nju3ka Posted November 8, 2015 Share Posted November 8, 2015 Hi. I am interested in Wireless hacking, so i installed my "old" WiFi router in my living room for this puropose.Let me say that i have sucessfully "hacked" my mobile AP as well as my "modem-router" with integrated WiFi. In both of those devices i got handshake, but with this router there is no handshake. My USB Wifi Adapter: TP-Link TL-WN722N Router: TP-Link TL-WR941ND Linux: Kali v2 I tried those steps: 1.) airdump-ng wlan0mon2.) airodump-ng --bssid DD:51:44:88:EF:AA -c 1 --write /root/Desktop/Projekt4/ssidname wlan0mon3.) aireplay-ng --deauth 5 -a DD:51:44:88:EF:AA wlan0mon4.) aircrack-ng -w /root/Documents/Dic/rockyou.txt -b DD:51:44:88:EF:AA /root/Desktop/Projekt4/ssidname.cap The router is not connected to the internet. In step 3 i am seeing disconnected devices, trying connecting again. But no handshake. What am i doing wrong? Quote Link to comment Share on other sites More sharing options...
digininja Posted November 8, 2015 Share Posted November 8, 2015 You don't mention connecting a client to the AP, if you don't do that then there can't be any handshakes. If you do then are you sure you've got the right BSSID? You didn't take the MAC address of the wired interface by accident did you? Quote Link to comment Share on other sites More sharing options...
nju3ka Posted November 8, 2015 Author Share Posted November 8, 2015 Yes, i tried to connect with the client to the AP, but without success to get handshake. Yes it is a right BSSID. I get handshake wenn trying to "hack" AP (hotstpot) on mobile device and with the main router in the house. But with this "testing" router no success. Quote Link to comment Share on other sites More sharing options...
digininja Posted November 8, 2015 Share Posted November 8, 2015 try running Wireshark or tcpdump on wlan0mon and watch for EAPOL traffic, see what happens when you authenticate. Quote Link to comment Share on other sites More sharing options...
AlfAlfa Posted December 12, 2015 Share Posted December 12, 2015 I had a similar problem recently, for some reason the handshake was actually captured but airodump failed to say that it had actually captured the handshake! Check the capture file(s) with aircrack to see if in fact there is a handshake that has been caught. aircrack-ng your_ap*.cap I was like wtf, so all that time I was waiting for a handshake (since deauthing didn't seem to get through but actually maybe it did) and I had it the whole time, it just failed to mention that it had gotten it! I don't know what causes this, but it's worth mentioning... Also those who know, do you have to be close enough to both the client and AP, or just the AP or just the client? Quote Link to comment Share on other sites More sharing options...
digip Posted December 12, 2015 Share Posted December 12, 2015 Continue running step 3. Once it shows it has the handshake, keep doing a deauth a few more times while capturing and make sure the clients are reconnecting. I've actually had incidents where it said it captured the handshake, and found none in aircrack afterwards for cracking. Sometimes they are incomplete or only part of the handshake. Probes aren't connections, so be sure you actually see clients at the bottom of airmon-ng, not just probes. By leaving it running a a bit longer and continuing, ensures they are actually captured. Also, ss the setup definitely WPA though and not WEP? Double check your routers settings, make sure you set it up properly to test against. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.