LebGeeks

Roudykh

Member

Re: WEP and WPA pass cracking! Full Tutorial.

ok, so your problem is with injecting the created packet.
in the first screenshot, does OPN appear in the top left terminal? (it's next to CIPHER) make sure it appears before you continue.
retry the tutorial and tell me what you get.
note that if one step is skipped or didn't work, all the cracking will fail.
also make sure you clean old files before you start any task, this can be done by clicking clean old files in the configuration tab.
hope it helps!

Rodster

Member

Re: WEP and WPA pass cracking! Full Tutorial.

question. how i can i identify my wireless card and how i know if it supports injection.

Roudykh

Member

Re: WEP and WPA pass cracking! Full Tutorial.

question. how i can i identify my wireless card and how i know if it supports injection.

open gerix wifi cracker as i said before. go to configuration tab, if anything appear under interfaces then your card is supported. if nothing appears then it's not supported.

Rodster

Member

Re: WEP and WPA pass cracking! Full Tutorial.

question. how i can i identify my wireless card and how i know if it supports injection.

open gerix wifi cracker as i said before. go to configuration tab, if anything appear under interfaces then your card is supported. if nothing appears then it's not supported.

but that application exist in backtrack iam runing windows. i want to check before i downlad it.

F0u4d

Member

Re: WEP and WPA pass cracking! Full Tutorial.

well i'm stupid  kept refreshing the page waiting ur reply  and i didn't notice it went to page 2

Anyway i tested again, tested both method CC and Fragmentation and it seems that the problem is after clicking  either "Start the CC attack" or "Fragmentation attack" it first read the packet and i type y after that it fails to send the packet and keep getting a deauthentication packet.

btw the Injection test works great and it says "Injection is Working!" (using my USB adapter)

Check this screenshot for the Fragmentation Method:

and this screenshot is for the CC method:

And i have some question if you don't mind:

1)Sometimes when i enable wlan0 which is my USB Wifi adapter TP-LINK WN321G (Ralink 2573 with Driver rt73usb) and i press on rescan networks i get no networks so i keep enabling and disabling it to get network but when i do enable my network card (Atheros AR2425 with driver ath5k) and scan networks on it i get all wifi networks directly, can the problem be caused from my USB adapter? (Injection works on my USB and not sure if does on my network card :/ )

2)I have a TP-Link router without any connection on, if i set it on a WEP WiFi will i be able to crack it? or has to be connected to the internet? it might be better testing the process on a closer WiFi network.

3) I'm doing the attack on my laptop, but i have a PC would u suggest trying the attack from PC ? or it doesn't matter?

I'm so frustrated and want to be able to get it work and see this sentence "Key Found!"
i really appreciate your help, Thanks!

Last edited by F0u4d (August 10 2012)

Roudykh

Member

Re: WEP and WPA pass cracking! Full Tutorial.

question. how i can i identify my wireless card and how i know if it supports injection.

open gerix wifi cracker as i said before. go to configuration tab, if anything appear under interfaces then your card is supported. if nothing appears then it's not supported.

but that application exist in backtrack iam runing windows. i want to check before i downlad it.

check if your adapter figure http://www.aircrack-ng.org/doku.php?id= … patibility

Roudykh

Member

Re: WEP and WPA pass cracking! Full Tutorial.

@ F0u4d 1) it doesn't matter if you do injection with your internal card or external adapter cz from your screenshots it appears that your usb adapter support injection.
2)yes, try to do the process on your router, it's better to get good signal. it doesn't matter if there's internet or not.
3) it doesn't matter unless you're cracking wpa (it needs good ram and cpu speed to do the process quickly)

Ok then, retry the process but substitute step 7 from my tutorial with step 6 from m0ei.(it appears the mac address isn't associated with fake AP)

note that sometimes it doesn't work from the first time, so be patient.

hope it helps!

Last edited by Roudykh (August 11 2012)

F0u4d

Member

Re: WEP and WPA pass cracking! Full Tutorial.

ok so i used the step 6 instead of your step 7 which is before the fragmentation attack or cc
when i first wrote the code as m0ei wrote it i got an error then they mentioned to add --ignore-negative-one and it worked...
but the problem still the same on the next step

so that's really weird :/
i added you on the email you provided at the forums here @outlook.com.. if u don't mind adding

Roudykh

Member

Re: WEP and WPA pass cracking! Full Tutorial.

you shouldn't ignore the negative one, negatives mean fake.
try to add the ESSID in the command (name of the network as it appears)
it's weird indeed! sometimes i get this problem but i retry it and everything goes good.
Yeah i renamed my hotmail to the new outlook, you should give it a try, metro UI (or should i say win8 UI)
nah i don't mind, feel free to ask any question.
reply.

