|
|||||||
| Tutorials & Guides Contributions welcome! Please check the rules & guidelines for posting |
 |
|
|
LinkBack | Thread Tools | Display Modes |
08-22-2007, 03:38 PM
|
|||
|
|||
first of all, thanx for the tuts vid.
3 questions. 1. how do I find out if the net uses 64bit wep or 128bit? 2. is there any pros / cons in this procedure of wep crack from the other tut that you have posted? 3. is there a list of wireless routers that this attack will work on or does it work on all routers? cheers 
|
|
08-22-2007, 10:11 PM
|
||||
|
||||
|
Quote:
Answer to q 1. Its your encryption...you should know. But if your pentesting and you forgot to ask or your employer didn't tell you...you still won't know until you crack it. Start with the -n 64 option in aircrack-ng if you get nothing...just leave off the -n option and it will default to 128 bit.  Get around 50,000 Ivs (Data Packets)Answer to q 2. Its more reliable and much quicker if your router doesn't like the ARP Request (-3 attack). Plus it will give you IP addresses Answer to question 3. It works on most. You'll have to experiment with the -5 (Fragmentation Attack)...-4 (Korek chopchop Attack)..and the -3 (Arp Request Attack)....to get the one that works best with the AP your dealing with. 1 of the 3 (usually the -4) will work. I haven't come across an AP yet that has WEP that I couldn't crack. BTW..get the latest developmental version of aircrack-ng suite if you want answer 1 to work well.
__________________
--=Xploitz=-- ®
|
|
08-30-2007, 10:09 PM
|
|||
|
|||
|
hello Xploitz,
I'm using the chopchop method, but sometimes it works but when I do the same steps and some times it doesn't work. in step 4, bt ~ # aireplay-ng -4 -h `cat DM` -b `cat AP` eth1 open(/dev/rtc) failed: Device or resource busy what does this error say, how can I solve this problem ? regards durana
|
|
09-03-2007, 12:54 AM
|
||||
|
||||
|
Quote:
Do aireplay-ng -4 -h <CARDS AP> -b <AP MAC> eth1 What card and chipset are you using??
__________________
--=Xploitz=-- ®
|
|
09-03-2007, 12:04 PM
|
|||
|
|||
|
sorrie Xploitz,
Becourse I'm not so good in linux, The reason I use `cat DM` is so that I can't make a fault in typing the MAC adres. DM is a file with my mac adres as content. I tried this with my rt61 onbourd chip and a Belkin Wireless PCMCIA Adapter (F5D7011df, 125Mbps) with bcm4318 chipset. Strange chipset i thought that this one should work, read this at the backtrack site. Is there a possibility to reload or restart the WLAN ?
|
|
09-03-2007, 12:15 PM
|
||||
|
||||
|
Have you tried doing it without the cat DM etc, and following it as it was written. I expect that this is half of your problem.
The other half of your problem is that you really should not expect any success with a broadcom chipset.
__________________
Any questions you have will get a good answer as long as you have followed the forum rules and show you have tried to help yourself. Your questions are clear and contain as much relevant info as possible, especially error messages, commands you have tried and the output from those commands.
remember: garbage in = garbage out BackTrack needs your donations, no matter how small. Please contribute HERE
|
|
09-03-2007, 12:36 PM
|
|||
|
|||
|
Balding,
yes I tried this also without de cat DM etc, with directly de mac adresses. but the same issue. When I reboot then I it is working again, ...injection is working perfectly, assosiation step 2 is also working but not when I do step 4 or 5 with the -4 attack, there is no assosiation, i don't see at the airodum my 00:11:22:33:44:55 client connecting and increasing the data, both my PCMCIA BCM4318 and also with onboard rt61 chipset.... very very strange..... What about restarting WLAN without rebooting, is that possible. When I do /etc/init.d/wlan restart, I get some errors at line 77, and when I check the iwconfig it is then still the same status as before the command. Do you have an other method to reload/restart to default wlan settings ? regards Durana
|
|
09-03-2007, 12:58 PM
|
||||
|
||||
|
Well looking on the wiki, two cards are mentioned as having the RT61 chipset.
The first says that injection is not supported, the second mentions needing to modprobe. And a search of the forum shows many people have problems with that chipset. We know that the broadcom card is unlikely to work with any success. So it sounds like you need to get a fully supported card. As for the commands to configure your card, look here.
__________________
Any questions you have will get a good answer as long as you have followed the forum rules and show you have tried to help yourself. Your questions are clear and contain as much relevant info as possible, especially error messages, commands you have tried and the output from those commands.
remember: garbage in = garbage out BackTrack needs your donations, no matter how small. Please contribute HERE
|
|
09-03-2007, 01:13 PM
|
|||
|
|||
|
ok ok,
I bought the wrong pmcia card, Now I have to spent money again for an other card. This time I will buy an usb version... Is rebooting the only possiblity to reload/restard the wireless settings ? Thanks for your help/advise...
|
|
09-03-2007, 11:29 PM
|
||||
|
||||
|
Quote:
if you buy a USB,....better get the alfa 500Mw If you don't get a USB..make sure the card your planning on buying is supported like balding_parrot said. Go here to get the current supported cards and chipsets... Quote:
__________________
--=Xploitz=-- ®
|
|
| Bookmarks |
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
All times are GMT. The time now is 11:57 AM.
