Broadcom 4318/aircrack/kubuntu

[exeption]

Dear all, my first post at this forum.

First off, enjoying the show trumendously and learning alot.

I am a noob at hacking and therefore have alot of questions.

Trying to read, watch introductions films at Youtube etc.

My issues:

Had no problem installing Kubuntu distro and aircrack-ng latest version

I have also Back-track 3 running on an old HP ZE2000 with b43xx network card.

Did hack my first WEP key just a couple of days ago and with that knowledge I tried to

hack a WPA-PSK station with no luck just yet.

I am soon finished downloading a 30GB dictonary file and will aim to use that in my effort to crack

the WPA-PSK key as soon as I manage to get an handshake.

But everytime I use the airodump-ng mon0 command I can see the power station

is showing -70 to -90, beacons are ok but I cannot seem to get any handshake what so ever.

I have tried aireplay-ng and deauth requestes..

Purhaps I did not do it correctly sirs, but i rather would like to think that is something to do withe my

wireless adapter (onboard) ???

Is there a command e.g. iwconfig txpower of some sort that can turn on my power management or make the power switch to the postivite side?

Is there a command or guide to how I can get those handshakes or is it just that my signal isn´t strong enough..

Please excuse any bad english spelling as I am from Norway and english is not my primary languish.

Thanks in advanced for any assits.

ExEptiOn

[exeption]

Really no one?

[digip]

Few things. If people don't reply right away to your post, give it some time. If someone has an answer, they will post it. Posting a reply to yourself with "Really no one?" tends to get even less help from us, as its a bit insulting and you seem to looking for a handout. We're here as a community, not to spoon feed people.

Ok, so for starters, to get the handshake, you need a few things in place. 1, a person needs to be associated with the WPA access point. 2, they need to be using shared keys. 3, you need to be capturing packets and then do a deauth to the person on the access point, and then when they reconnect, you will capture their handshake. The handshake is a process that will show up in the pcap file if done correctly and then allow you to attempt to crack the key. This is something google could have told you with a few minutes to query it, so one thing to note is we tend to be a little hard on people who 1, don't do the research, and 2, are clearly looking for a handout. There is a search box for the forums. Use it. This topic has been talked about before, and I'm sure there are threads that could have lead you to an answer, even if it didn't exist as a whole on this site alone.

As for hardware options, if your card provides extra settings, you can try iwpriv to see what they are, then set them, such as txpower, etc. Google for your cards extra settings through iwpriv. NOTE: Some cards require the commands and settings to be set before bringing the card up, so if you try to set it while the card is running, the command may fail or not even show you options. The options also have to be built into the driver you are using, and some cards have multiple drivers, depending on where you download them from and who wrote them.

For instance, my card has multiple types of drivers, but I use the enhanced ones from a specific website. Your mileage may vary depending on the kernel and custom drivers you use, so it realy depends on the hardware and drivers you are using. Broadcom cards in general, are know to have issues when doing Aircrack stuff and like I mentioned, YMMV.

I know BT4 doesn't widely support broadcom chipsets at the moment (although older cards worked better in BT2 and 3 for some reason): http://www.backtrack-linux.org/bt/wireless-drivers/ but if you find a driver someone wrote that allows injection and more such options, then good for you, share that with the community. I know the Back Track team is working on more Broadcom compatibility for newer cards, so if you have any feedback, found custom drivers, then you can help contribute too: http://twitter.com/backtracklinux/status/10282491462

Edited March 21, 2010 by digip