TAZ Forum Community

joshuah · **Joined:** Fri Nov 07, 2008 2:45 pm **Posts:** 10

hello the problem iam seeming to have is, iam using OmniPeek & aircrack for windows.

I let Omnipeek run over night and it picks up over 90,000 packets, i save all packets to a dmp file and then load it up via command prompt of Aircrack.

It will say "loading iv's" or something and will load over 4000 lines like the following:

Code:

3688  30:05:8C:6F:08:D4  BigPond050A               Unknown
3689  A6:F7:31:A0:AB:E4                            WEP (1 IVs)
3690  00:1E:8C:6F:C0:F4  BigPond050A               Unknown
3691  18:6E:F9:7A:F5:3D                            WEP (1 IVs)
3692  00:BE:D6:6F:90:15  BigPond050A               Unknown
3693  80:98:19:A2:FB:08  kirû?*go"i                Unknown
3694  60:0A:8D:6F:90:D9  Bi Hond050A               Unknown
3695  00:18:39:A2:33:28  kirkinE-a'                Unknown
3696  B5:18:A9:E3:FB:08  k=ykinghuB                Unknown
3697  00:18:B9:C8:EE:27  k)Çka3gham                Unknown
3698  00:18:39:BB:5F:70  kÉ(kin?|am                Unknown
3699  03:18:39:A2:7B:62  {`rkingham                Unknown
3700  00:1E:8C:6F:3A:DC  Big6lnd050A               Unknown
3701  2E:3F:0D:A2:FB:08  ëADkp*1Dam                Unknown
3702  80:C7:8C:6F:90:FB  BigPon"650A               Unknown
3703  53:61:8C:6F:F0:EF  Biÿ]ond050A               Unknown
3704  96:C8:34:A2:FB:08  kirkingham                Unknown
3705  00:18:39:A2:AF:47  kirkingham                Unknown
3706  00:D0:4D:B0:FF:08  kirrmngham                Unknown
3707  00:1E:8C:EF:42:C7  BigPon??50A               Unknown
3708  00:1E:8C:6F:20:8A  BigPond050!               Unknown
3709  00:1E:8C:6F:90:21  BigPond050A               Unknown
3710  2F:C9:A7:04:8A:83  I-É÷é%1?#☼O??·Éª?J["Y?ü"Ñy@?îon  EAPOL+Unknown
3711  16:18:6D:A9:FB:08  kikoingham                Unknown
3712  00:1E:8C:6F:46:18  BigP?m??40A               Unknown
3713  42:18:B9:C8:FA:08  kir?àxghat                Unknown
3714  00:18:46:87:2F:82  kirkingham                Unknown
3715  B1:9B:39:A2:FB:08  kirkinghay                Unknown
3716  00:78:DB:E1:FB:08  kirkingham                Unknown
3717  34:10:40:3C:F1:41                            WEP (1 IVs)

The problem is, it then says

Index number of target network ?

i type, 1 and it starts (with the following

Code:

                                 Aircrack-ng 1.0 rc1


                 [00:00:00] Tested 0 keys (got 1 IVs)

   KB    depth   byte(vote)
    0    1/ 14   01(   0) 02(   0) 03(   0) 04(   0) 05(   0)
    1    0/  1   15( 256) 01(   0) 02(   0) 03(   0) 04(   0)
    2  255/  2   01(   0) CF(  36) 02(   0) 03(   0) 04(   0)
    3  255/  3   01(   0) 1C(  36) 02(   0) 03(   0) 04(   0)
    4  255/256   02(   0) 01(   0) 02(   0) 03(   0) 04(   0)

Failed. Next try with 5000 IVs.

but the problem is, there is only like... 3-4 access points near me? why is there like 4000 lines when i use aircrack ??? is there any way to group all the packets when it saves the file or something?

Thanks heaps!!

Imatator · **Posted:** Fri Nov 07, 2008 5:09 pm

Well, a few things.

One of the problems with using a GUI especially the one for windows is that it obstructs the basic functionality of using aircrack. This causes a problem first because you are failing to filter out the target network which the windows version does a HORRIBLE job at.

If you used the command line you could simply filter out the target network and the target channel and avoid the other garbage that you're getting.

