KisMAC unable to gather enough unique IVs

[ashaffer]

Now I doubt you guys will belive me on this, but I'm trying to crack one of my own networks which has WEP security (don't feel like resetting then reconfiguring, so I wanna learn how to crack WEP). I use a macbook (non-pro) with a DWL-122 that has been unable to gather enough unique IVs; I tried for around 2 hours last night to gather the IVs and I could never get past about 100 even with authentication floods and packet reinjections. Is there any advice that you guys could give to me, possibly bring up something that I may be doing wrong?

Thanks!

[ax0n]

You'll need a lot longer than 2 hours. It can take weeks depending on how much traffic you can blast across the wireless. KisMAC is pretty crappy when it comes to high-performance WEP cracking. It's a great stumbling tool but that's about the only thing it's truly great at.

[argh]

it could take weeks, if the AP isn't doing much. i'm not sure about Macs, but if you can run aireplay, sometimes you can capture/regenerate enough weak IV packets in 30 minutes or less.

[Dutch]

it could take weeks, if the AP isn't doing much. i'm not sure about Macs, but if you can run aireplay, sometimes you can capture/regenerate enough weak IV packets in 30 minutes or less.

Just to clarify:
The KoreK attacks employed in aircrack doesn't depend on weak IV's like airsnort does. It depends on a statistically significant amount of IV's collected, not whether the're the ones designated as "weak".

Dutch

[themacuser]

The DWL-122 is also a 802.11b device which won't find any G packets. Unfortunately, the MacBook's internal wifi is a new kind of chip, and we can't seem to make it see anything but beacon frames as of yet

So, you'll need B clients on the network, making B traffic. Oh, and KisMac does have packet reinjection BTW.

[ax0n]

KisMac's reinjection, deauth, and other attacks are pretty tame (read, weak) when stacked against Aireplay, bsd-airtools' Reinj tool, and some of the other cracking tools out there.

[themacuser]

KisMac's reinjection, deauth, and other attacks are pretty tame (read, weak) when stacked against Aireplay, bsd-airtools' Reinj tool, and some of the other cracking tools out there.

The deauthentication is exactly the same - you can't inject a "better" deauthenticate packet...

OK, the reinjection is pretty primitive. But we're working on it. Aireplay does beat KisMac in the reinjection, and we're working on incorporating some of it's attacks. However, they both work, and seem to work as well as each other when they do get going.

As for actually cracking the network, it uses aircrack, which is still the best out there.

When we get a G card injecting (Ralink USB's being worked on, and so is Atheros), then we can expect a lot nicer.

[ax0n]

looking forward to it. KisMAC's one of my favorite tools for actually stumbling. Also, keep in mind that my mac's a G3 Powerbook Wallstreet and it can't run anything higher than 10.2.8. Now that I think about it, that might limit what version of KisMAC I've been using.

I've had a lot better luck with BSD-Airtools (on an Intel-powered laptop of about the same horsepower as my Wallstreet) for actually performing cracking. One thing you might consider doing is allowing the user the option to "auto start" the various attacks requiring massive amounts of data. If they decide to start cracking and it needs more packets, ask if they want it to automatically start when it can. Then, just check every n weak IV's and kick it off automatically.

I sold my atheros card to my barista but she needed it badly. I'm REALLY looking forward to any progress you make on the Ralink USB adapters. I have a D-Link DWL-G122 that doesn't see a lot of use.

[themacuser]

I sold my atheros card to my barista but she needed it badly. I'm REALLY looking forward to any progress you make on the Ralink USB adapters. I have a D-Link DWL-G122 that doesn't see a lot of use.

It's not me that's working on the Ralink cards. Geoff is, and he's doing a great job. It basically can scan... only just, but it works.