Hello, I just bought alfa adapter, as I experienced issues with my realtek. And It still changes interface's name to mon0 which os on fixed channel (-1) I used the patch as needed, but it still doesn't fix my problem.

@thepaperboi

the packetforge-ng -0 -a BSSID -h 00:11:22:33:44:55 -k 255.255.255.255 -l 255.255.255.255 -y .xor -w ARP

nope it doesnt read

how come nothing pops up when i type airmon-ng.

it only says interface chipset driver.

and i bought a stupid netgear adaptor to do this

um can you take this vid down, i dont want to many ppl to find out about this, the gov will shut it down then

@access08intro The government can't Shut down encryption vulnerabilities. They will always be there. Nothing is absolute. And if they ban use of decryption tools, it'll be as enforced as having to be 18 to look at porn!

hey guys this method is called wepspoon cracking thats his method it doesnt work to well

Is there any program to get WEP passwords, and it works in Windows ?????

Thats is because im watching he is using Linux ...

Nice! great video and very informative

Can I use my new Linksys Model AE1000? Backtrack isnt finding the card...

my program runs but my data stays at 0  not sure why

anyone that's actually tried it, did it work for anyone of you?

I have a pcmcia card that I'm trying to use with backtrack 3 (it is a Belkin F5D6020) but it is not recognized by the airmon-ng command or by windows xp, I'm very sure that it is supported but it doesn't work. What can i do?

@salasperret Same thing dude. I'm figuring it works considering it's the same chipset as the version 3 and that one is listed under compatible.

hey "thepaperboi" i have a question...when i inject the packets with the aireplay-ng -1 0 -a (paste AP) -h 00:11:22:33:44:55 wlan0 it does not work, it says "denied (code12) wlan0 is in channel 13, AP is in channel 6" what i have to do in this case? please help me Dx

My PWR (in screen @ 2:30) remains zero at all ap's.

However, the beacons and data are counting continuously. What can be the problem?

There Are 15 different APs, I suppose my card works?

Thanks is advance.

is shell only on mac?

where i can have backtrack?

Failed . Next try with 5000 IVs.

does IVs = Beacons or do i need a bigger dictionary for WEP

can you give me the bcm43xx driver please i need it

i have stupid question how to open a shell??

you will find it near the menu at the bottom on the right on of these icons will open a shell

i have atheros AR928X wireless built in card on my asus laptop, is this supported? i tried airmon-ng but there are no list of my wifi card? please reply help thanks

also, the card i have is the same as the video poster's...not the one he uses tho, the eth1 and it works

THIS IS THE BEST VIDEO TUTORIAL THAT SHOWS YOU HOW TO CRACK A WEP KEY. THIS NETWORK ADAPTER HE SHOWS US WORKS BEST. I TRIED CRACKIN MY OWN NETWORK AND I DID IT WITHOUT A PROBLEM ON THE FIRST TRY. I USED THE LINUX KERNEL 2.4 ON THE VMWare. Awesome !!! 5 stars

so does this work in any linux distro? like lets say ubuntu or linux mint?

@True2TheBlueYoViGang

Try "apt-get aircrack-ng" in a terminal.

oh ok.... is there a site i can get it from real quick..i have a problem in linux(lol) its sorta long to explain but basically i only have internet in VISTA so i cant boot into Mint right now. T_T

PS

if u dunt know a site if i just boot into it and type the code in terminal it should display a link to the deb packs? right? do i need the drivers and stuff downloaded cuz i never installed the video drivers or nothing in linux cuz i still havent been able to get onlone via my dialup..

lol.... it downloads it and installs it and everything automagically, it's not like a link appears.. You'll see.

I don't know how you would do it in windows, or why.. You'd have to go to the aircrack site, download a zipped package, unzip it, install it, which is just cumbersom. apt-get aircrack-ng is much easier.

ah i knw i knw... like i said hard to explain... im not good explaining techy stuff LMAO.

