All attacks fail aprt from ARP Replay (WEP)

[GoogleCodeExporter]

What steps will reproduce the problem?
1. Any attacks started (fragment, chop chop etc)
2. Airodump and aireplay start as normal
3. Wait for IVs

What is the expected output? What do you see instead?
Airodump and Aireplay start as you would expect but no injection happens 
so no IVs collected

What version of the product are you using? On what operating system?
1.10a5
BT4 (fully up to date)

Please provide any additional information below.

Using Alfa Awus035hcard (RTL8187) so injection does work (It works at 
1000pps during ARP replay with client and AP.)
I have not succesfully used Grimwepa in any other mode with any success 
(sorry - passive works fine).
In addition - the IVs in ARP replay climb - but are not displayed in 
Grimwepa console - so manual crack is required (already dealt with in 
another thread - not a major problem)

Original issue reported on code.google.com by darreljg...@gmail.com on 2 Jun 2010 at 10:51

[GoogleCodeExporter]

Hi darrel,

Thanks for the bug report.  I just have a few theories as to why WEP attacks 
don't
work for you:

- Fake authentication is required for injection to work.  If you're not close 
enough
to the router to fake-authenticate, then injection will be impossible.  Also, 
Grim
Wepa does not currently support Shared Key Authentication (SKA), so if the 
router
uses SKA, fake-authentication will be impossible (meaning injection will not 
work).

- Have you confirmed that the fragmentation and chop-chop attacks work with your
wireless card and access point (using the command-line)?  My access point 
refuses the
chop-chop attack, but my friend's AP is susceptible to it.  Fragmentation is 
the same
way; some routers are patched so that these attacks fail.  This might be why 
those
attacks are not working.

- Another factor might be that aireplay-ng is waiting for a valid data packet 
so it
can generate a replay packet: sometimes waiting for a packet can takes minutes,
hours, or even days.  You have to wait for traffic to be generated on the access
point, and just because "Data" is going up in airodump-ng doesn't mean those are
valid data packets.

If you have checked these 3 conclusions and the attacks still do not work for 
you,
then this is a problem with Grim Wepa.

Original comment by der...@gmail.com on 2 Jun 2010 at 4:37

• Added labels: Priority-Low
• Removed labels: Priority-Medium

[GoogleCodeExporter]

Thanks for the quick reply!
Will work through your suggestins in your order
I have tried attacks against 3 different routers (all wireless routers) of 
varying
distances and signal strengths - one was less the 5 metres away - still no joy, 
SKA
and signal strength are definately not the problem.

Fragment and chop chop - the strange thing is this - I use my own network to 
trial
attacks and a few weeks ago - with grimwepa 1 and BT4 all attacks worked - I 
have
since updated BT4 and grimwepa and I am in the situation where attacks do not 
work. 
I have tried an old clean install of BT4 and it still does not work.

Data packet - I am definately getting valid data packets - I am running several
laptops and deliberately hogging bandwidth with each of them - as I said - the 
ARP
replay attack works - if I stop that attack and start any other type - then 
nothing
works (although I can then go back to ARP replay and it continues to work).

I am not sure what is happening here as my drivers are correct - if I use 
Aircrack-ng
etc then attacks work (and work well) including injection (grimwepa injection 
test
works well)but I am having no joy with Grimwepa (I even tried to roll back to 
stable
version with no joy).

Totally baffled by this one!
Anything else I can give you - let me know and I will try anything you like.  
Very
nice piece of software you have - wonder if its my setup which is the problem!!!

Original comment by darreljg...@gmail.com on 2 Jun 2010 at 5:14

[GoogleCodeExporter]

I don't think the problem is your setup... One way to test is to download 
grimwepa1.0
and try the attacks using that version.  If that version works for you, then 
shit,
maybe I shouldn't have attempted a newer version of Grim Wepa!

A lot of people have complained about the WEP attacks not working properly, but 
I am
unable to reproduce the errors.  I really want to over-haul and re-write the WEP
section of the program, but unfortunately I'm in the process of moving across 
the USA
right now (should be settled in by July) and can't fully work on the project at 
this
time.

Thanks for the bug report!  I will work on getting Grim Wepa to be compatible 
with
different distributions of Backtrack and different wireless cards.  Hopefully 
Version
1.0 will work for you in the mean time!

-derv

Original comment by der...@gmail.com on 2 Jun 2010 at 6:07

[GoogleCodeExporter]

I haven't noticed any of these issues just did a fresh install with alpha 6 
from the Backtrack 4 LiveDVD. Everything seems to be working like it is 
supposed to. Even starts cracking on its own again which was broken in earlier 
alphas

Original comment by ondro...@gmail.com on 9 Jun 2010 at 11:54

[GoogleCodeExporter]

Thanks for the feedback, ondrovic. I had a feeling this issue was an isolated 
incident.

I'm going to mark this issue as WontFix.  If anyone else has similar issues, 
leave a comment and I'll look into it. Otherwise, i'm considering this issue 
closed.

Original comment by der...@gmail.com on 10 Jun 2010 at 2:31

• Changed state: WontFix

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

i have broadcom 4312 b/g and not support fake what its the problem?
use bt4 -rc6 
when run aireplay-ng -9 mon0 can see  inyection its work

what this problem ? sorry for me english no its very good

Original comment by desdicha...@gmail.com on 22 Jun 2010 at 5:09