Welcome to HBH! If you had an account on hellboundhacker.org you will need to reset your password using the Lost Password system before you will be able to login.

Ugh.....Any particular reason this is taking so long


Night_Stalker's Avatar
Member
0 0

I have been having issues with a very slow packet rate in airmon, Its running on my HP Pavilon notebook with BackTrack 3 Final-Release on a Live-CD.

The wireless card I'm using is a Belkin F5D7050 Wireless-G 54Mbps USB Network Adapter.

I've done –test on the device and it says it successful.

Any ideas as to why its being so slow?

I'm attempting to do this to my own wireless network for my first time, I've changed all the settings from WPA and shit to WEP, and allowed the SSID to broadcast etc etc etc…

If it helps, the settings are as follows: Encryption; WEP (64 bits 10 hex digits) Default Transmit Key: 1 Passphrase: 12345 Key 1: E235485511 Key 2: 292BB51BCC Key 3: 3DCD220BC8 Key 4: 97C74DA650

It is set to broadcast the SSID. The network mode is set to mixed. The channel is set to 6.


stealth-'s Avatar
Ninja Extreme
0 0

i did this a long time ago, so my memory is a little foggy, but here goes:

Are you injecting packets into the network with airplay?

networks have very little traffic, especially home networks, so you need to stimulate packets in the network so you have more to capture


Night_Stalker's Avatar
Member
0 0

Yes, airplay…

How would I simulate packets?

I thought that it might be taking so long due to the fact the there are no clients…

But i wasn't sure..


stealth-'s Avatar
Ninja Extreme
0 0

aireplay is mentioned in almost every WEP cracking tutorial out there, its essential, otherwise your program would be running for months, if not years.

this tutorial, http://thew0rd.com/2008/08/19/tutorial-cracking-wep-using-backtrack-3/ mentions aireplay and how to use it, take a look at that. (its BT3 specific though, so the commands are different if you are on a version of BT lower than 3)


Night_Stalker's Avatar
Member
0 0

When I try to simulate packets it says the AP is rejecting the MAC address…

Any reason why it'd do this?

I don't have the network to only allow certain MAC addresses or anything like that….


Night_Stalker's Avatar
Member
0 0

Nevermind…

It's not saying that anymore……

Still isn't going too fast though, but it's a little faster…..just barely….

aireplay-ng -3 -b ::::: -h 00:11:22:33:44:55 eth2

would be the command that simulates packets, correct?

It's what I ran..


stealth-'s Avatar
Ninja Extreme
0 0

afaik, the only reason you would be getting that error was if you were not associated with the AP, so double check that you are.


Night_Stalker's Avatar
Member
0 0

Just got it all working!

Not sure what I did, but it's all working now. :D.


stealth-'s Avatar
Ninja Extreme
0 0

sorry, missed that last post.

that's the right command, so how many are you capturing per second?

EDIT: heh, your posting too fast for me to keep up :P What might have happened is that you have to wait for an ARP packet before the attack can start copying it and injecting them, and some routers take forever to send an ARP packet.


Night_Stalker's Avatar
Member
0 0

Uhh..I'm not sure…

but I got more than enough to crack it in about two minutes tops. :)

Pretty strange that people use it when it can be cracked so quickly… (Need to change back the settings on the network to WPA-PSK soon :p )

I've read somewhere about being able to crack WPA pretty easily too… I'm going to look into that in a little while. :)


stealth-'s Avatar
Ninja Extreme
0 0

yeah, its amazing how insecure our world is when you happen to be one of the people who knows where to look.


Night_Stalker's Avatar
Member
0 0

It's so strange that the majourity of people don't even question the sucurity of things, they just assume it says it is secure when in reality it is not..

With everything, as long as it says secured, or something about it being password protected or something protecting it then most people just assume it's completely flawless..

I don't quite understand why, other than if they're all just not too smart..

Even before I starting learning about computers I still assumed that there were ways around everything…


stealth-'s Avatar
Ninja Extreme
0 0

I know what you mean, most people will believe whatever they are told, and that really bothers me how society just accepts that. Especially at my school, the ignorance of some of my friends and how they dont care to change that makes me want to slap them (but that would be rude, and people would think my reason was weird :D)

For instance in the media and how they see hackers just as evil teenage punks who get no social acceptance and destroy and steal from other people to make up for it, and everyone buys it.

But, anyways, thats kinda off topic. Glad you got it working and good luck with your studies :)


Night_Stalker's Avatar
Member
0 0

Well…

i don't know what made it start working earlier, but it's stopped working now…

I've played around with it trying to get it to work again, but I can't seem to get it to…

The problem now is that it isn't wanting to do the injection…

It's saying that the MAC is rejected but MAC filtering isn't on and I'm not using a random MAC.

:/

like…wtf…


ghost's Avatar
0 0

You need to associate with the router in order for the injected packets to be accepted. On the aircrack site there's a page that explains how that works.

Also, WPA-PSK can be cracked, but it can take a long time. It's not a matter of capturing enough packets and mathematically deriving the password, you must capture the handshake and run a brute force attack on it. This can take a VERY long time since you have to do (I think) 1000 rounds of SHA1 for each attempt. A strong password (9+ chars, mixed case + symbols) will be essentially impossible to crack within a reasonable timespan.


Night_Stalker's Avatar
Member
0 0

Ok so I am realising now that it just takes a little while for the AP to start sending out the mass amount of packets,

However I am noticing when I spoof my MAC for the wireless device I generally am not accepted by the access point when trying to do the injection to become associated with the AP.

I'm not using just completely random number/letters as the MAC though…. :(

Edit: Once again, not quite sure how I did it, but I've gotten it all working again. :D


ghost's Avatar
0 0

okay..

I will assume that: You have your drivers updated, if need be. Your card supports injection Your AP is not set to mac filter Updated your Aircrack-suit

aireplay-ng -3

is just a standard arp replay attack, there has to be a wireless client for that to work,

Here's the stand method using the Aircrack Suit

WEP w/ clients: 1 Airmon-ng – put the card into monitoring mode with the correct channel 2 Airodump-ng – dump the packets in a file, specify channel and bssid 3 Aireplay-ng – -3 injects arp packets using the clients mac 4 Aircrack-ng – cracks the cap file and gives you the wep key

WEP w/o clients: 1 Airmon-ng – put the card into monitoring mode with the correct channel 2 Airodump-ng – dump the packets in a file, specify channel and bssid 3 Aireplay-ng – -1 to associate yourself with the AP – keep running 4 Aireplay-ng – use a chop-chop or fragmentation attack 5 Packetforge-ng – craft an arp packet 6 Aireplay-ng – -3 using the arp packet you have crafted and using your mac 7 Aircrack-ng – crack the cap file for the wep key

there's all the information you need, use the man command to find out more info on the commands..

if you want to use another tool, wesside-ng is a good one