nice tutorial man thanks a lot !!!!

Thnx for this great tutorial!

I got the packets send, but aircrack doesn't find the key (even after 600.000+ data)

I tested this on my own network with no computer attached (no wirless and no wired).

What i am doing wrong? I followed all your steps above!

You rock !!!!! and by the way r there any more bt tutorials of urs ?????

When I run interactive packet replay - it stops after ~10 packets... Is there a way to make it run longer to collect more packets?

HOW DO YOU CHECK TO SEE IF MAC address filtering is enabled

HOW DO YOU LOWER TRANSMIT RATE???????????

Fake Authentication failed on me too, i checked everything to be correct (used the right channel and macs) and no results, it just keeps sending "Sending Authentication Request (Open System)".

I also used the "check kill" to restart my adapter to the right channel and it didn't work :(

when im trying to do the intreractive packet replay it just keep saying read (packets number) packets and it already went up to 98,000 packets and keep going for like 10 minutes already

I am capturing data packets really slowly so i tried ur first option but when i put it in this is what i get out:

21:37:29 Sending Authentication Request (Open System)

21:37:31 Sending Authentication Request (Open System)

21:37:33 Sending Authentication Request (Open System)

21:37:35 Sending Authentication Request (Open System)

21:37:37 Sending Authentication Request (Open System)

until it stops i know i put the correct info in but this still happens any ideas?

how come when i use the vm version i am unable to use my wireless adapter in backtrack. i can on the live cd. and i cant really save wordslists n stuff on the live cd

Again awesome video like the rest!!! But one problem though like a couple of guys on the comments I too have the problem of collecting packets not stopping. Did everything step by step, checked if I'm still authenticated "yes", did the new tips that you gave "-m 68 -n 86" and still reading packets is now up to 38k am I doing something wrong or do I need to do something else? I do trust you like always that you're gonna have the answer for my problem, thanks in advance!!!

everything is working fine but after i type in the code aireplay-ng -1 3000 -e 1025 7265 -a 00:23:75:21:7d:c0 -h 00:11:22:33:44:55 -o 1 -9 10 wlan0 and when i press enter it says aireplay ---help what am i doing wrong

@tayjay1983 its not -9 10 its -q 10

i played with it and got it to work now back to part one! lol YOU ROCK!

my packets keep going and going and going.... without a stop what should I do, it worked perfectly intill the "aireplay-ng" it just keeps "read ____ packets"

@luckyali13 did it for me the first time, just run the command again and it'll stop

I am having the same problem as many others are.

Everything works, until I try interactive packet replay. I can see it reads packets as yours does in the video, but where yours stops at about 3000 packets, mine does not.

I let it go until around 20,000 packets read, then stopped it as nothing was happening. It never showed a big chuck of info and did not ask if i wanted to use that packet

Would you be able to tell me why it keeps reading packets without sending any, and what i could try to fix?

worked for me once one time.

when i tried again yesterday with the same Access Point, airodump-ng captured over 200000 IVs and aircrack-ng was not able to get the key.

then i took my PSP and downloaded a file from the internet, so i didn't have to generate traffic with my laptop(its my router so i've the key already). This time it worked with 60000 IVs.

Why doesnt it work when i generate traffic this way. a few weeks ago it worked

interactive packet replay won't work for me. i did everything right now its already at reading 20000 packets and doesn't stop!

man y is it my fake authentication is unsuccessful?

woah ur good...... im beginner...... looks like i got alot to learn

For me it just looses all packets, dont know why?

This is an amazing video... works like a charm, You are an amazing resource! Thank you for your hard work!

One the best, if not the best tut's on youtube. Keep up the great work. Really nicely done and you have good speaking voice, that can come in handy, hehe.

with back track 4 you cant open a new shell so how are you ment to do a fake Authentication/Interactive or a Active Injection??? and when i try and do it on backtrack 3 it doesnt come up with any networks can you help me plz

Would this work with the wpa cracking? if i did this just before i do the de-authentication?

