Results 1 to 4 of 4

Thread: Cap files, ACKs and other

  1. #1
    Join Date
    2015-Mar
    Posts
    8

    Cap files, ACKs and other

    Hello to all of you, I have three questions.

    1. Is there any way to check is captured .cap file OK ? I can open it, but I don't know where and what to look that I know all is ok ?

    2. What this ACKs means ? What are those ?

    Screenshot from 2015-05-05 17_42_17.jpg

    And what is different in this numbers what that means ?

    Screenshot from 2015-05-05 17_55_49.jpg

    24/52, 44/78, 64/64....... and on other 0/48, 0/62,0/69..... what is better and meaning of this is ?

    3. How to find router manufactuer and model ?
    In one video I found this : http://prntscr.com/71yt1i

    I'm intrested how he do this that he can see this informations about router ?

    Thanks.

  2. #2
    Join Date
    2013-Jul
    Location
    United States
    Posts
    520
    1: In wireshark, at the top of the screen, you should see filter. Type in "EAPOL" and click apply. If you see 4 (or more) packets labeled "1 of 4" "2 of 4" "3 of 4" and "4 of 4", then you should have a good handshake. You can also open terminal and run
    Code:
    aircrack-ng /path/to/capture/cap
    This will tell you if you have a full handshake.

    2: ACK is an acknowledgement. Basically, it tells you if the target device acknowledges that you are deauthing in this case. http://searchnetworking.techtarget.com/definition/ACK

    The higher the first number is... 32/45 for example, the better. 45/45 would be better, while 0/45 is worse. AFAIK, if you receive 0/X, either the client is disconnected from the AP or you can not see the client.

    3: You can download a modified version of reaver here: https://github.com/t6x/reaver-wps-fork-t6x, follow the install instructions, and then run
    Code:
    wash -i monX -c X -g
    This will tell you a bunch of info for APs with WPS enabled. The first X is your monitor interface and the second X is the channel you want to listen on.
    Last edited by soxrok2212; 2015-05-23 at 10:55.

  3. #3
    Join Date
    2015-Mar
    Posts
    8
    Thanks for your help on this ''problems''.

    I have one more question, I got Alfa awus 036nha and compared with Tp Link 722n that I already have I don't see any difference ? The chipset is same Atheros AR9271, but why people give much money for Alfa cards when other cards with same chipset do same things. As I can see the signal strenght to AP-s are same and I do not get anything better with Alfa card. Only one thing that I can't know how to do is how to test number of injected packets per second that this card can do and then to compare them on that field.

  4. #4
    Join Date
    2014-Jun
    Posts
    71
    Yes
    with wireshark you should be able to tell.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •