#! /home/kiddy Posted December 14, 2008 Posted December 14, 2008 I've been doing some pen tests on my wireless network at home and I'm having a problem capturing WPA handshakes. I'm running the Aircrack-ng suite on Ubuntu and after deauthing the client Airodump doesn't capture the handshake. The client re-authenticates fine and both the client and AP are right beside me so they can't be out of range. If it helps at all I'm using a Broadcom chipset with B43 drivers (which seem to work fine for packet capture/injection). If anyone knows what might be causing this I'd really appreciate the help. Quote
digip Posted December 14, 2008 Posted December 14, 2008 I've been doing some pen tests on my wireless network at home and I'm having a problem capturing WPA handshakes. I'm running the Aircrack-ng suite on Ubuntu and after deauthing the client Airodump doesn't capture the handshake. The client re-authenticates fine and both the client and AP are right beside me so they can't be out of range. If it helps at all I'm using a Broadcom chipset with B43 drivers (which seem to work fine for packet capture/injection). If anyone knows what might be causing this I'd really appreciate the help. Keep sending deauths while capturing packets. You should get the handshake eventually. You can also try fragmentation or injection of forged arp requests to get the handshake. I have a broadcom in my laptop and works fine with backtrack so you should be able to get the 4way handshake with no problem, just a little trial and error. One thing to do is make sure the card is set to montior only on the channel the targest are on. Don't let the card monitor(roam) all channels. This can cause issues. I haven't used BT in a few months now, or I would give you a walk through, but your question has been asked thousands of times on the BT forums. Check them out and do a search for capturing WPA handshakes on their forums. http://forums.remote-exploit.org Quote
#! /home/kiddy Posted December 14, 2008 Author Posted December 14, 2008 Keep sending deauths while capturing packets. You should get the handshake eventually. You can also try fragmentation or injection of forged arp requests to get the handshake. I have a broadcom in my laptop and works fine with backtrack so you should be able to get the 4way handshake with no problem, just a little trial and error. One thing to do is make sure the card is set to montior only on the channel the targest are on. Don't let the card monitor(roam) all channels. This can cause issues. I haven't used BT in a few months now, or I would give you a walk through, but your question has been asked thousands of times on the BT forums. Check them out and do a search for capturing WPA handshakes on their forums. http://forums.remote-exploit.org Thanks I'll check that out Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.