q6600 | # 881 | 2011-06-21, 11:55 | Report

do you run as root?
sudo gainroot

Estel | # 882 | 2011-06-21, 19:43 | Report

I installed fAircrack (v 0.41) without any problems - everything seems to work fine (no single error message, run through shortcut), ho ever when i test it on my network (temporaly set to WEP 128), i can't get enough ARP request = can't collect high number of IV.

I'm properly authorized with AP (tried both without MAc filter and with MAC filter on and MAC changed to authorized one" - response is "Association successful :-) (AID: 1)".

Still, when i start packet injection, can't get any ARP. I'm sure injection is working as it should, cause if in the same time i try to authenticate into network from desktop PC (using correct MAC but wrong WEP password) N900 injections catch some (3 per one authentication request from desktop) ARP and start to resent it with value close to 500 pps - ACK number indeed start to skyrocket, but ARP request stay the same.

Tried disabling and enabling authentication many times, ho ever only one ARP request that i get is one generated by other client authenticating. I even tried to set exact same MAC as my desktop PC (the other client), but nothing help to make router accept injected packets.

I suppose that problems lies in authentication - because other authenticating client generate ARP, but also, because when trying to inject that 3 sniffed ARP's, from time to time i get (in injection window) info:

"Notice: got a deauth/disassoc packet. Is the source MAC associated ?"

Ho ever, as i said authentication window is all happy and AID: 1.

---

Other side note is that there is no f***** way to get hidden SSID network in scan result (monitor mode of course) unless i directly synchronize scanning with other client attempt to authenticate. I suppose that this could be solved by deauthentication to reveal hidden networks, but i understand that there are troubles with forcing it to work.

//Suggestion
Wifite optimised to work with N900 seems to deauthenticate pretty well, and this is also script, not direct command from terminal - maybe it's method to make deauth working could be implemented into fAircrack?

StefanL | # 883 | 2011-06-21, 20:03 | Report

Thanks for the positive feed-back and suggestions; it is always appreciated.

Definitely agree with you, there are a lot of things to be learned from the other cracking/hacking applications. There are plenty of threads just by typing aircrack into the search box. My day job and the normal banalities of life keep me from spending the time I want (24/7 ) hacking around on the N900. I will be posting any new updates (with new features) as soon as I have them and am happy that they will be useable.

q6600 | # 884 | 2011-06-21, 20:04 | Report

hi
i got the same problem
"Notice: got a deauth/disassoc packet. Is the source MAC associated ?"
i had send a pm to StefanL to include in the script a force auth. how know maybe will work

Kevstacey | # 885 | 2011-06-21, 20:26 | Report

i'm having same problem as this, any fixes for it?

cheers

Kevstacey | # 886 | 2011-06-21, 21:48 | Report

anyone?

ive had a good look through the thread but dont see any fixes for this

any help appreciated cheers

windows7 | # 887 | 2011-06-21, 22:06 | Report

for a long time i had this problem,
until i realized, due to the multiboot with android,
it create what i assumed to be a maemo duplicate entry,
having boot into this latest maemo menu option the injection drivers just worked by default.
So no more need to load or unload the drivers

Patroclo | # 888 | 2011-06-21, 23:07 | Report

Newbie question: does faircrack grants complete anonymity or should one take further precautions?

Estel | # 889 | 2011-06-22, 00:22 | Report

While of course You're hacking only your own network for security purposes, the main precaution You shall do is to use "random" MAC generator (present in fAircrack) before You even start any RX/TX = before You start any attack.

If You're using passive mode, IE You just collect data (i.e. "start packet capture" button), You don't send ANY packets to given network = You're not taking any activity and in general (with few special exceptions) don't leave any traces. As name for "monitor mode" say, You're just only monitoring. Ho ever, when authenticating with AP and injecting, You're attacking actively and first + most common method of identification - if someone care - is to check attacker MAC.

Passive mode can be pretty effective if You're hacking network with many clients + authenticating quite often (= high rotation of connected users). For special cases, it may be better to sniff data for several hours then decrypt, than perform 5 min successful attack and leave traces.

Are there other means of identification than MAC? Of course they are, but as long as You're not hacking some top-secret government networks, you probably don't need to care. For example, for most phones, they can be identified even without SIM cart inserted (and most phones that aren't 10+ years old, even when turned off but with battery on place! IDK how it is with N900, but if someone know, i would love to get info about this), if they were used with SIM at least one time. So, in places with many cell base stations, it's possible to quite accurately check who and when (at the moment of attack) was close enough to AP to perform hacking attempt.

//Side note - out fellow "law enforcement" services have created many means of tracking/identification by use of most popular electronic gadget - mobile phone. Of course officially it's to help in catching serious crimes or to find stolen mobiles - even when SIM card was pulled out and phone powered down. I don't want to start any conspiracy theories here, but i never heard about any stolen phone being received by means of probing "acting dead" phones. Police just don't care enough to send GSM base station operators such a request. Still, many megawattes and processor cycles (on GSM infrastructure) are "wasted" to probe hardware identification data non-related to SIM, and to interpret that data. So, there must be really big rationale for "them" to do so

Brian_7 | # 890 | 2011-06-22, 02:24 | Report

I forgot to say that i am using kernel power V46. Do i need kernel power V47?

PS: i have the same problem with other network that doesn't have a space in its name.