Dr. Z2A

problems cracking WEP

12 posts in this topic

Ok so I was playing around with wep cracking today and I can't seem to get it to work. I opened up ethereal and clicked to start a new live capture and said to save it to a file called "wire" and I got 458 packets. Then I started a program called wepdecrypt with "wepdecrypt -f wire" and it gave me the error:

ERROR: No encrypted 802.11 DATA frames captured!
Try again with other dump file!

0 networks loaded...

Can anyone tell me what I'm doing wrong or what additional information to give if I have not supplied enough?

edit: ok i just tried aircrack. it gave me:

Opening pcap file wire

Reading packets: total = 458, usable = 0

Not enough IVs. exiting.

What are IVs and how would I get them in the sniff?

Edited by Dr. Z2A
0

Share this post


Link to post
Share on other sites

IVs are Initialization Vectors and they are what hold the KEY in your data packets in WEP. You're going to need to collect more than 458 packets using aircrack or similar (NOT Ethereal or a general sniffer), probably closer to 500,000+ depending on the IVs and amount of data flowing over the air.

0

Share this post


Link to post
Share on other sites

Trying to crack my wireless key, I noticed that unless there was another computer I had running, that was transmitting data to/from the access point (router actually), I couldn't pick up any packets that were useable.

Running ethereal and airsnort together, I realized that without actual traffic, the only packets I was picking up was the SSID broadcast from my wireless router. These are obviously not encrypted.

If you have another machine with a wireless card, get it moving data as much as possible (I tried an internet radio stream) while you sniff. I started picking up a ton of usable (or "interesting") packets under those circumstances. It will take a very long time to gather enough to crack though. As tehbizz said, 500,000 or more for sure.

0

Share this post


Link to post
Share on other sites

Ethereal is not a good app to try and capture packets for wep cracking. I would suggest that you use another program like airsnort or tcpdump (windump if using windows) to actually capture tha packets then analyze them with aircrack to get the key. You have to make sure there are actually good packets flying through the air so just having a router up and running with wep isn't going to cut it, you actually have to have some communications going back and forth from different machines. And you definatley have to have more the 350 packets to get the key so shoot more for like 50,000 or more. It is easy to get that many packets if there are at least 2 other machines connected to the ap.

0

Share this post


Link to post
Share on other sites

Also remember to use Aireplay to generate a ton of IV's. This will speed up the process.

0

Share this post


Link to post
Share on other sites

yeah i dont think ethereal is very good for cracking wep, you need airodump or kismet to collect the packets

0

Share this post


Link to post
Share on other sites

Ok I'm pretty confused now. It seems that I need to have Kismet running to be able to capture packets with Ethereal. I have tried using airsnort, but that couldn't pick up anything. When I ran Kismet and airsnort at the same time Kismet gave me an error like "Lost connection to 127.0.0.1" and then my wireless card stopped working until I rebooted. I am using a Pentoo live cd btw. Can anyone help me out here?

0

Share this post


Link to post
Share on other sites

I was not suggesting using etheral to capture packets for cracking... rather, it was the only tool I knew at the time to pick out packets from the air, and give me a clue as to what kinds of packets they were (SSID broadcasts or otherwise). It was something airsnort didn't do in a very apparent way. But I agree, its usefulness does not extend itself to packet logging for WEP cracking.

Have you set your wireless card to monitor mode? Just curious.

0

Share this post


Link to post
Share on other sites

use wepcrack. It is the best and most reliable.

I was not suggesting using etheral to capture packets for cracking... rather, it was the only tool I knew at the time to pick out packets from the air, and give me a clue as to what kinds of packets they were (SSID broadcasts or otherwise).  It was something airsnort didn't do in a very apparent way.  But I agree, its usefulness does not extend itself to packet logging for WEP cracking.

Have you set your wireless card to monitor mode?  Just curious.

0

Share this post


Link to post
Share on other sites

yah I got it now. Jimi, yeah it was in promiscuous mode. Actually I didn't need anywhere near 500,000 packets. I got 70,000 with ethereal (67 IVs) and I was able to crack it with aircrack, it just took a fuckload of time.

0

Share this post


Link to post
Share on other sites
yah I got it now.  Jimi, yeah it was in promiscuous mode.  Actually I didn't need anywhere near 500,000 packets.  I got 70,000 with ethereal (67 IVs) and I was able to crack it with aircrack, it just took a fuckload of time.

With more IV's it would have taken less time.. The time it takes to get 500.00 packets is less than the time it takes to crack a wep-key with less than 100 IV's. Especially if you use Aireplay :)

0

Share this post


Link to post
Share on other sites
yah I got it now.  Jimi, yeah it was in promiscuous mode.  Actually I didn't need anywhere near 500,000 packets.  I got 70,000 with ethereal (67 IVs) and I was able to crack it with aircrack, it just took a fuckload of time.

Excellent. And yes, a fuckload of time indeed.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now