@JookerJake The part that makes it think your on their network anyway

hi,

i got a short question: when i use interactive injection and im gathering/reading packets it always ask me if i want to use the packet after reading about 20 packets... what am i doing wrong? i m using :

aireplay-ng -2 -b MAC-AP -h MAC-my-wifi -c FF:FF:FF:FF:FF:FF -p 0841 eth1(which is my wifi)

can u help me plase?

I also started getting deauthentication packets every now and then. Does this mean I won't be able to obtain enough 'good' packets in order to decipher the key?

So I tried your method of fake authentication but when trying to aircrack the key I kept getting failed error and kept trying up to 60,000+ IVs with no luck. Any ideas as to why the WEP key is so hard to crack?

i know this is not the right vid to comment on wpa but i will first of all when a wpa,key is for ex.6t7eg7dh00e8he7 how would it be possible to get this key is the only option brute force???? if it is can u please make a vid or is this unrealistic of me to ask you to do this because i have heard this can take days love ur other vids.

danoxx2

Their are two types of Brute-Forcing. True brute forcing basically means that you try every possible combination of characters (With rules in place to restrict size, letters, etc..) which can take a very long time depending on the rules in place. By long time I mean over a year in some cases :P

The other variant is utilizing wordlists which in your case would prove worthless. However, you can incorporate the two by using John The Ripper. It allows you to add extra characters and so forth.

Hi all when I get to this bit:

aireplay-ng -1 3000 -e [ESSID - Name of Network] -a [Mac Address of the Access Point] -h [Our systems Mac Address displayed in Macchanger] -o 1 -q 10 wlan0

and hit enter it trys to work but dose not use the correct channel insted of using channel 6 it uses 9 and then gives the an error of incorect bssid

the bssid is correct as to are the mac and router numbers.

any idea thanks

Sorry for the late reply, I've been AFK. You can change your channel by doing this:

airmon-ng stop [ADAPTER] check kill

airmon-ng [ADAPTER] start 6

And you can also try this if you have issues with the above mentioned:

iwconfig [ADAPTER] channel 6

how to know the ip of a ap on my network by mac adress or 4m any other thing any idea plz post it

where did you learn all this computer stuff???

Ironically...I learn computer stuff from computers :P

(Primarily at least)

yes i see..... realtek rtl 8187b

How do i get this method to work with airmon-ng?

Huh? It's part of the Airmon-ng suite.

hmm well it just keeps reading packets all the way up to 30,000 it never asks to use a packet.

I have a intel 5100 AGN

Sorry for the delay. I didn't even see this comment. Anyways, check out this for information regarding your issue:

tinyurl . com / intel-5100

(No spaces)

Will this work with a 2.6.30 kernel?

I don't own that chipset so I wouldn't know. You would know better then I would :P

when i accept 2 use pockets my data still doesent go up only 2 and pockets on my network station is growing quickly...any explanation ??

Are you successfully authenticated with the network? Do you see yourself listed under the network? What kind of adapter/chipset do you have?

Yes it is authenticated. I have a Intel 5100 AGN

The reason why is you must select and replay a packet that creates a response from a host inside the target network. By simply spraying non encrypted packets at a network will not yield a usable dump. Authenticated or not WEP uses open authentication, thats no real accomplishment. You need to replay a net bios request (announcement/browse), ping, arp, dhcp request, or any other packet that will solicit a response from a host inside the network.

cj could you do this for obtaining the wpa handshake or would you have to actually be connected (because i thought if you pretend to be connected you dont compare hashes and therefore dont hold a handshake) my vid to you in responses

You can not do Fake Authentication with WPA however you MIGHT be able to do Interactive Packet Replay. I haven't tried it but really it would be pointless to do because all you need is the initial handshake, you don't need IV's.

Lol i was 8 hours into collecting Data and i had around 6000 Data

then i tried doing this and i found out it didn't help AT ALL

i'm prettty sure i typed in everything correctly...