OK basically...my internet works IN WINDOWS ONLY T_T

Thats why i asked...i got linux got no problem using it just the internet wont work something to do with my cellphone modem(thats my dialup connection). wierd...charges my phone but cant find it to set it up in linux

anyways i think it does display a link i can copy, paste in windows, dl deb, then go boot back into linux and instal. cnt remember well

thats one long ps... and hey thanks for the speedy reply! :D

its a live cd....i've tried on 2 of my laptops, one laptop with ubuntu and win 7 and the other just with xp...oddly enough...it only works on my xp box.(because of the wifi card i have. not all wificards are compatible...like the one in my dell 1545

Guys pls help. i get to the aircrack point, id have gotten 15000 + data packets and when it goes to crack it does som work and says failed, trying again with another 5000 ivs. it repeated that till i gave up, i reached a stage of 180,000 Data packets! why whats wrong?!

Its probably not WEP then.

no it is it tell me when im on windows and it also says on back track..

when i start airodump stage i dont get any dta in the shell.time is runnig but no data info is visible

Can anyone give me a link or something to a usb dongle that is compatable? C:

bro , i'm newbie here..

i've some problem when i type " airmon-ng start wlan0"

it appear "error : neither the syfs interface links nor the iw command is available "

so , how to resolve it??

thanks

i have a laptop with the wireless already intergrated.. is there a way for it to work?

yes.

Hey would this work with a Netgear WG111v2 USB network adapter? i cant find any Method that would work with a USB Netgear WG11v2,I have tried commview but it doesnt recognize my "network card/AdapteR"Please help thanks

Great tutorial, very clear thanks

I have a couple of questions first when i send the "ARP" replay after packet forge the data rate does not increase although there ar no error messages

I have a negear 8187l usb dongle I am going to order the alfa one you showed or maybe a high range antenna based on that anyhow. These are all based on the same chipset, can I ask did you patch the driver at all or did you just run the included madwifi drivers included in BT3

regards

mate your a fucking legend!! i cracked a buisness across the road from me with a hawking g-dish with a atheros 5007 card with no problems! And after i connected i did a speedtest and it's running at 45mb/s that's faster than you can buy in a household around here! if i crack another signal and bridge them would it be visable to the network owners?

Just a quick question here... I'm totally new to this kind of thing and i'm 13 and i dont wna fuck anything up lol. Just asking: If i do this to myself if i ever forget my WEP key - it aint gna fuck with my router, is it? Well i mean i know it messes with data packets and shit but i don't want my dad kicking my ass coz i busted the internet @_@ I know this is such a retarded question which I would never normally ask - but my dad and i are kinda dependant on the internet xD

which Linux distro are you using? :S

Backtrack

nice tut, found new comands xD

hey thepaperboi, i watched your vid and its so clear to catch up. i have the same wireless card as yours, able to run the backtrack 3 but the moment i type airmon-ng, the only thing appears is that " Interface Chipset Driver " my card does not appear.. but my card is working on my windows... i cant access the website you gave to check the compatibility of the card because it's blocked by the internet provider here in UAE.. can you help me... Pls....

THANKS... for a well done vid.

What happens if you were to tryout out on protected hotspot like bell O.o. would you get your ass busted or what...

that why you fake your mac adresse :), normaly they could find you but if i was you i wouldn't try

is packet injection required to do this or does it just help to speed up the process?

if its not required then how much longer would it take?

Hey thepaperboi, i followed your video and it worked. The video is helpful. But i have a question about what you do after you obtained the WEP key. It's posible to connect to the AP using Windows, but are there any BT3 tools that can be used to further compromise / identify the lan network?

Just an overall question; what are the possibilities?

1000bit

Plain and simple, the possibilities are endless. :) There is no end to what you can do with linux my friend.

If your looking for more things to do with backtrack, check out the backtrack forums.

im just wondering...is backtrack 3 compatible with windows?

ZOMG I cracked my moms WEP snatch once i was in it was so wet I used a multi core dell splicer and baby she crack hacked and packed it all! this really works!!!

i have a Linksys WUSB600N it say by the wiki that i have to "You will need kernel.lzm and to compile the included driver from the link above." which is rt2870 driver i downloaded the kernel.lzm and the rt2870 what do i do now please help please thenks

No idea. I don't have one of those.

