Search the Community

I just got the RT3070 usb adapter and airodump isn't working on any OS. Tried 3 systems so far and every one of them shows all blank once the card is in mon mode and I start airodump. I ran check kill so nothing is interfering with it. What's the deal with this card? Any help is appreciated.

So yesterday it occured to me that I've never actually cracked a WEP network. I've heard that it's extremely easy, so I figured I'd give it a try. From what I was reading I seen you needed clients connected, and they needed to be active. I took an old router with DDWRT on it and dropped it to WEP encryption and added three clients and booted up a Kali live cd. Step one: I put my card into monitor mode. (It's the ALFA NEH from the Hak5 store) Step Two: I ran airodump to start capturing the packets. "Airodump-ng -c 1 -w WEP --essid Fallen wlan1mon" (And I also tried everything again using BSSIDs, but no difference.) Step Three: Wait for IVs. Step Four: Speed up the process. A.K.A. Where the problem starts. The first step was to run aireplay-ng -1 0, I believe this is some sort of fake authentication. I got the message "Sending authorization request" over and over. One had (ACK) beside it, the rest said (OPEN). Next I needed to run aireplay-ng -3, which was supposed to look for or create ARP packets I believe. Unfortunately, It was showing that it was reading tons of packets, but never found a single ARP request. Considering by this time I only had about 200 IVs, I figured I was doing something wrong. So I decided to use automated tools to see if it worked. My first try was my beloved Wifite. "wifite -c 1 -wep -e Fallen" It gets all the way to the actual attack. Here it tries about seven different types of attacks (Chop-Chop, Fake Authentication, Ect) All of them fail, and by the time it's done I have about 19 IVs. Just for the heck of it I also tried to use the Fern-wifi-cracker, which wasn't any different. Thinking maybe it was either y laptop or the card causing the issue, I tried the same steps on my NANO. I used wlan1, and then also tried the NEH again. Can anyone tell me what I'm doing wrong here? Thanks. If you need any more information just let me know.

I'm using the Airodump Ng Scan Visualizer which takes a CSV file, so I configured a boot mode to output CSV. My airodump pcap is a decent sized file, and it finds lots of endpoints. When I write as CSV, it's a very small file and all the clients are not detected. Kismet gives me the most data but I can't get signal strength out of that, so that's out. Maybe there's something I need to add to the configuration? Take a look: Kismet: ifconfig wlan1 down && iwconfig wlan1 mode monitor && ifconfig wlan1 up && kismet_server && ifconfig wlan0 down Airodump Pcap: ifconfig wlan1 up; airmon-ng start wlan1; airodump-ng --write /sd/airodump.pcap --output-format pcap mon0 My attempt at making the airodump example code better (did give me a slightly larger file): ifconfig wlan0 down; ifconfig wlan1 down; iwconfig wlan1 monitor mode; ifconfig wlan1 up; airmon-ng start wlan1; airodump-ng --write /sd/dump.csv --output-format csv mon0 Airodump example code from boot modes page: ifconfig wlan1 down; iwconfig wlan1 monitor mode; ifconfig wlanifconfig wlan1 up; airmon-ng start wlan1; airodump-ng --write /sd/Newdump.csv --output-format csv mon0 Basically I'm not getting all the information I should be out of the csv's. The airodump.pcap is better, but not as good as kismet. However, I can't use Kismet since there's no signal strength really. I like the visualizer a lot so I want CSV's, and exporting as CSV from Wireshark didn't work for the program. If anyone knows another visualizer that'd be good. WifiSpy, which I saw on here a while back, didn't work too well for me. Thanks!

I've implemented a mark V+airodump to sniff the wifi enabled devices inside a big room. I'm using the information gathered to calculate the # of people inside this room at any given time. (I analyze and dump to a db the csv files generated by airodump) My problem comes from the fact that airodump csv files sometimes do not reflect correctly the first time and last time a probe has been transmitted by a device, also they just show the last transmitted power detected of each device (you can't see how the power fluctuates with the time). Besides this issues, the csv files also include the information of nearby access points + devices detected and when you have a large number of devices or access points, processing this csv file is a little bit resource intensive. I'd like to know if there's any other tool where I can get the information of the sniffed probes in the same format used by Meraki's routers (they provide an api where you can get the info of the probes detected by the router and dump it directly to a db without any ETL process). They follow the next format: { "deviceID":"UUIDofTheAP",<-you can define it using an external cfg file "mac":"mac address of the device detected", "timestamp":"timestamp when the probe was transmitted", "pwr":"transmitted power detected", "ssid":"name of the ssid the device was looking for" <-if present } Having this info directly posted to a server using POST would be great, otherwise just having a plain text file with the json would resolve my problems. I've been looking in the scapy documentation but I don't know if is possible to develop something using python+scapy to get the probes in the way I need them. Any guidence would be really appreciated.

Hi Guys, Need help with airodump. In my attachment you can see I have taken a screen grab of an airodump command. My question is why are some of the results showing channel 158? is this a bug? Cheers