Ugh.....Any particular reason this is taking so long
I have been having issues with a very slow packet rate in airmon, Its running on my HP Pavilon notebook with BackTrack 3 Final-Release on a Live-CD.
The wireless card I'm using is a Belkin F5D7050 Wireless-G 54Mbps USB Network Adapter.
I've done –test on the device and it says it successful.
Any ideas as to why its being so slow?
I'm attempting to do this to my own wireless network for my first time, I've changed all the settings from WPA and shit to WEP, and allowed the SSID to broadcast etc etc etc…
If it helps, the settings are as follows: Encryption; WEP (64 bits 10 hex digits) Default Transmit Key: 1 Passphrase: 12345 Key 1: E235485511 Key 2: 292BB51BCC Key 3: 3DCD220BC8 Key 4: 97C74DA650
It is set to broadcast the SSID. The network mode is set to mixed. The channel is set to 6.
aireplay is mentioned in almost every WEP cracking tutorial out there, its essential, otherwise your program would be running for months, if not years.
this tutorial, http://thew0rd.com/2008/08/19/tutorial-cracking-wep-using-backtrack-3/ mentions aireplay and how to use it, take a look at that. (its BT3 specific though, so the commands are different if you are on a version of BT lower than 3)
sorry, missed that last post.
that's the right command, so how many are you capturing per second?
EDIT: heh, your posting too fast for me to keep up :P What might have happened is that you have to wait for an ARP packet before the attack can start copying it and injecting them, and some routers take forever to send an ARP packet.
Uhh..I'm not sure…
but I got more than enough to crack it in about two minutes tops. :)
Pretty strange that people use it when it can be cracked so quickly… (Need to change back the settings on the network to WPA-PSK soon :p )
I've read somewhere about being able to crack WPA pretty easily too… I'm going to look into that in a little while. :)
It's so strange that the majourity of people don't even question the sucurity of things, they just assume it says it is secure when in reality it is not..
With everything, as long as it says secured, or something about it being password protected or something protecting it then most people just assume it's completely flawless..
I don't quite understand why, other than if they're all just not too smart..
Even before I starting learning about computers I still assumed that there were ways around everything…
I know what you mean, most people will believe whatever they are told, and that really bothers me how society just accepts that. Especially at my school, the ignorance of some of my friends and how they dont care to change that makes me want to slap them (but that would be rude, and people would think my reason was weird :D)
For instance in the media and how they see hackers just as evil teenage punks who get no social acceptance and destroy and steal from other people to make up for it, and everyone buys it.
But, anyways, thats kinda off topic. Glad you got it working and good luck with your studies :)
Well…
i don't know what made it start working earlier, but it's stopped working now…
I've played around with it trying to get it to work again, but I can't seem to get it to…
The problem now is that it isn't wanting to do the injection…
It's saying that the MAC is rejected but MAC filtering isn't on and I'm not using a random MAC.
:/
like…wtf…
You need to associate with the router in order for the injected packets to be accepted. On the aircrack site there's a page that explains how that works.
Also, WPA-PSK can be cracked, but it can take a long time. It's not a matter of capturing enough packets and mathematically deriving the password, you must capture the handshake and run a brute force attack on it. This can take a VERY long time since you have to do (I think) 1000 rounds of SHA1 for each attempt. A strong password (9+ chars, mixed case + symbols) will be essentially impossible to crack within a reasonable timespan.
Ok so I am realising now that it just takes a little while for the AP to start sending out the mass amount of packets,
However I am noticing when I spoof my MAC for the wireless device I generally am not accepted by the access point when trying to do the injection to become associated with the AP.
I'm not using just completely random number/letters as the MAC though…. :(
Edit: Once again, not quite sure how I did it, but I've gotten it all working again. :D
okay..
I will assume that: You have your drivers updated, if need be. Your card supports injection Your AP is not set to mac filter Updated your Aircrack-suit
aireplay-ng -3
is just a standard arp replay attack, there has to be a wireless client for that to work,
Here's the stand method using the Aircrack Suit
WEP w/ clients: 1 Airmon-ng – put the card into monitoring mode with the correct channel 2 Airodump-ng – dump the packets in a file, specify channel and bssid 3 Aireplay-ng – -3 injects arp packets using the clients mac 4 Aircrack-ng – cracks the cap file and gives you the wep key
WEP w/o clients: 1 Airmon-ng – put the card into monitoring mode with the correct channel 2 Airodump-ng – dump the packets in a file, specify channel and bssid 3 Aireplay-ng – -1 to associate yourself with the AP – keep running 4 Aireplay-ng – use a chop-chop or fragmentation attack 5 Packetforge-ng – craft an arp packet 6 Aireplay-ng – -3 using the arp packet you have crafted and using your mac 7 Aircrack-ng – crack the cap file for the wep key
there's all the information you need, use the man command to find out more info on the commands..
if you want to use another tool, wesside-ng is a good one