Показать сообщение отдельно
Старый 07.11.2012, 18:58   #8
Аватар для Ravenous
Регистрация: 14.07.2012
Сообщений: 64
Репутация: 1
По умолчанию

Если не видели, вот ещё с офф. сайта
It can sometimes be tricky to capture the four-way handshake. Here are some troubleshooting tips to address this:
  • Your monitor card must be in the same mode as the both the client and Access Point. So, for example, if your card was in “B” mode and the client/AP were using “G” mode, then you would not capture the handshake. This is especially important for new APs and clients which may be “turbo” mode and/or other new standards. Some drivers allow you to specify the mode. Also, iwconfig has an option “modulation” that can sometimes be used. Do “man iwconfig” to see the options for “modulation”. For information, 1, 2, 5.5 and 11Mbit are 'b', 6, 9, 12, 18, 24, 36, 48, 54Mbit are 'g'.
  • Sometimes you also need to set the monitor-mode card to the same speed. IE auto, 1MB, 2MB, 11MB, 54MB, etc.
  • Be sure that your capture card is locked to the same channel as the AP. You can do this by specifying ”-c <channel of AP>” when you start airodump-ng.
  • Be sure there are no connection managers running on your system. This can change channels and/or change mode without your knowledge.
  • You are physically close enough to receive both access point and wireless client packets. The wireless card strength is typically less then the AP strength.
  • Conversely, if you are too close then the received packets can be corrupted and discarded. So you cannot be too close.
  • Make sure to use the drivers specified on the wiki. Depending on the driver, some old versions do not capture all packets.
  • Ideally, connect and disconnect a wireless client normally to generate the handshake.
  • If you use the deauth technique, send the absolute minimum of packets to cause the client to reauthenticate. Normally this is a single deauth packet. Sending an excessive number of deauth packets may cause the client to fail to reconnect and thus it will not generate the four-way handshake. As well, use directed deauths, not broadcast. To confirm the client received the deauthentication packets, use tcpdump or similar to look for ACK packets back from the client. If you did not get an ACK packet back, then the client did not “hear” the deauthentication packet.
  • Try stopping the radio on the client station then restarting it.
  • Make sure you are not running any other program/process that could interfere such as connection managers, Kismet, etc.
  • Review your captured data using the WPA Packet Capture Explained tutorial to see if you can identify the problem. Such as missing AP packets, missing client packets, etc.
Так же, гляньте ваш дамп в Wireshark по фильтру EAPOL, когда будете эксперементировать с различными параметрами.
Дальше airodump-ng --bssid bssid:нашей:сетки -w testcap mon0
Забыл спросить про такую элементарную вещь, вы канал опцией -c зафиксировали?

Последний раз редактировалось Ravenous; 07.11.2012 в 21:01..
Ravenous вне форума   Ответить с цитированием