aireplay command works but wont crack

[fido13uk]

Hi can anyone enlighten me here I am using this command in aireplay without any success
aireplay-ng -2 -p 0841 -c ff:ff:ff:ff:ff:ff -b 00:17:3F:5D:93:EF -h 00:0e:2e:cd:5d:53 rausb0

I have successfully associated with my ap and all the data in airodump is whizzing up but when I run aircrack it wont crack the key even though ive had over 1 million iv,s ive followed the tutorials to the letter but it doesnt seem to work for me, I know my card is working and injecting because ive done the -9 test and it reports injection is working ok this is the only command ive had trouble with im using bt3 any help would be much appreciated.

my apoligies i should have been more descriptive here are my commands

airodump-ng -w fido13uk -c 11 --bssid xxxxxxxxxx rausb0

assosiates sucessfully

aireplay-ng -2 -p 0841 -c ff:ff:ff:ff:ff:ff -b 00:17:3F:5D:93:EF -h 00:0e:2e:cd:5d:53 rausb0

use this packet y

airodump then whizzes up the data packets


i then type

aircrack-ng *.cap

ive had over 1 million iv,s but it keeps repeating failed next try 5000 iv,s

tell me if im dumb

[Dark Ragnarok]

I'm guessing it's WEP encrypted. Do you know if it's 128 bit or 64 bit?

The higher the encryption. The more data packets are needed. If the key is strong enough you made need 2 million. It varies. I've cracked some withing 8000 data packets and I've seen others that need more than 1 mil. Make sure it's *data* packets and not Beacons.

In fact, when you use aireplay use --ivs so that it only stores the data packets relative to cracking it. Otherwise, just keep gathering more packets. There's nothing seemingly wrong with what your doing... *ahem*...

[abitaz]

According to what you posted, aircrack is saying that you don't even have 5000 IVs yet.

[fido13uk]

According to what you posted, aircrack is saying that you don't even have 5000 IVs yet.

aircrack means that it will retry every 5000 iv,s not that it only aquired 5000 ive had over a million and they are data packets not beacons

any help appreciated

thanx dark could you enlighten me on where the use --ivs command goes ?

[abitaz]

I believe you are incorrect. It lets you know the total number of IVs it'll try with. Someone that knows otherwise, please correct me if I'm wrong. You may have a million packets, but not all packets are IVs.

aircrack means that it will retry every 5000 iv,s not that it only aquired 5000 ive had over a million and they are data packets not beacons

any help appreciated

thanx dark could you enlighten me on where the use --ivs command goes ?

The --ivs commend goes in the command anywhere before 'rausb0' and after airodump-ng, like airodump-ng -w fido13uk -c 11 --ivs --bssid xxxxxxxxxx rausb0. Please note that if you do this, you'll have to type aircrack-ng *.ivs, instead of *.cap

[purehate]

Abitaz is right as far as I know. Aircrack is telling you out of all the mess its only found 5000 usable ivs.


Plus for the -2 attack to replay a packet this should be all you need aireplay-ng -2 -r arp-request ath0

[Dark Ragnarok]

Guys to be fair, if you fail to crack the key with the given amount of IVs, it actually does say try another 5000 IVs. Although I suspected he meant beacons and not data packets, I can attest that what he's claiming does happen.

Edit: Fido, it shouldn't matter as long as it's before your wlan device. If you type aircrack-ng by itself, it should list all the arguments in the preferably order to use them. In other words, if you see the list and it says --ivs after one options and before another follow that pattern. Otherwise based on the command you're telling me, I'd say... before the first MAC address you entered.

[fido13uk]

Guys to be fair, if you fail to crack the key with the given amount of IVs, it actually does say try another 5000 IVs. Although I suspected he meant beacons and not data packets, I can attest that what he's claiming does happen.

Edit: Fido, it shouldn't matter as long as it's before your wlan device. If you type aircrack-ng by itself, it should list all the arguments in the preferably order to use them. In other words, if you see the list and it says --ivs after one options and before another follow that pattern. Otherwise based on the command you're telling me, I'd say... before the first MAC address you entered.

Thank you dark and all the other input on this subject. Aircrack states that it will try again to crack the key after another 5000 iv,s. I remember when i used bt2 it didnt state this but in bt3 it does at least i think thats what it means. I,le try the --ivs command instead and see if i get a different result though. btw dark I think aircrack means it tries every 5000 whilst airodump is still collecting data.

[Dark Ragnarok]

I manually stop airodump before I crack out of habit. I don't know why. But that's why I didn't know it would auto retry after 5000. And your welcome. The IVs just makes the file smaller essentially... I'd try 2 million keys though. If you're having issues then this will be very interesting. XP. For me that's almost like saying you have 99% of the puzzle solved but still can;t make out the picture. Again, betting the encryption is about 128 or higher. You should know your own network setting. <_<;

[opreat0r]

you pro restarting and it writes out to a diff cap file .. see my sig and try the almost idiot proof script ...