Great Video though

That's odd, you could always try Active Injection. It's a lot easier then this but only can be done if their is a system on the network.

hey i do it all perfectly but when i press enter a message just pops up saying "aireplay-ng --help" for help

plz help man

i fixed t hat and i now have myself down there but im still not receicing any #Data

any ideas to help?

sorry man i wrote that comment late last night, what i was trying to say was that i had made a fake authentication but im still not receiving any packets, and when i do the interactive packet replay it never stops, it just keeps on going, i left it all all night and when i woke up it was on 300000+ and it still hadnt stopped, any solution to both problems?? or preferrably the first 1

thanx in advance

Ensure you are still authenticated with the network as well as continuing to authenticate and try the following command for Interactive Packet Replay while doing that:

aireplay-ng -2 -b [BSSID] -h [Your Mac Address] -c FF:FF:FF:FF:FF:FF -p 0841 -m 68 -n 86 wlan0

(This has some additional flags that differ from the one I use in this video. It seems to resolve the issue you're having)

ok kl thanx but does that fix my first problem or my 2nd problem?? because i firstly need to fix the 1st problem, its weird i get I/Vdata under my station but not under the BSSID will the answer that you just gave me resolve this issue??

thank you

hey i just ried it out and it still doesnt seem to be stopping , ill leave it for a little longer to see if it stops if not i hav no idea wot else to do, your gonna hav 2 help me man :)

Have you successfully authenticated with the network? If you airmon-ng on the network does it show your system on the network? If not then your not properly authenticated and the 2nd step will not work.

hey after doin so much research today i finally got it to work!! and i hacked my first wifi! It had to do something with my adapter, that i had toe enable it before use or sumthing, apparently it only happens with my adaptor lol just my luck! Anyway thank you for your :) It actually worked xD

Awesome! I'm glad to hear it. Did you just vary on and off the device? Could you please post what you did in case others come across the same issue?

yeh sure it involves a few commands before starting to search for networks and all that

This only works for people with an intel (r) PRO/wireless 3945abg adapter. Before starin you enter these commands in a shell

modprobe -r iwl3945

modprobe ipwraw

iwconfig

airmon-ng stop (interface)

ifconfig down (interface)

macchager --mac 00:11:22:33:44:55 (interface)

airmon-ng start (interface)

After doing that you should be set to go and btw you do this before you start searching for networks

And also one last things, after doing the first 2 commands i found out that my interface changed from wlan0 to wifi0 so dont worry if your usual interface doesnt work, just use the wifi0 one ;)

hey man also like the last thing im ever gonna ask you, when i do the interactive packet replay it doesnt seem to go much faster at all, in fact it actually starts to look like it goes slower, could i be doing anything wrong or do i need a different command or sumthing.

p.s. i posted the commands for you like you asked :)

hey i posted the commands above for u ok??

Yup, I saw that Mikey. Thank you very much :)

Lo there, SHould be a pleasure to ork wiv this video. Still got a problem. @ 8:53 Dest MAC remains FF:FF:FF:FF:FF:FF:FF and souurce MAC also. i bet it never work :-)

Huh? I have no idea what your saying or asking...Or if your making a statement or asking a question.

Hey, I have a problem with cracking WEP: (Love all of your videos by the way. your one of the first to make good use of the info box)

My problem is that I am unable to crack a WEP password no matter how many packets I capture. For example I collected more than 100,000 packets and the crack command tells me that it failed and to try 5,000 more packets. any ideas?

Some Access-Points can take up to 500,000 IV's. The official Airmon-NG documentation states that it can take up to 1,000,000 at times but I feel that if you can't crack it after 500,000 then their is an issue. One possible issue may be the encryption strength of the network. The default method used by Airmon-ng is PTW which is limited to 40 and 104 Bit keys. You can try alternate methods though. To read more in regards to this topic check out the following:

tinyurl . com / wep-bit

(No spaces)

Another point I noticed when watching you vid. is that your #Data packets is increasing a lot when you initialize the Interactive Packet Replay, but the packets sent from you bssid is not increased (9:20). In my case the opposite occurs when I initialize the Interactive Packet Replay. The #data packets is not increased , but the number of packets sent from my bssid is increasing rapidly up to 10000+

Perhaps you just try Active Injection (Assuming their is a station on the network). I made a tutorial for this which can be found on my channel, in my tutorial playlist, or in the Video Response to my WEP Hacking Part 2 video.

