gavshouse Posted September 2, 2009 Posted September 2, 2009 ok hi ive watch the show season 5 ep 18 i think where they show how to hack WPA also ive watched many youtube videos im typing in all the right commands but its not working correctly first of little info Router ESSID:staniforth Wifi Interface:wifi0 BSSID:00:17:3F:53:37:BE Client Mac: 00:17:3F:71:EA:F5 i have 1 computer connected i obv know the password so im trying to disconnect which works then get the handshake sudo airodump-ng -c 3 -b 00:17:3F:53:37:BE -w staniforth_a wifi0 sudo aireplay-ng -0 30 -a 00:17:3F:53:37:BE -c 00:17:3F:71:EA:F5 wifi0 it all works my other computer reconnects but nothing happens gav@gav-laptop:~$ sudo airmon-ng start wifi0 [sudo] password for gav: Interface Chipset Driver wifi0 Centrino a/b/g ipwraw-ng (monitor mode enabled) wlan1 Ralink 2573 USB rt73usb - [phy2] 13:26:27 Sending DeAuth to station -- STMAC: [00:17:3F:71:EA:F5] 13:26:27 Sending DeAuth to station -- STMAC: [00:17:3F:71:EA:F5] 13:26:28 Sending DeAuth to station -- STMAC: [00:17:3F:71:EA:F5] 13:26:28 Sending DeAuth to station -- STMAC: [00:17:3F:71:EA:F5] 3 ][ Elapsed: 37 s ][ 2009-09-02 13:27 BSSID PWR RXQ Beacons #Data, #/s CH MB ENC CIPHER AUTH ESSID 00:17:3F:53:37:BE -1 100 362 106 0 3 48 WPA TKIP PSK staniforth BSSID STATION PWR Lost Packets Probes 00:17:3F:53:37:BE 00:17:3F:71:EA:F5 -1 0 106 any thoughts ? Quote
ParMan Posted September 2, 2009 Posted September 2, 2009 try to send more. do like 50 or something even 200 maybe. my computer it took about 50 before i got it. did you create the file to save it to? Quote
digip Posted September 2, 2009 Posted September 2, 2009 Are you sending it to a Belkin Router or the users mac address of their nic? Looks like it might be the router. If I remember correctly you need to send the deauth to the users mac, not the router. Try sending the deauth to "00:17:3F:53:37:BE" instead of "00:17:3F:71:EA:F5". Quote
gavshouse Posted September 2, 2009 Author Posted September 2, 2009 try to send more. do like 50 or something even 200 maybe. my computer it took about 50 before i got it. did you create the file to save it to? it does disconnect though ? are you saying it took 50 to get the handshake or to disconnect Quote
gavshouse Posted September 2, 2009 Author Posted September 2, 2009 Are you sending it to a Belkin Router or the users mac address of their nic? Looks like it might be the router. If I remember correctly you need to send the deauth to the users mac, not the router. Try sending the deauth to "00:17:3F:53:37:BE" instead of "00:17:3F:71:EA:F5". i think to the mac ive tried sudo aireplay-ng -0 50 -a 00:17:3F:71:EA:F5 -c 00:17:3F:53:37:BE wifi0 and sudo aireplay-ng -0 50 -a 00:17:3F:53:37:BE -c 00:17:3F:71:EA:F5 wifi0 both disconnect the pc and it reconnects but it doesnt popup saying its got the handshake Quote
gavshouse Posted September 2, 2009 Author Posted September 2, 2009 right it appears i did have a valid handshake, i tried a aircrack with my password in a txt file and it worked so doesnt this mean the .cap has a handshake in ? Quote
digip Posted September 2, 2009 Posted September 2, 2009 I would send 4 at a time, then 4 more, then 4 more, space them out, 50 is just overkill. Run the command severl times with a second or two between tries, but so long as your card is in monitor mode and capturing on the correct channel you should have the handshake in the pcap after a few deauths and reconnects. Maybe you are missing a step or your card isn't properly doing monitor mode, too far away, etc, could be a number of reasons. Check this video, might help you out a bit more: Quote
gavshouse Posted September 3, 2009 Author Posted September 3, 2009 I would send 4 at a time, then 4 more, then 4 more, space them out, 50 is just overkill. Run the command severl times with a second or two between tries, but so long as your card is in monitor mode and capturing on the correct channel you should have the handshake in the pcap after a few deauths and reconnects. Maybe you are missing a step or your card isn't properly doing monitor mode, too far away, etc, could be a number of reasons. Check this video, might help you out a bit more: Yeah ok im 100% sure its work i have got a handshake in my .cap and it found my keys, my commands are correct ive also ran a injection test gav@gav-laptop:~/Desktop/hack$ sudo aireplay-ng --test wifi0 01:11:59 Trying broadcast probe requests... 01:11:59 Injection is working! 01:12:00 Found 1 AP 01:12:00 Trying directed probe requests... 01:12:00 00:17:3F:53:37:BE - channel: 3 - 'Belkin54g' 01:12:03 Ping (min/avg/max): 2.038ms/17.191ms/33.515ms 01:12:03 21/30: 70% gav@gav-laptop:~/Desktop/hack$ so the question is why is it getting the handshake but not reporting it back ? Quote
miT Posted September 3, 2009 Posted September 3, 2009 I had this issue when i was testing my WPA with my password in a text file along with some common dictionary words. My password was at the very end of the file so it should of been successful in the end. I couldn't figure it out and moved on. After I grabbed aircrack-ng from the svn, it worked like a charm. I would suggest getting the latest and greatest and trying again. Quote
gavshouse Posted September 3, 2009 Author Posted September 3, 2009 I had this issue when i was testing my WPA with my password in a text file along with some common dictionary words. My password was at the very end of the file so it should of been successful in the end. I couldn't figure it out and moved on. After I grabbed aircrack-ng from the svn, it worked like a charm. I would suggest getting the latest and greatest and trying again. think you mistaken what im asking, i have decrypted a key "wikipedia" which i simply wrote in so that means it had the handshake but airodump-ng didnt report back saying it had the handshake in the first place, sorry if im not clear Quote
digip Posted September 3, 2009 Posted September 3, 2009 Maybe download the latest version anyway, like suggested, and see what happens. Quote
miT Posted September 3, 2009 Posted September 3, 2009 think you mistaken what im asking, i have decrypted a key "wikipedia" which i simply wrote in so that means it had the handshake but airodump-ng didnt report back saying it had the handshake in the first place, sorry if im not clear You don't catch the hand shake via typing it in on the client. You send deauths to the router masquerading as the client then catch the handshake. I'm sure it will work either way, but that's the way i've always done it. Quote
gavshouse Posted September 3, 2009 Author Posted September 3, 2009 Maybe download the latest version anyway, like suggested, and see what happens. yeah i do have the current release of 0.9.3 the only newer version is a RC which i will try i guess Quote
gavshouse Posted September 3, 2009 Author Posted September 3, 2009 yeah i do have the current release of 0.9.3 the only newer version is a RC which i will try i guess hmm ive got the RC and its working now thanks for the advice Quote
miT Posted September 3, 2009 Posted September 3, 2009 hmm ive got the RC and its working now thanks for the advice Told you! Thank you, please drive through. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.