I broke my wep key on an Actiontec router. Now I am lookig into breaking a WPA passphrase (the actiontec doesnt support WPA as far as I know) on a Linksys WRT54G ver.2.0 router. The ESSID is cloaked and as soon as I start Kismet it sees the AP in "blue" IPrange, Flag D4, and its grabbing the most packets than anyother AP I can (even more than the Actiontec router)

Is this normally?

I broke my wep key on an Actiontec router. Now I am lookig into breaking a WPA passphrase (the actiontec doesnt support WPA as far as I know) on a Linksys WRT54G ver.2.0 router. The ESSID is cloaked and as soon as I start Kismet it sees the AP in "blue" IPrange, Flag D4, and its grabbing the most packets than anyother AP I can (even more than the Actiontec router)

Is this normally?
Why does it matter if it is "normal" or not? What does this have to do with your original question?

Its grabbing the most packets probably because its the closest. ;)

I would like to know what the D4 flag is and when kismet show an AP in blue what does thatt mean?

It isnt the closet the Actiontec is in the same room as the laptop (kismet machine) and the linksys is on the other side of the house

The D flag is the address range found via observed DHCP traffic.

im sorry guys I just realized it but Kismet is picking up the wrong info from my AP the right info is

Should be showing:

ESSID Cloaked :Test
ip range 192.168.1.100
MAC 00:0F:66:CB:D3:A8

Kismet is showing

ESSID Cloaked: Linksys
ip ranged 192.168.1.3
MAC 00:0F:66:CB:D3:A8

I use aircrack-ng how would I get past something like this?

I get the same problem with kismet when I change my AP's name. It was originally linksys or something like that., (and I had it cloaked) .and I ran kismet ..and it found linksys like it was suppose to. Then I changed its name to -=Xploitz Network=- and I ran kismet..and it STILL said linksys. I believe kismet was reloading some captured file that it found when its name was originally named linksys..and I still havent found where its stored at...but If you know where..delete it and all should be fine. If you know where or anybody else does..please post the path to this little booger if you don'yt mind please.

As far as aircrack goes...just try both names in aireplay commands..one of them is right.

I get the same problem with kismet when I change my AP's name. It was originally linksys or something like that., (and I had it cloaked) .and I ran kismet ..and it found linksys like it was suppose to. Then I changed its name to -=Xploitz Network=- and I ran kismet..and it STILL said linksys. I believe kismet was reloading some captured file that it found when its name was originally named linksys..and I still havent found where its stored at...but If you know where..delete it and all should be fine. If you know where or anybody else does..please post the path to this little booger if you don'yt mind please.

As far as aircrack goes...just try both names in aireplay commands..one of them is right.

I seem to remember, but don't quote me on this, it is stored in one of the files kismet creates in your root directory. I think its the csv but dont have access to my BT right now so cannot confirm

Finally someone posts a AP mac thats been tagged by a wigle user.
36.83950043 -76.39478302

Finally someone posts a AP mac thats been tagged by a wigle user.
36.83950043 -76.39478302



Hahahahahaha!

The file is in /home/YOUR_USER/.kismet/ssid_map Just delete the ssid_map, or edit the file and remove the line for your network.

Thanks Barry..I will be sure and delete the contents of my ssid_map..this little nuisance has been quite annoying. Good work! ;)

Thanks Barry..I will be sure and delete the contents of my ssid_map..this little nuisance has been quite annoying. Good work! ;)

I try. :cool:

In the process of installing B/T to my wardriving laptop. It's drive ate itself today. Started doing the click of doom. :(