Second, the windows version is no longer supported by the aircrack devs, this has been said over and over and over again, why people continue to try to use it is really beyond me when there are perfectly good and easy to use alternatives: Backtrack 3 being the easiest.

So either you're using a very outdated version of aircrack or incompatible drivers which is probably the cause of picking up all that garbage and non-existent networks, or someone could be flooding the area with fake beacon frames which can be done with a program like mdk5.

You last problem is that you have very little data, and this is the fundamental problem with using aircrack with the omnipeek drivers. THERE IS NO INJECTION CAPABILITY. So all you can do is passively listen and hope that traffic on the network happens, something you have absolutely no control over.

If you have a card that works with omnipeek then it will work with backtrack 3. if you're serious about cracking wep, use backtrack 3, or you will have endless problems with this version you're using. aircrack is optimized for linux, especially if you have little experience with aircrack, trying to get it working on windows will be an effort in futility.

That's my recommendation, you can either take 1/2 hour to download backtrack 3 as a live cd, and have a fully functional version of aircrack with injection or you can keep trying to use drivers and a platform that is just not friendly to cracking wep and run into frustration after frustration.

joshuah · **Joined:** Fri Nov 07, 2008 2:45 pm **Posts:** 10

Quote:

Second, the windows version is no longer supported by the aircrack devs, this has been said over and over and over again, why people continue to try to use it is really beyond me when there are perfectly good and easy to use alternatives: Backtrack 3 being the easiest.

Thanks for the reply, i have since used BT3 with a compatible device, the problem is that when i am collecting packets, the Beacons go up.. just not the #data value? any idea why ?

Imatator · **Posted:** Mon Nov 10, 2008 12:02 am

joshuah wrote:

Thanks for the reply, i have since used BT3 with a compatible device, the problem is that when i am collecting packets, the Beacons go up.. just not the #data value? any idea why ?

You can't ask a general question like that and expect an insightful response. When you have a problem, you need to post the exact commands you used and the output.

joshuah · **Joined:** Fri Nov 07, 2008 2:45 pm **Posts:** 10

Sorry about that,

I was using the following:

http://thew0rd.com/2008/08/19/tutorial- ... cktrack-3/

See in the image below, it says "#data" is going up? mine doesnot do that??

Imatator · **Posted:** Mon Nov 10, 2008 1:03 am

Is that the actual screen image of YOUR output???

If so what are you talking about? you are injecting at 446 packets/second and have 144981 DATA packets, more than enough to crack the key.

You only have 3363 beacon frames which is normal. Beacon frames are sent for the purpose of the AP identifying itself to the public airwaves.

You have more than enough data packets to crack the key.

If this IS NOT your output then again, you are failing to give anyone anything that can help you. You need to post the COMMANDS that you are using, including the injection, authentication and capture commands.

I just looked at that link and all you did was post a copy of their screen example. WTF??? You have to post YOUR COMMANDS!!!! YOUR COMMANDS!!!

How can anyone tell you where you're going wrong, if you are just posting a screen capture off a tutorial site. Apparently they are doing it correctly, you aren't SO YOU HAVE TO POST YOUR COMMANDS.

Come on, use some common sense.

thedealsquad · **Joined:** Tue Nov 11, 2008 2:23 am **Posts:** 24

Hello. I was attempting the same thing (using omnipeek and aircrack-ng for windows) and have not been having much success. So i decided to burn bt3, but the problem i'm having is at somepoint there was a password set on my BIOS (i've gone through all of the passwords i would use, which leads me to believe it was some kind of virus or manufacturer set password). So i can't set the boot order on my laptop, and thus have no way to load the bt3 live CD. Any ideas?

joshuah · **Joined:** Fri Nov 07, 2008 2:45 pm **Posts:** 10

thedealsquad wrote:

and thus have no way to load the bt3 live CD. Any ideas?