@mushroomHEADBANGERS

None of the two methods you have posted works for me. I get the same error message as projectshinobi (posted right below). I am thinking that it might be because of The card is not on the same channel as the AP. You said to check by writing iwconfig, but I am not sure what I should look for. Also do I change it if it is wrong? My home network is on channel 6, the network I am trying to hack is on 11 (if that matters). Any reply would be much appreciated

Hey, sorry for the delay. I've been really busy lately. Anyways, to change the channel of your adapter try the following:

airmon-ng stop [ADAPTER] check kill

airmon-ng [ADAPTER] start 11

And you can also try this if you have issues with the above mentioned:

iwconfig [ADAPTER] channel 11

Hi, I have a problem with the data collection. I am able to authenticate with the network (I get the "Sending keep-alive packet" message). The command for interactive packet replay is working as I am able to answer "y" at the end. I can also see that my bssid is sending out packages. My problems is that the data collection is not going any faster. Is there anything I am doing wrong? Please let me know if you need additional information to reply to my question.

Well I switched to Bactrack 4. That did the the trick. I put in the command aireplay-ng -1 3000 -e Castro -a 00:2F:90:A8:DE:25 -h 00:25:54:10:33:36 -o 1 -q 10 eth1 and it worked perfectly :-) Thanks for your time.

I think my Mac address filtering is enabled, I don't know. Hope u can help.

You should be able to determine that by going into your Router Configuration page. Most networks don't have this enabled but you may have enabled it on yours (Which I find hard to believe since your not even aware of if it's on).

I suppose you should check that. Also enter into console:

iwconfig

Check if your adapter is on the same channel as the Access-Point your trying to crack.

I'd assume you already double-check ot make sure your Mac was changed and BSSID and Mac are entered correct.

aireplay-ng -1 3000 e Castro a 00:2F:90:A8:DE:25 h 00:25:54:10:33:36 o 1 q 10 eth1

Then I get this message, attack was unsuccessful possible reasons. * perhaps Mac address filtering is enabled . * check that the BSSID (a- option) is correct. *Try to change the number of packets (-o option). * This attack fails against some APs. *The card is not on the same channel as the AP. * your too far from the AP. Get closer or lower transmit rate.

Why are you not prefacing your flags with a - ?

Try:

aireplay-ng -1 3000 -e Castro -a 00:2F:90:A8:DE:25 -h 00:25:54:10:33:36 -o 1 -q 10 eth1

I am. I copied and pasted my command and for some reason it didnt show the hyphens, but my command dose contain the hyphens.

aireplay-ng -1 3000 -e Castro -a 00:2F:90:A8:DE:25 -h 00:25:54:10:33:36 -o 1 -q 10 eth1

Hello. One question, after I put the command for Fake Authentication. I get an error message. It lists a couple of things that might be wrong. The one that caught my attention is the one that says that my Mac filter might be enabled. How do I disable this?

Could you please provide the exact error message and the exact command you enter prior to getting the error?

nice tutorial, but does it actually build up those packages to one big chunk like you say or does it wait until it receives a useful data package? because with me it has already read OVER 9000!! packages but it still didn't ask me to use them.

Yes, the latter. It can take much longer then it did for me sometimes. If you click on View All comments you will see some comments by people who had similar issues and the syntax of a few commands/tags to fix the issue.

ok, thanks.

i dont get authentication and association successfull why?

<3.

Dude you rock! Worked perfect...so whens the WPA video coming out???

