Active Topics

 



Notices
Page 21 of 90 « First 111920 21 222331 Last »
Reply
Thread Tools
pusak gaoq's Avatar
pusak gaoq is offline pusak gaoq
2011-09-17 , 19:54
Posts: 723 | Thanked: 519 times | Joined on Nov 2010 @ Kuching:Malaysia
#201
Do we really need deauthentication in cleven???
i really don't think we needed it (on my behalf ) cause i have Cleven, fAircrack & Wepon on my device....fAircrack does have the deauthentication but it doesn't work all the time...beside deauthentication only works if there a clients connected with the AP....

for me the most important is authentication....Wepon got the best authentication...Cleven is seconds & fAircrack third....i think we should focus on authentication (in Cleven) cause we need to authenticate if there no clients connected to any AP...if there is a clients then all we have to do is waits until the data is around 35k-50k before we try to decrypt it....
__________________
My Phone Evolution : Nokia 3650-Nokia 6600-Nokia 6630-Motorola Rizr-Sony P1i-Nokia E63-Nokia X3-Samsung E980-Iphone 2G-Sony W595-Nokia E71-Nokia 5800-Nokia N900-HTC Hero-Xperia Mini Pro
 
Estel's Avatar
Estel is offline Estel
2011-09-17 , 21:34
Posts: 5,028 | Thanked: 8,613 times | Joined on Mar 2011
#202
Originally Posted by pusak gaoq View Post
Do we really need deauthentication in cleven???
i really don't think we needed it (on my behalf ) cause i have Cleven, fAircrack & Wepon on my device....fAircrack does have the deauthentication but it doesn't work all the time...beside deauthentication only works if there a clients connected with the AP....

for me the most important is authentication....Wepon got the best authentication...Cleven is seconds & fAircrack third....i think we should focus on authentication (in Cleven) cause we need to authenticate if there no clients connected to any AP...if there is a clients then all we have to do is waits until the data is around 35k-50k before we try to decrypt it....

Yea, because using 3 tools to achieve one thing is optimal to be honest, in You place, I would use sole terminal.

Anyway, what the heck You mean by "better" authentication? There is no such thing. Fake auth won't "magically" create ARP for injection. It can create ACK only. If there is no client connected, You've to wait anyway - for someone to connect, most likely, or - for IVs generated @ ratio ~3 IVs/minute

Originally Posted by Saturn
have asked this also in the past - why you mention two types of deauthentication?

AFAIK, there is only one. One needs to deauthenticate a client from the AP and for that the mac of a connected client is needed.
Excuse me, if You've asked it in the past - I must have missed it. AFAIK there are 2 variants of deauth command - one targeted at client (need client MAC, and - as i always thought - AP MAC, but, if You're sure client MAC is all what it needs, I may be wrong), and another, targeted at AP MAC, which theoretically should deauth every client connected. The latter is described (in aircrack docs) as "less effective". I suspect, that it's about method to forge non-legit deauth packet - probably, some clients respond to "generic" ones, if it just "seems" to come from AP, other are "smarter" and need 100% standarised packet with their MAC "mentioned".

The "overall" deauthentication is currently supported in StefanL's fAircrack 0.45, and it works (when it have chance to work, i.e. correct signal quality, and vulnerable clients connected).

As for parsing data from airodumb-ng, unfortunatelly, I've no idea, and that's one of moments, when I regret, that I'm not skillful coder

I hope this deauth explanation helps.

/Estel
__________________
N900's aluminum backcover / body replacement
-
N900's HDMI-Out
-
Camera cover MOD
-
Measure battery's real capacity on-device
-
TrueCrypt 7.1 | ereswap | bnf
-
Hardware's mods research is costly. To support my work, please consider donating. Thank You!
Last edited by Estel; 2011-09-17 at 21:38.
 

The Following User Says Thank You to Estel For This Useful Post:
Estel's Avatar
Estel is offline Estel
2011-09-18 , 04:44
Posts: 5,028 | Thanked: 8,613 times | Joined on Mar 2011
#203
Sorry for double-posting, but I *might* have found a bug.

When I try decrypting with "all common" enabled, aircrack-ng window just "flashes", like when trying to decrypt from .cap file without any IVs. I'm sure all of my files contain IV's, and I can try to decrypt them individually - everything work fine. Ho ever, trying to decrypt all common - no matter which (number) file i select, result in a no-go. So, ping Saturn
__________________
N900's aluminum backcover / body replacement
-
N900's HDMI-Out
-
Camera cover MOD
-
Measure battery's real capacity on-device
-
TrueCrypt 7.1 | ereswap | bnf
-
Hardware's mods research is costly. To support my work, please consider donating. Thank You!
 
Saturn's Avatar
Saturn is offline Saturn
2011-09-18 , 08:57
Posts: 1,648 | Thanked: 2,122 times | Joined on Mar 2007 @ UNKLE's Never Never Land
#204
Originally Posted by Estel View Post
Sorry for double-posting, but I *might* have found a bug.

When I try decrypting with "all common" enabled, aircrack-ng window just "flashes", like when trying to decrypt from .cap file without any IVs. I'm sure all of my files contain IV's, and I can try to decrypt them individually - everything work fine. Ho ever, trying to decrypt all common - no matter which (number) file i select, result in a no-go. So, ping Saturn
Cannot confirm it.

One thing that might not be clear is that the "common" cannot check ".cap" and ".ivs" files together (that's a limitation of aircrack).

Therefore, if you have 20 .cap files and 1 .ivs file from an AP and you select the ivs file + common, you basically select the ivs only.

Could this be the "bug" you see?
__________________
Packages: elGR Locale, SMSCON Editor, Swappolube, CSSU Features Configuration, Snuggle, YAMAS, Cleven
 Garage: SMSCON, Swappolube, CSSU Features Configuration, Snuggle
Wiki: SMSCON, SMSCON Editor, Swappolube, CSSU Features Configuration, Cleven
 
Saturn's Avatar
Saturn is offline Saturn
2011-09-18 , 09:03
Posts: 1,648 | Thanked: 2,122 times | Joined on Mar 2007 @ UNKLE's Never Never Land
#205
Originally Posted by pusak gaoq View Post
...
for me the most important is authentication....Wepon got the best authentication...Cleven is seconds & fAircrack third....
All are equal for the simple reason that the authentication is done by aircrack.

The presentation (i.e. UI) can be different but the action is the same and it is done by aircrack..
__________________
Packages: elGR Locale, SMSCON Editor, Swappolube, CSSU Features Configuration, Snuggle, YAMAS, Cleven
 Garage: SMSCON, Swappolube, CSSU Features Configuration, Snuggle
Wiki: SMSCON, SMSCON Editor, Swappolube, CSSU Features Configuration, Cleven
 
szopin is offline szopin
2011-09-18 , 10:15
Posts: 2,076 | Thanked: 3,268 times | Joined on Feb 2011
#206
Originally Posted by Estel View Post
Fake auth won't "magically" create ARP for injection. It can create ACK only. If there is no client connected, You've to wait anyway - for someone to connect, most likely, or - for IVs generated @ ratio ~3 IVs/minute
Not necessarily. -p0481 attack option in wifite does work on some (most?) APs and can get 150-200 ivs/sec with no clients around. It does seem to return bogus data on some APs (newer soft version maybe, no idea really) and then you might need 150k instead, but in the end works very well with no clients connected.
 
Saturn's Avatar
Saturn is offline Saturn
2011-09-18 , 10:57
Posts: 1,648 | Thanked: 2,122 times | Joined on Mar 2007 @ UNKLE's Never Never Land
#207
All right.. I thought broadcast deauthentication is not useful but it seems that some would appreciate.
My goal is still to add in the future client association but till then and for testing, I'm adding the broadcast type in the next version (1.12-1) which will be upload in a few minutes.

for reference: http://www.aircrack-ng.org/doku.php?id=deauthentication
There can be several reasons and one or more can affect you:

* You are physically too far away from the client(s). You need enough transmit power for the packets to reach and be heard by the clients. If you do a full packet capture, each packet sent to the client should result in an “ack” packet back. This means the client heard the packet. If there is no “ack” then likely it did not receive the packet.
* Wireless cards work in particular modes such b, g, n and so on. If your card is in a different mode then the client card there is good chance that the client will not be able to correctly receive your transmission. See the previous item for confirming the client received the packet.
* Some clients ignore broadcast deauthentications. If this is the case, you will need to send a deauthentication directed at the particular client.
* Clients may reconnect too fast for you to see that they had been disconnected. If you do a full packet capture, you will be able to look for the reassociation packets in the capture to confirm deauthentication worked.
__________________
Packages: elGR Locale, SMSCON Editor, Swappolube, CSSU Features Configuration, Snuggle, YAMAS, Cleven
 Garage: SMSCON, Swappolube, CSSU Features Configuration, Snuggle
Wiki: SMSCON, SMSCON Editor, Swappolube, CSSU Features Configuration, Cleven
 

The Following User Says Thank You to Saturn For This Useful Post:
Saturn's Avatar
Saturn is offline Saturn
2011-09-18 , 11:04
Posts: 1,648 | Thanked: 2,122 times | Joined on Mar 2007 @ UNKLE's Never Never Land
#208
Originally Posted by szopin View Post
Not necessarily. -p0481 attack option in wifite does work on some (most?) APs and can get 150-200 ivs/sec with no clients around. It does seem to return bogus data on some APs (newer soft version maybe, no idea really) and then you might need 150k instead, but in the end works very well with no clients connected.
Hi, I tried to search what is the option you mention but I find only your posts about it in a couple of threads

Do you have a link with some info on what this option does?
BTW, I haven't used wifite..
__________________
Packages: elGR Locale, SMSCON Editor, Swappolube, CSSU Features Configuration, Snuggle, YAMAS, Cleven
 Garage: SMSCON, Swappolube, CSSU Features Configuration, Snuggle
Wiki: SMSCON, SMSCON Editor, Swappolube, CSSU Features Configuration, Cleven
 

The Following User Says Thank You to Saturn For This Useful Post:
szopin is offline szopin
2011-09-18 , 11:24
Posts: 2,076 | Thanked: 3,268 times | Joined on Feb 2011
#209
Just download wifite.py (http://code.google.com/p/wifite/) and run it. It has 4 attack options, 4th one being the clientless. I also could not find too much about it, and sadly have no python skills to look through the code.
EDIT: it's -p 0841, my mistake
Last edited by szopin; 2011-09-18 at 11:26.
 

The Following 3 Users Say Thank You to szopin For This Useful Post:
Saturn's Avatar
Saturn is offline Saturn
2011-09-18 , 11:39
Posts: 1,648 | Thanked: 2,122 times | Joined on Mar 2007 @ UNKLE's Never Never Land
#210
Originally Posted by szopin View Post
Just download wifite.py (http://code.google.com/p/wifite/) and run it. It has 4 attack options, 4th one being the clientless. I also could not find too much about it, and sadly have no python skills to look through the code.
EDIT: it's -p 0841, my mistake
all right, I got it now..

here is a good description of it:
http://aircrack-ng.org/doku.php?id=h...rnate_solution
__________________
Packages: elGR Locale, SMSCON Editor, Swappolube, CSSU Features Configuration, Snuggle, YAMAS, Cleven
 Garage: SMSCON, Swappolube, CSSU Features Configuration, Snuggle
Wiki: SMSCON, SMSCON Editor, Swappolube, CSSU Features Configuration, Cleven
 

The Following 2 Users Say Thank You to Saturn For This Useful Post:
Reply
Page 21 of 90 « First 111920 21 222331 Last »

Tags
aircrack, cleven, reaver

« Previous Thread | Next Thread »

 
Forum Jump


All times are GMT. The time now is 09:59.

Contact Us - Home - Archive - Top