't know why. But that's why I didn't know it would auto retry after 5000. And your welcome. The IVs just makes the file smaller essentially... I'd try 2 million keys though. If you're having issues then this will be very interesting. XP. For me that's almost like saying you have 99% of the puzzle solved but still can;t make out the picture. Again, betting the encryption is about 128 or higher. You should know your own network setting. <_<;
    [img]http://img.photobucket.com/albums/v693/DarkRagnarok/Sig.jpg[/img]

  10. #10
    Good friend of the forums
    Join Date
    Feb 2010
    Posts
    328

    Default

    you pro restarting and it writes out to a diff cap file .. see my sig and try the almost idiot proof script ...

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •