Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

Hello,

I am trying to live decrypt my WPA2 wifi but can't archive my goal (since 3 months  )

What I do :

Terminal 1 :

Code: [Select]

sudo airmon-ng
sudo airmon-ng check
sudo airmon-ng check kill
sudo airmon-ng start wlp3s0 11
sudo airodump-ng wlp3s0mon --essid 'MySSID' -c 11

Terminal 2 :

Code: [Select]

sudo airtun-ng -a 'A4:XX:XX:XX:XX:D6' -p 'MyPSKey' -e 'MySSID' wlp3s0mon
gives :

created tap interface at0
WPA encryption specified. Sending and receiving frames through wlp3s0mon.
FromDS bit set in all frames.

Terminal 3 :

Code: [Select]

sudo ifconfig at0 up
sudo tcpdump -v -i at0
Now I on/off my iPhone connected to the wifi

Terminal 2 (airtun-ng command) shows correctly the WPA handshakes

WPA handshake: C4:XX:XX:XX:XX:BC

Terminal 3 (tcpdump command) only shows some unknown packets and some IP6 packets.

09:15:34.666669 c4:xx:xx:xx:xx:bc (oui Unknown) > a4:xx:xx:xx:xx:d6 (oui Unknown), ethertype Unknown (0x0a00), length 105:
        0x0000:  1000 0000 0000 0000 0100 0000 0000 0000  ................
        0x0010:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x0020:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x0030:  0000 0000 0000 0000 0000 0000 0000 0000  ................
        0x0040:  0000 0000 0000 0000 0025 92cc 4e66 3e91  .........%..Nf>.
        0x0050:  8c0e 3ca9 3f41 6315 5d00 00              ..<.?Ac.]..
09:15:38.956948 IP6 (flowlabel 0xeeba0, hlim 255, next-header UDP (17) payload length: 53) MyPCIamUsingNow.mdns > ff02::xx.mdns: [udp sum ok] 0 [2q] PTR (QM)? _ipps._tcp.local. PTR (QM)? _ipp._tcp.local. (45)
09:17:35.260760 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 16) MyPCIamUsingNow > ip6-allrouters: [icmp6 sum ok] ICMP6, router solicitation, length 16
          source link-address option (1), length 8 (1): ca:xx:xx:xx:xx:ac

I am trying to access some new websites on my iphone in order to capture DNS requests ... but nothing shows up
No traffic releated to the iPhone

Any idea ? 
Thanks !

1. Just a driver not implementing a feature, but not necessarily a problem. rtl8187 does this, but monitor mode works.
2. As with all unusual hardware-related issues, always check dmesg to see if there is some messages related to the driver.

What driver does this card use? This is displayed with airmon-ng.

Hello guys,

I´m a newbie to aircrack and I bought the following wireless usb adapter TP-LINK TL-WN823N.

It has been found by kali and I also can start the monitor mode. I have 2 special questions:

1. after starting monitor mode the information in 'iwconfig' changes also to 'monitor mode' and I get a notification message that the monitor mode is enabled now BUT the name of my wlan0 doesn´t change to wlan0@mon. Does this point to a problem?

2.When I´m searching for networks with command "airodump-ng" I can´t find anyone. Can this relate to a wrong chipset of the stick? Because monitor mode seems working fine.

P.S. I also killed all processes and changed the NetworkManager.conf regarding to some recommendations in the internet. But nothing worked...

Please help! I´m not sure to buy a different stick.

Likely a wireless card (hardware) limitation. FYI, you responded to a 3+ year old thread.

I had the same issue, only capturing 2 of 4 out of the packets. I was able to capture all 4 when I used my kindle with the WiFi. My guess is that it has limitations based on what devices are connected.

Yes, iw dev shows that it actuallly enters monitor mode. But airmon-ng stop does not return to managed. Also, with the latest build from github, I replaced the airmon-ng script with the one from 1.6 and all works fine.

So, it's not related to the Kali version, but only the airmon-ng version. Something changed between 1.6 and now.

One thing to note, the adapter is correctly in monitor mode, and capture works just fine, regardless of the name of the interface.

Bug report: https://github.com/aircrack-ng/aircrack-ng/issues/2245

You first have to isolate the handshake, then parse the different items, as they are spread over several frames. You'll have to look into aircrack-ng source code.

Umm anyone know how to fix this method??
using popen_noshell_

use wpa_passphrase program like so... but with fork threads...
"wpa_passphrase essid passphrase"

Code: [Select]

popen_noshell_set_fork_mode(POPEN_NOSHELL_MODE_POSIX_SPAWN);

char *exec_file = (char *) "wpa_passphrase";
char *arg1 = g_essid;
char *arg2 = g_key;
char *arg3 = (char *) NULL; /* last element */
char *argv[] = {exec_file, arg1, arg2, arg3};
/* NOTE! The first argv[] must be the executed *exec_file itself */

  fp = popen_noshell(argv[0], (const char * const *)argv, "r", &pclose_arg, 0);

parse remove the output

Code: [Select]

strcpy(pmk, replace_str(g_pmk, " psk=","")); //Parse

call calc mic

Code: [Select]

calc_mic( g_keyver, stmac, bssid, anonce, snonce, eapol, pmk, ptk, mic ); //HELP < NOT RETURNING PROPER MIC WITH POPEN METHOD

how do i read the data from .cap file for keyver, stmac, bssid, anonce, snonce, eapol, ... ?
any help would be greatly appreciated!!! please help fix calc_mic()

If other cards are working, then there is more chance it is a bug in the driver. Is there anything in dmesg?

You mention you don't have network manager running. Did you kill them?

You likely want to try different revisions of aircrack-ng between 1.6 and that revision (I'm assuming it is this specific revision - 91820bc). You likely want to check the ones that changed airmon-ng, starting from b98ceff on March 20th, which is the first change after 1.6.