Aircrack-ng

Please login or register.

Login with username, password and session length
Advanced search  
Pages: [1] 2 3 ... 10
 1 
 on: September 17, 2018, 07:01:40 AM 
Started by greenDay - Last post by Naivdose
Basically half your special characters wouldn't be ascii convertible.

 2 
 on: September 13, 2018, 05:24:18 PM 
Started by greenDay - Last post by misterx
Simply because some values don't match a printable character.

Here is an ASCII table: https://www.ascii-code.com/

 3 
 on: September 13, 2018, 01:42:54 PM 
Started by greenDay - Last post by greenDay
Okay.

Is it possible to know the reason out of curiosity? :)

And if it's not convertible, is it possible to use the key in hex?

 4 
 on: September 13, 2018, 01:29:23 PM 
Started by greenDay - Last post by misterx
Not all keys can be converted to ascii

 5 
 on: September 13, 2018, 07:44:03 AM 
Started by greenDay - Last post by greenDay
Hello,

I tested the airckrack-ng for finding a key. All is good but I have a probleme with this hex : C5:8C:A3:6A:68:FA:61:35:A2:19:B2:57:B2

If I convert this hex from dolcevie.com/js/converter.html I have this ???jh?a5???W?? and Ō£jhúa5¢²W² from rapidtables.com/convert/number/hex-to-ascii.html

And from my terminal with echo C5:8C:A3:6A:68:FA:61:35:A2:19:B2:57:B2 | xxd -r -p I have Ō�jh�a5��W�%

Could anyone help me? becose I dont understand why I don't have the possibility to convert correctly the key.

thx

 6 
 on: September 11, 2018, 04:36:40 PM 
Started by freeroute - Last post by tan112
Thank you for your reply, I'm sure someone will find it very useful. Just few remarks from my side, only for information.
Quote
"hacking tools" are used daily by penetration testers
That is not the only purpose of my job.
Braking things and getting paid for it, unfortunately is not my every day duty... mostly, I get paid to fix, and/or find the causes, of malfunctioning systems, using hacking tools is forbidden.
Quote
Regarding the Windows VM
That was just as mere example, only to describe the impossibility to use "hack" software/tools at (most of) Customer premises.
Quote
Taps can be fairly cheap
As Im' sure you have seen many times during your pentesting experience, network issues doesn't always come from the "ethernet", so a ethernet tap is most of times insufficient (besides, by most of SLAs, is forbidden to use taps in production).
Anyway, it would take ages if we would start telling about all absurdities and aberrations we have seen coming out of wireless devices.
Some of them caused by hardware issues, some by bugged firmware, some by bad quality software programmed, probably, under the effect of alcohol or other illegal drugs, and so on...
So a little piece of advice, relying solely on network taps, wont help debugging issues, as if it may come also from the wireless device...
My point is, we are clearly dealing with human errors here... hoping that stuffs will work, even after a super-secure WPA3 "certification", is just naive.
We need a fallback mechanism, to be able to revive from the hungover of that last programmer...  ;)

Anyway, I don't see this discussion is attracting much of a contributions...
Maybe that's not really an interesting topic...

 7 
 on: September 11, 2018, 03:44:00 PM 
Started by freeroute - Last post by misterx
Actually, "hacking tools" are used daily by penetration testers to check the security of networks (wired and wireless).

Regarding the Windows VM, you can provide anybody with an unactivated Windows VM AFAIK.

Taps can be fairly cheap, something like $100 and even cheaper (less than $20, search for throwing star LAN tap). Yes, you can use them in a production environment, they won't disturb anything. They've been used for IDS. Check out the options on Amazon "Network tap". The first few results are from Dualcomm. But yes, depending on the tap you want, it can get very expensive. But those are most often used for IDS purposes or large scale network capture.

 8 
 on: September 11, 2018, 01:35:52 PM 
Started by freeroute - Last post by tan112
Now that's a professional answer.
Thank you for the respect shown to another field professional, really appreciated.

I know my personal opinion as sole is valid nothing, but sharing it in public, I hope some other professionals might support it, if valid.
Quote
I'll refer to the workings of WEP compared to WPA
I do fully agree on that. But look at the difference between WPA3 and both WEP/WPA/WPA2 protocols.
Those protocols always integrated, now and before, a official way to decode traffic external (for whatever reasons, fallback emergencies, convenience, law enforcement investigations, and so on).
Provided of course the authorization to do so, and the most important ingredient, a strong password.
So as you say, and I fully agree
Quote
WPA2 is still very secure
It has indeed undergone few security improvements in the last years, as well as WPS, becoming now a very stable protocol in the newest hardware (and I repeat: newest hardware)

Now, look at the WPA3: it does NOT integrate any (known) way to decode external traffic, that possibility has been wiped out from the protocol foundations, that is official.
Even provided authorization, passwords, the owner looking in front of your computer, whatever, you can't decode the traffic.
Quote
My point is, there will be tools, but it might take a little while
That is true, maybe, but what "tools" are we talking about?
WPA3 officially removed the possibility to decode traffic, so the only "tools" which might come over in time will be temporary workaround bugs exploit from QA testers or worst, hackers.
As we all know very well, no respectable Customer, SME or Corporate, will never authorize the use of "hacking" tools in its environment, be it testing, stage, production or else.
(...you can see it even now, try to ask even your closer colleagues to provide a innocent VM with a cracked version of Window$... every cracked versions works just good as the original ones, yes no doubt... but just thinking of it you risk to lose your job...)

Unfortunately, that excessive "security" is going even further into obfuscating also the 80211 Open protocol.
Quote
You can also put a tap right after the AP, where you get the Ethernet packets, which are decrypted.
That you can do now indeed, and it's infact the preferred way to deal with issues in testing environments, but not in production.
Anyway, not all customers are rich Corporations willing to spend thousands of $ in such gadgets...
But as we see, with that new OWE, it will get a lot difficult even to debug a open wireless issue, bringing only frustration and loss of money, to everybody.

To conclude, my point is, security is important, but excessive "security" is destructive, and that was my evidence.
WPA3 protocol needs a fallback mechanism, OFFICIAL, in order to provide professionals (and law enforcement) a way to decode traffic in emergency situations (authorized by owners or Courts)

Thank you



 9 
 on: September 10, 2018, 01:20:19 PM 
Started by Centerburry - Last post by misterx
Aireplay-ng checks for a beacon matching the BSSID. If it doesn't find one, it will display an error.

It usually indicates that the BSSID is incorrect but in some cases, the driver didn't pass a beacon. If you are sure it exists, you can use -D to override it. It's documented in the man pages.

 10 
 on: September 10, 2018, 11:50:46 AM 
Started by Centerburry - Last post by Centerburry
Good evening,

I'm a newbie. When sending the command
Code: [Select]
aireplay-ng -0 1 -a (BSSID) -c (Station while BSSID and Station are shown at airodump-ng there happens nothing than the message that there is no such BSSID.
Could it be, that the MAC-Address that I tried to reach is faked?
If not, what could be the problem here?

TIA
Centerburry

Pages: [1] 2 3 ... 10