F0u4d

Member

Re: WEP and WPA pass cracking! Full Tutorial.

i added you on your e-mail Roudy_Kh@outlook.com from my e-mail Fouad.Raheb@hotmail.com
ill be online if you have time later to accept me so i can stop annoying people here and annoy you in private lol

btw i first tried adding ESSID and it was same so in the next try i removed it

Thanks!

Roudykh

Member

Re: WEP and WPA pass cracking! Full Tutorial.

i'll add you.
but we need some help here guys!
it just works for me, i don't know why it didn't work with you.
some help please...

Adnan

Member

Re: WEP and WPA pass cracking! Full Tutorial.

case cancelled

Last edited by Adnan (September 20 2012)

F0u4d

Member

Re: WEP and WPA pass cracking! Full Tutorial.

Hey roudy!

I finally succeeded cracking my own TP-Link router on a WEP encrypted key "hello" using the following process:

1)Airmon-ng [Check available wireless cards]
2)Airmon-ng start wlan0 [Enable the card on monitor mode]
3)Airodump-ng mon0 [check the available wifi networks]
4)Airodump-ng -c (channel) -w (saving file name example "wep") --bssid (bssid of the target) mon0
5)New Terminal Airplay-ng -1 0 -a (bssid) mon0 [Association successfull]
6)Aireplay-ng -2 -p 0841 -c ff:ff:ff:ff:ff:ff: -b (bssid) mon0 [Reading packets... use this packet? write "y" and hit enter... sent packet] [capturing data should speed up]
7)New Terminal Aircrack-ng -n (key lenght 64/128/256.. can be skiped) -b (bssid) (saved file Ex: wep-01.cap)
Key Found!

i found some steps on a youtube video which i merged them with some commands i had and it worked

now i will be trying it on some other routers I hope it will works :)

Fischer

Member

Re: WEP and WPA pass cracking! Full Tutorial.

i can crack a wap and wep in 3min but for real world example you need to crack wpa2, who's stupid enough these days to use wap or wep?

Raficoo

Member

Re: WEP and WPA pass cracking! Full Tutorial.

who's stupid enough these days to use wap or wep?

well there are plenty of Ogero modems with default WEP passwords that can be cracked instantly(with programs/manually) but I don't blame the public since not everyone knows about the technicals of wireless encryption, now Ogero did set up a small tutorial on how to change the passkey of the modem but i wonder if they are still giving new customers default passworded WEP modems, because as we all know bandwidth is a sacred thing here and if someone feels like playing the leeching game someone else is gonna pay a hefty price

F0u4d

Member

Re: WEP and WPA pass cracking! Full Tutorial.

i can crack a wap and wep in 3min but for real world example you need to crack wpa2, who's stupid enough these days to use wap or wep?

There's plenty of people who still use WEP and they ain't stupid they just don't have much knowledge in wireless and networking stuff and their router was set up by their ISP or someone else.
So not everyone is as smart as you are :)

And learning new things is always cool, by learning this process of cracking WEP i learned lots of stuff about Linux Ubuntu and BackTrack 5

Kh4xToR

Member

Re: WEP and WPA pass cracking! Full Tutorial.

to the poster when you do airmon-ng start wlan0 ... you should mention that this enabled monitoring mode which is going to be interface mon0.

battikh

Member

Re: WEP and WPA pass cracking! Full Tutorial.

For WPA, specially in Lebanon, the most effective password list to use is by generating a file with all the possible phone number combinations.
Best way is to even have multiple files for each area (01, 04, 06, ... and all would have mobile ones as well) so that you reduce the size of the file to make the process even faster. So if you're cracking a WPA key in Beirut, use the "01" file (along with 03, 70, 71).
Also in each of the files you should have both local and international combinations (01222222, 9611222222, 009611222222).

These help to highly reduce the size of the dictionary and yet keep it effective (much more effective than most other dictionaries you can find).