I'm actually working on it right now :) I am just generating a hash-table prior to recording so I can save some time and demonstrate it's use. It should be finished in the next few hours. I may also make a video tutorial on how to install Backtrack to a Virtual Disk in VMWare Player to simplify things and make the video easier to follow along. Glad it worked and was useful for you :)

it all works but my computer wont capture the packets that i send do you know how i can fix?

please help

Your vagueness makes "fixing" a bit difficult. I assume your referring to Interactive Packet Replay? Could you please provide the exact syntax of the command your having issues with and any associated errors.

well see that was my problem all the commands worked as expected but when i start airodump-ng i wasn't capturing any packets i was using backtrack 4 and the commands were slightly differant os i went back to using backtack 3 and it worked so never mind

and i apreacheate your timely responce

After I type the aireplay-ng command I get "Attack mode already specified. This part has me stumped, any helped would be appreciated. Thanks

Your most likely not entering in the command right or adding an extra flag/space. What's the exact command you input prior to receiving this error.

can u make the python script ^_^ like make it into a timer bomb... so once the machine is infected with the file after 3 hours it goes off

You mean a logic bomb? A logic bomb is basically a conditional piece of coding, generally malicious. A logic-bomb variant of a Syn-Flood could be done but I don't think it would be wise unless the conditions were dynamic. Having a static pattern of events occurring of that nature make troubleshooting a little bit easier. Having a random remote user controlling the event is much more effective. I don't have the Python script I made with me but I may work on it some more when I get it.

i geus sorta like how some viruses has a date were they explode and start to rape the system insdie out just it has to run every time it happens

Preciously, sort of like the supposed initiation of Conficker

exsactly but if the code was poly morphic and jumped from pc to pc destroying networks that would be scary ._.

You mean a worm :P

You know over 7 Million systems are estimated to still be infected with Conficker. The creator of the worm probably is scared shitless with all the attention gained and doesn't want to activate or do anything with the current infections to avoid being caught. However, could you imagine the outcome of all those 7 Millions systems joined together like a botnet doing a DDoS. It may literally crash the internet lol. Backbones would snap or the NAP's themselves :P

hey so will u go in a chat room wth me ? can u help me make a ipod touch web page like compatible PLEASE :D also i know a issue with ipod touch... sorta if it in disk mode u can pass any command basicly O_o oh i got off topic wana go in a chat room and help me code like wep page for ipod touch that interfaces with a app on the web server and data base for hte login :D

Sorry, I don't do the whole Cyber-Sex thing, IPod Touch manipulation, or randomly assist someone I don't know with SQL or any kind of Database work or even programming :P

ude u just went perverted O_O and please i wana do like a cpanel for web sites :D

Lol, I was kidding...Once again, no. Look for templates or learn. I don't have the time for that, sorry.

:( and no matter what ima say that was perverted can you make a tutorial program that looks for unprotect ssh like iphones ikee virus just show us thought sorta like a good search but its more powerful :D

You think that was perverse....Oh I got lots more of perverse things I could say :P Once again....I don't want to do anything regarding IPhones or any Mobile Devices really (At least not yet, maybe with the new Google OS that may change). Viruses are easy :P

why not mobile... pwease and bring it on (thats what she said :o) XD anyways goto mobile platform not google android... cmon ipod ouch has mac osx sriped :)

That's what she said...? Wow, that's so perverse :P

Mac OS doesn't need to be infected or fucked as it's already a P.O.S :P IPods are garbage as well. Why get an MP3 Player when most phones are capable of being an MP3 Players...

lol are you gonna at leasstart with sumhing? (tahts what she said :O) ipod touch there awsum touch screen run os and its sumthing i wanted so badly for what it had but cmon you could exploit a buffer overflow over the web XD

Plenty of hand-held devices have an OS on them now. Windows, Linux, Etc...It's nothing new or impressive at this point. If you want to find a cool fun Exploit over the Web research the Windows 7 BSOD Exploit over UDP.

i saw that microsoft ptched it but theres one for ndroid so *pulls out android phone* *connects to network of peopele using pcs running vulnderable vista copys :D* hmmm kill all button :D *presses it and all the computers explode* :D

Yes, you're right I was entering a "zero" instead of the letter "O" but now it's saying "Invalid number of seconds. [1-600] the command I'm entering is:

aireplay-ng -1 3000 -e HJWU5 -a 00:1F:90:B8:E1:DC -h 00:1E:2A:F8:FC:CB -o 1 -q wlan0

Your missing the 10 after the -q.