Good luck. :)

Try the forums, maybe someone else has one of those.

does this also works with windows vista?

i get Fragmentation Fault after i type'd in aircrack-ng [Filename that i used .cap]

Does that means my wireless card is not compatible?

hey man this is a great vid thanks for making, i crack wep 1 time, i have the same card as you but for some reason i dont seem to have enough IV's i only get 52 and it says it will crack again at 5000, i dont know what im doing wrong, does there have to be some one using the AP at the same time for it to work ? thanks in adavnce

how i get bt3 like you?

mine looks like only a command promt

its doesn't look like a operation system can someone help?

type:

startx

(and press enter)

that should work :P

when u boot up backtrack 3, scroll to the 3rd option instead of clicking the 1st boot mode. It begins with a "V" (VESA) or something like that.

hi, can i ask after i change aireplay-ng -1 0 -a (paste AP) -h 00:11:22:33:44:55 wlan0 & aireplay-ng -5 -b (paste AP) -h 00:11:22:33:44:55 wlan0 when i need off it will it restore my original thing ? or i need to change it ?

thank you man! it worked perfectly!!! :) 5/5!

I have been able to crack wep but I would also like to kick a client of the AP - this should generate more packets. How do I kick a client off the AP.

He ponders to himself the merits of introducing information of this variety to the ignorant blundering masses of the youtube community, while at the same time imagining the delicious awesome that he will reap for himself thanks to this wonderful software.

A packet will pop up, verify that the MAC is the same MAC of your target.

Press Y if it is, N if it's not.

A packet will pop up, verify that the MAC is the same MAC of your target.

Press Y if it is, N if it's not.

over n over

its been a week not 1 crack yet

u you sold me backtrack ur webpage wifi unlocker not bactrack 3 its more like a backpack 3 i got dvd copy oh great shrink zip-7infrared videos instruction etc... cant 4get gaming console like ps3 Ds xbox

xbox 360 sure i cant even crack 1 key yet 4get about games systems or network anyway u said u'll help so please do and yes my card is comp i get the smily face

A packet will pop up, verify that the MAC is the same MAC of your target.

????

I will help but I don't know what you're talking about

why are you saying ps3 xbox 360

and sayin I sold you backtrack 3 and the "wifi unlocker"...

and you called it backpack 3.........WHAT?

His name is "blingbling" that should sum it up for you..

i email you but no response i made video on youtube still no response i got different card all failed stop halfway tru the process

your webpage said wifi unlocker but u sold me backtrack3 and some other crops anyway it never works so check yuor email please help me help you thank you

This was actually the first tutorial in which I actually was able to crack a wep network. It works. I do not have a Wireless Card, it's an USB Wireless Adapter made for Backtrack 3 that supports monitor mode. :)

This works, really works.

Thanks a lot man.

it worked thx :) .

Hi,

Do you know why I get a deauthentication packet every time I use the fragmentation atttack. Thanks in advance.

what do i need to do this?

you can buy the adapter and plug it into your laptop, it will be detected by backtrack.

I don't know how to fix your onboard NIC, each and every one is different.. Like I always say, the folks over at the backtrack forums might be able to help.

Well, first thing you'd check is if the onboard card is compatable with injection.

How??

I'm not entirely sure you can do it "the slow way" which is I'm assuming, waiting for the data packets to rise..

Pretty sure your going to need a compatible card for this.

You can't generate packets because your card is not supported. lol

I still highly suggest the alfa h model, it's fantastic. Still use it every day

I'm using the exact same card and following the exact same steps you go through in your WEP Crack with Backtrack 3 video. Why am I not able to authenticate into the access point? What gives?

I can't express.. How much I love you, thank you so much! (L)_(L)

Yay, I am loved. Haha

:) I probably wouldn't of watched the video if you didn't do voice over, your way involves a lot more typing that a different way I saw on youtube but the way you do it does it so fast when getting packets :)

I am using "my own" network and the signal is really good! :D

Yes, my way is much longer, and much more typing. I've done it numerous times and frankly, I'm sick of doing it this way. lol

The success rate is higher compared to other methods, I find so anyway. Perhaps I will make another video showing other methods... It is almost that time again.. (to make another video. :P)

ty for the feedback!

Nice tutorial.

But...after doing aireplay-ng -5 -b etc...it is only reading packets here while your shell konsole jumps to the bottom after 368 packets and asks that 'use this packet?'

How to get that question?

I have the same shit. Everytime when i write to the question USE THIS PACKET? the letter Y , to go on, it still makes the same work, sending something.

Everytime it stores the dates to replay_src.....cab

What schoul i do?

Found the problem. There was data transfer needed between the AP and one of the clients.

I don't think this solves your problem because you get the question that I first not got.

Check out one of the tutorials at the aircrack site/wiki. Other methodes might work better for you.

I have some news people!

When I get the time, I'll be making to more videos! One will show you how to play games on your laptop through a firewall (WoW at school?) and the other will show you how to attack WPA at..

not kidding..

20,000 keys per second!

But remember, I go to college and have lots of work to do!

I'm currently taking Computer Networking and Technical Support. And I must leave now to get to Linux class!

HAHA, u're in CNS buddy, good stuff, i'm in CTY!

What school?

Haha, sorry for the late responce.

St. Lawrence!

Seneca@York good stuff man, keep up the studies. i just finished my linux assignment at 1am, off to sleep to be in school for 8. keep h4x0ring

for any1 having trouble with atheros AR5007EG build in wireless card try using wifi0 ( or what ever urs is) for all commads except on airodump-ng parts use ath1, worked for me even though when i type airomon-ng stop wifi0 it says stop is not supported try on ath (jus ignore that its says stop not supported ) hope it helps!

can some help please i get this error after

ifconfig wlan0 down

wlan0:error while getting interface flags:no such device

is your NIC even called wlan0? that's just mine.. yours could be called eth1 or something. Type airmon-ng to find out.

thanks for replying i got it now i meant wifi0 not wlan0 the problem was i had to use wifi0 on the other commands and then on the airodump-ng part i had to use ath1, got it working anyway thanks man!

hey eum i dont know why but i cant inject packets.... it always says : no answer trying again

im using it on a centrino a/b/g dell xps laptop any recommendation?

Does your card even support packet injection? Did you check first?

When i write airmon -ng it said "Command not found" what is the problem? THX 4 answer

there is no space beetween airmon and -ng

its airmon-ng

a 2 yr old can crack WEP, not even a challenge. Now for WPA, thats a good challenge. (crackable provided that the user has chosen a week password.)

nice work ! ;)

nice video, but im tired of kids watching these things and then deciding they're the shit because they memorized a few commands

then use ettercap, wireshart, and poison ivy... buuaaahahahahahahaha.

when i type airmon-ng nothing list...

and when i try to open Local Network

It say " Lisa Daemon must install" :(

running linux?? be sure to have the aircrack-ng suite installed :D

to make this must have "aircrack-ptw-1.0.0" or not??

i bought a linksys WUSB45GC USB adapter and i checked on the HCL:Wireless website for backtrack 3 and it does appear but i do not know how to make it work.

dude r u running aircrack on linux?

yup :D i run it on linux as well :D working fine ^^ and easier xD

poookey

sorry for OT, but what's the name of the 1st song? :)

Celldweller - Own little world[Remorse Code Remix]

There's only one song and that is it. lol

thx a lot for the song, damn I thought it was some remix of the ''we will never die'' song, anyway great video man! tried it yesterday on my acer aspire 5535 but when I type airmon-ng it finds nothing xD so it seems it my wireless isnt supported :(

Awesome! I have an Acer Aspire 7520, and it's broadcom NIC is not supported either. :( Yeah, I had to go and buy that alfa NIC! lol

Hey man you sound liek Woody Harrelson xD

right i have got backtrack 3 on a disk and it runs fine as an operating system. my wireless card in my laptop works with backtrack 3 but when i enable it after changing the mac address it says download software from some website and doesnt get data just packets. so i bought the card u used as an example and i cant select it on backtrack it keeps finding my laptop wireless card as the default. i disabled the card yet it still tries to use it and totally ignores the Alfa network card.

help!!!!!!!

Sorry, I'm just going to have to say check out the remote-exploit forums. Someone else probably has your problem, but I do not. D:

Awesome..

Aircrack or Wesside + Suse ..

Rockz....... ANALSHOT

awesome vid

meow

when i get into backtrack 3 and check the networks with wireless assitant they are showing up. but once i go through the process and get to using airodump nothing shows up then. any help?

The Mac address gets changed, what can be the ways anyone will find out you tried to get their password? I'm a nOOb and more curious than ballsy. Thx, good Tut BTW.

...continued from last post

I forgot to say that the card I am using is a netgear wg511 v2. It also states on some sites that I need the p54 drivers. The only thing that I want to know is how I install these drivers.

thanks:)

Erm, it's different for every card, so unfortunatly the only way you can find out is to do some searching. Like always, I recommend the remote exploit forums, usually someone has had your problem before you.

Hi,

Im fairly new to backtrack and watching your vid has helped me a bit. But I still have one more question. Does my network card work automatically or do I have to install drivers in the modules folder of the BT3 iso for it to work.

Thanks:)

Hey when i do this the #data packets don't increase (they stay at zero)

Does anyone know why?

1. card may not be compatable

2. AP might not like it, dosn't work 100%

can't make it work at my 701 4G =(

I finally got it working.. The method for asus eee pc is kinda different than the tutorial,. but it's easy to figure out.

=)

happy hacking..

thanks for sharing.. =) i'm trying it now using my Hackbook, Asus 701 4G.

10k views! You evil people you! :P

Friendly reminder to all - This was designed to see if your own security is penetrable, and make it better!

This can be used to hack random wep coded AP points, this is true, but if you decide to do that, you are responsible for it!

I have captured 2 million IVs now and Aircrack-ng still havent the key now ...

How much more pakcets do i need xD ...

Or isnt this normal?

2 million as in

2,000,000?

Usually you need 20 thousand..

20,000.

That's not normal. lol

that makes me sad ... payed 100 euro for my wlan equip ... what should i do may download the newest version of aircrack ... i am using the alfa usb wlan adapter

Hmmmm.. well, I say you should go to the remote exploit forums, the link is in the description..

The alfa should work, they're great products..

OK, I see, I understand! Its more simple than I expected, I was expecting to have to use a packet sniffer or something to see the clients MAC, but if there are any connected they are already listed in airodump. Many thanks, I'll have a look later.

Please tell me if it works, I'm interested!

Also, if you do manage to get the mac from someone and try to connect with it, it may not allow you because someone with the same mac is connected; try it when they disconnect!

Thanks for the extra info. I will try later and report back, though it's a lovely hot sunny Sunday morning here in Turkey and I have another job to do first, to go to the beach and check out man's best invention - the bikini. Then I will work on the second best, the computer!

Thank you for your help.

It didn't work, something else must be occurring. I found an associated client, waited for it to go offline, spoofed its MAC and tried to inject but I still couldn't connect. It could be that the client was still associated, but not exchanging data with the AP so airdump didn't show them as connected, I'm not sure.

Thank you kivi12k, very clear and good tutorial, helps to keep me ahead. Can you tell me how to proceed when the AP has MAC address filtering enabled? I read that this form of protection is weak, yet can't find how to defeat MAC filtering, can you help?

I'm nott kivi12k!! ):

Although he's awesome and inspired this video, I'm not him! lol

As for MAC filtering, I haven't tried much, but you can try looking for a client connected to an AP, change your mac to his mac, then try connecting with his mac.

No idea if it works. Give it a try?

ps. I AM THEPAPERBOI!! D:

Sorry thepaperboi for my mix up with kivi12, it's early here! Sorry!

I thought the way to do it was as you say, but how to go about it? How to find what client is connected? If I can this way forward I'll try it

Haha, it's fine.

Well, when your doing airodump, there are 2 sections. The top half displays all the AP's, and the bottom half displays people connected to AP's, which are called clients.

If you were to filter one AP, you can see below all the people connected to it (if any, gotta be lucky.) Then your going to want to copy their MAC adress, and then use macchanger to make it your own.

It's just theory, but it makes sense to me..

awesome tutorial, but:

1. once you get they key (in macaddress format) how do you convert it to the ascii passphrase used to access the AP?

2. is packet injection a must task?