Try F12 when the notebook powers on initially...

thedealsquad · **Joined:** Tue Nov 11, 2008 2:23 am **Posts:** 24

do you mean before the BIOS loads? or what?

joshuah · **Joined:** Fri Nov 07, 2008 2:45 pm **Posts:** 10

thedealsquad wrote:

before

as soon as the notebook powers on just start tapping straight away until you see a 'boot menu' then stop tapping... select the CD ROM for that list

thedealsquad · **Joined:** Tue Nov 11, 2008 2:23 am **Posts:** 24

thank you.. i'll give it a shot in the morning and let you know what happens.. if this is the solution, it would really be amazing. The last time i needed to reformat, i actually wound up having to only delete my files and reinstall windows from an image on one of my partitions. So, yea, needless to say this has been messing things up for me for a while! thanks again!

Imatator · **Posted:** Tue Nov 11, 2008 12:48 pm

thedealsquad wrote:

Hello. I was attempting the same thing (using omnipeek and aircrack-ng for windows) and have not been having much success. So i decided to burn bt3, but the problem i'm having is at somepoint there was a password set on my BIOS (i've gone through all of the passwords i would use, which leads me to believe it was some kind of virus or manufacturer set password). So i can't set the boot order on my laptop, and thus have no way to load the bt3 live CD. Any ideas?

Did you check if there is a way to flash the bios or update the bios? Check the manufacturers site. Because god forbid your HDD completely dies, how would you reinstall an OS?

thedealsquad · **Joined:** Tue Nov 11, 2008 2:23 am **Posts:** 24

hi.. tried it this morning.. it did absolutely nothing, unfortunately. is there some way to specify an f12 boot menu? I spent some more time trying to figure out what password i might have used, and i am 100% sure that it's not one of mine, so either acer doesn't want me in the BIOS or there was a virus at some point that somehow wiggled its way in there. Any other ideas?

thedealsquad · **Joined:** Tue Nov 11, 2008 2:23 am **Posts:** 24

Imatator wrote:

Did you check if there is a way to flash the bios or update the bios? Check the manufacturers site. Because god forbid your HDD completely dies, how would you reinstall an OS?

sorry.. i hadn't seen that response. no, i haven't tried flashing or resetting the bios, for the same reason you mentioned. i'm affraid if anything goes wrong, i'll be screwed (and i've had routine flashes/upgrade screw up entire systems before). i really wish there was just another way around the boot issue.. maybe some kind of boot menu i can create??

keezel · **Posted:** Thu Nov 13, 2008 2:29 am

Quote:

Hello. I was attempting the same thing (using omnipeek and aircrack-ng for windows) and have not been having much success. So i decided to burn bt3, but the problem i'm having is at somepoint there was a password set on my BIOS (i've gone through all of the passwords i would use, which leads me to believe it was some kind of virus or manufacturer set password). So i can't set the boot order on my laptop, and thus have no way to load the bt3 live CD. Any ideas?

Look up and print out a tutorial on clearing the BIOS. You have to remove the battery, find and remove the CMOS battery (very small circular quarter sized battery on the motherboard), and press the power button to sap the remaining power in the board, then wait about 30 seconds. Acer laptops are a bitch b/c they're good at hiding the CMOS battery under a piece of plastic somewhere, but there may be a detailed guide on how to do this for your particular model. If you clear the BIOS it will remove the password, but it's quite possible it'll have some adverse effects too if it's an older board and you've had to update the BIOS in the past. It's effectively like hitting the reset button on an electronic device....but it's your laptop.

Quote:

i really wish there was just another way around the boot issue.. maybe some kind of boot menu i can create??

Afraid not. The only way to boot into something else prior to loading Windows is to select the device you are booting to from within the BIOS.

Quote:

as soon as the notebook powers on just start tapping [F12] straight away until you see a 'boot menu' then stop tapping... select the CD ROM for that list

You're referring to a menu within the BIOS that's password protected in this case. As far as I understand his issue, he has a password that guards against accessing or changing the BIOS (but not necessarily one that you are required to enter just to boot the PC). There are various different types of BIOS passwords.

Also, F2 and Delete are as common if not more common keys used for accessing the BIOS when the computer first powers on. It depends on the manufacturer. Really annoying manufacturers change it up depending on the model number to prevent people from getting in....some use End or Escape or something else entirely.

Home

FAQ

Search

TAZ Forum Community

Login

Register

Options

windows omnipeek and aircrack

Topic Options

Who is online


	TAZ Forum Community For all your Computer and Security Needs