I have the syntax of all the commands in the Video Description. Example:

-q 10 wlan0

hello, thanks for the help

however, i use vmware player and i don't know how to create a new terminal like u

that packets keep going up while urs stop at 4000. so i can't press 'Y"

help plz!

can't create a new terminal, or go to a previous one after a new command (only the commands that open a new window, like seraching for data before cracking)

help!

thank you

I'm rather confused on what your saying. A new terminal would be created (Assuming your using Startx) by click the icon in the bottom left corner on the black Shell icon. Ctrl+C would stop any command. If your Interactive Packet Reply seems to be going non-stop try using the command I specified a couple comments down.

can u write a automted script... also i wana like do a network bomber.... once your interactive start to send malformed packets attempting tocarsh the router :D

A Syn-Flood script would be ideal for that. It's a form of DoS (Denial Of Service) which uses malformed network packets sent through a TCP connection to eliminate ACK replies causing a shut-down/flood. I was working on a script for this in Python but never finished it. I don't really have the desire to make an automated cracking script though.

thanks alot

Your welcome Careah. I'm glad it was helpful :D

hey mate

im up to the packet collection it doenst stop by it self it just keeps collecting . wat u rekon is wrong

you just have to wait..and try to add -m 68 and -n 86 before the adapter name:)

@valcamas how long do u rekon i have to wait, so do i put -m 68 in front of wlan0

i dont know yet, wait for the boss:D

So I take it those additional flags resolved that issue for you valcamas?

Let me know if it does so I can assist others that may have the same issue. I appreciate you sharing you helping out other users as well :)

to tell you the truth,the day that i tried to perform your tip, the bitch went on vocations and she switched the adapter off:P:P... but i trust you, so i do recommend your tips to others so that they can try them now, and tell us the results..please specify this so that he can do it correct..in 2:55 you have typed the first command.. airodump-ng -w thenetwork wewillrape --bssid FF:FF:FF:FF:FF:FF -c 6 wlan0..where do we input the m 68 and -n 86? please show us the full command..:)

aireplay-ng -2 -b [BSSID] -h [Your Mac Address] -c FF:FF:FF:FF:FF:FF -p 0841 -m 68 -n 86 wlan0

man i can't either do this one or active injection and stuff i think my adapter doesnt support doing this stuff is it possible?

That is possible. Some cards don't support injection.

Why are you unable to perform these?

i dont know it just keeps saying waiting for active injection and for this one it says that it's unable to do it and gives me bunch of reasons and stuff i think it's just my adaptor and stuff

you should have in mind that most signal lines that i can reach from my house are three from five which is the maximum.. could this be the reason why i reach 30.000 packages and the process is not finished yet??

thanks again..

As long as you can communicate with the AP without significant loss of packets you should be fine. Have you successfully authenticated with the Access-Point prior to doing this? It's crucial to authenticate with the AP and verify that your Mac Address shows on the network prior to doing this or you won't have success.

the fact is that everything goes the same way that appears on this video..the only problem that i encountered was that i had to wait too long for the packages so i pressed CTRL+C so that it stops:P(i thought that it would ask me to type Y but i wasn't so lucky:P:P) And yes, i did authenticated with the Access-Point..in fact i do everything on the same way you do..

Try to add the following to plags to the aireplay-ng -2 command:

-m 68 -n 86

(Make sure it's before the adapter name)

oh, and it stops alone or i have to type any command??

that means that the there is a possibility that the process can take more that an hour??

p.s this is the best tutorial from all..

It shouldn't take more then an hour. Also, it does stop on it's own. If it continues for longer then an hour then there is something wrong.

i found a way to fix this thanks! but now i am stuck on 8:53 .. i leave it and it reaches 30.000 packages..(wow, couse yours stops at 4.800 alone)

but on me, it does not stop so that i will have to type "Y"

in order to continue..you do something specific so that it stops??..

The times vary. I've had times where it took that long as well. If you did everything prior to that step correctly it should stop once it's ready.

what do you use to record?