3. do i need a dictionary to do the cracking? if so, where could i get a spanish one from?

Thanks

1, I don't know why you'd have to translate it to ascii!

2, I don't know! If you want to leave your computer on for a few days, you can try and let me know!

3, only wpa needs a dictionary!

1. ok, i copy that key as it is, and i'll have axs, right?

2. got it. injection is to accelerate speed and do things quicker, right?

3. can you recommend me a nice wordlist or rainbow table or anything to begin playing with the wpa-psk AP? At least i know the device has a spanish passphrase of 8 chars minimmum lol

1. yes, remove the :'s from the key and you'll have it.

2. Injection is for speed, correct.

3. If you do some googling around you'll find a few great wordlists, but for a starter I recomend the remote-exploit forums, I'm sure I left the link to that in the description of the video somewhere!

Search search search! lol

I just put Backtrack successfully on my USB drive, and am typing on it now actually. I have a quick question though. Do you have any idea how come I have no sound? I didn't realize until I started watching this video that nothing is coming through my headphones when I run backtrack...

lol...

I had no sound in backtrack 2, but I do in 3..

It's most likely that the drivers included aren't working with your sound card (my guess).. It's really not a big deal, I mean, all you will ever hear is the mediocre start up sound. lol

Fast reply, lol. The only reason I want sound is to follow this tutorial along as I do it. I've done a lot of research in the past couple hours and apparently the only thing I can do is recompile the kernel, which is WAY out of my hands. Guess I'll just write everything down.

Yes, I try to reply as soon as I get a notification! lol

Yeah, I don't think it's worth it. HOWEVER, I've written all the stuff you need to know in the description of this video! ---->

I appreciate your efforts, too. This is a very well done tutorial that's gonna help whenever my internet cuts out. 5*

Thanks!

when you boot from backtrack which option do you boot from? like flaux or w.e

Vesa for my computer. It's different for everyone elses, I have to go to vesa, press tab, then add on the following:

acpi=off noapic

Try if if you can't get it to boot. Also try text mode.

i think there is somthing wrong with my crack

i generated the following but still canot find KEY.

Data 130000,

Sent 600000 packets...(499 pps),

Aircrack-ng 1.0 beta1 r857

[00:25:01] Tested 2097153 keys (got 120123 IVs),

and later i got a message called (killed)

this message stop the aircrack from finding the password key.

so somebody shuld plz tell me what is wrong.

Sorry, I don't understand. ):

do you have backtrack 3 install in your hardrive or are you running from a live cd?

Do NOT install BT3 to your harddrive. Just don't.

I use the USB version.

thanks took me a little more research but this was a big help to figure it out, make more vids like this plz :)

Thanks, I really appreciate it!

I should make another cracking vid huh? I was thinking of explaining how to crack WPA, but it's just so hard to pull off. lol

thepaperboi

can you please tell me the seller on ebay you bought your ALFA from? please!

The sellers name was Rokland. Just search for lowest price..

A WPA vid would be sweet, but i'd rather see what else you can do after cracking WEP and gaining access to a network..especially with backtrack. I.E. it has a ton of voip tools, password crackers, etc., very hard to find even simple directions for.

Yeahh, I see what you mean. I don't really know how to do much in BT other than this, but I'm sure I can do a little research.

Also, I just got into college so I'm a little busy at the moment! lol

sweet

i was just lucky i got the right card and it can detect my card! thanks alot great help..

No problem! Thanks for the great feedback.

thank your thepaperboi great help from u! thanks alot men!

A packet will pop up, verify that the MAC is the same MAC of your target.

Does the Destination or Source MAC have to be the same as the BSSID?

I never got the source to match BSSID, pressed No like for 100 times. What could be wrong?

That's odd..

Perhaps you are airodumping wrong, or aireplaying wrong, make sure to point both to a specific bssid or you might get packets from other APs!

omg thank you

i know, i have a broadcom 802.11b/g WLAN. but what do i put in for the name of it. like

macchanger -m 00:11:22:33:44:55 wlan0

what do i put instead of the wlan0. like im pretty sure i dont put broadcom 802.11b/g

Type airomon-ng

It will tell you it's name

Look at 0:57 in my video.