Camtasia Studio 6

i found a serious problem..the network that i want to rape is called OTE CONNX(two words exactly like this..) on 2:49 you use airodump-ng -w "name" and all the others..If i type OTE CONNX like this, on the networks name place it sais that the command is wrong..but if i type it as OTECONNX(as one word..) it goes ok until i reach 5:50 and start sending Authenticaton Request..when i reach that time the authentication cant succeed and it sais that OTE CONNX is not the same as OTECONNX..what to do?

Trying to encapsulate the text with a single quote or double quote (IE: 'OTE CONNIX or "OTE CONNIX"' ). You can also try to preface the space with a \ .

by the way, when this will reach 20.000 data,

what should i do next??

i mean which video should i start watching??

the second one?? "the how to hack wireless network(wep/linux) -part 2??"

OMG! frustrating. it keeps saying source mac address is invalid. isn't it the bssid thing? iput it but it keeps saying that any help plz?!:)

In your shell/terminal type:

airmon-ng

Verify your adapter name (IE: wlan0, Athos, Etc..).

Next, input:

macchanger -s [ADAPTER]

(No brackets)

This will display your MacAddress. Ensure it's entered correctly after the -h flag in the airplay-ng -1 command. Also, verify that the Access Points Mac Address is correct after the - a (This will show in the Airodump-ng command).

You really don't even need to specify the local Mac Address but it helps to do so.

man i did but it says no sucha bssid found or something whats wrong?im sure my bssid is right:( and also for active injections do u use your mac address after h or the faked one cause mine just says waiting and stuff and just freezes:(

For Active-Injection, you will use a Mac Address of a system already on the network. If you authenticate yourself on the network and try Active-Injection the success rate is much lower. It's better to use Active Injection when their is a system already on the network. In that scenario you would change your Mac to match that of the one on the network. If their is no system on the network then try Interactive Packet Replay which is demonstrated in this video.

But In VMware player, there isn't a little black window icon on the btm left

=/

Watch my video How To Hack Wireless Networks (WEP - Windows/Linux) - Part 1. It clearly shows how to access the Shell console.

you must type startx  this is the command:)

how do you open another shell.

using bt3 in VMplayer?

In the bottom left hand corner you will see a little black window icon. Click that and you will have a Shell window

Network Hacks FTW

Nice tut, like always =)

But is there a way to auth with WEP networks which got MAC address filtering enabled?

Or generating packets, when nobody else is on that MAC filter enabled network??

This is a very good question and an issue I have encountered a couple times myself. If an encrypted network has Mac Address Filtering enabled you will need to find the Mac Address of a system on the network. As long as someone is using the network you should be able to see it when trying to airodump-ng. After doing that get ready to do some fast typing.

In the terminal type:

aireplay-ng -0 1 -a [Access Point Mac] -c [Client's Mac] [ADAPTER]

This will de-authenticate them.

Once they are de-authenticated from the network you will want to change your Mac Address to match theirs and authenticate yourself (as them) using the techniques demonstrated in this video. You will need to do this quickly though.

Also, because you aren't de-authenticating them from the network but rather locally from one wireless NIC to their Wireless NIC you will need to be close enough for the signals to reach for success.

Good-Luck!

man i need to sleep, i was trying to close windows in your video

Haha, I have done the same thing before actually lol.

i love this

Thanks :D

<3

*hug*

even though i dont watch your tutorials

*snores* jk ily <3

5stars =] <3

Cute! I actually was hoping you would do this when I arrived at work and you didn't disappoint me :) Your so cute, ILY.

That's an awesome GF. Even on videos that are considered torture to her, she is still will to comment and rate out of support.

lol i love you so much <3

=P oh also a GF that takes pics of her hands and feet after she paints her nails and sends them to her BF just because he asked and knew it would make him happy (even though she thought it was quite odd) lol i love you <3

<3forever<3

I knew it was a matter of time before you made a remark regarding that. In my defense those pictures were extremely sexy and if I didn't care so much about your privacy and trust I'd post them all over the internet to brag.

Ugh, I am going to look at them again before my break ends ;)

Hey dude, not commented in a while just stopped by to say love your videos.

Aw, well thank you very much! It has been awhile indeed but I still remember you :)

I appreciate the gesture :D