The highest form of ignorance is when you reject something you don't know anything about.

Wayne Dyer (b 1940)

KisMAC Ultimate Stumbler Ressources & Troubleshoot

Troubleshooting KisMAC
KisMAC Tutorial 

Resources 
If you leave a comment or if your question is somewhat technical, please include detailed information


KALI Reporter.app will do that for you!
Either visualize the report and post your system profile/info needed, or if you do not want the info to be seen publicly, just send the report via email. KALI Reporter takes care of everything.  Please don't email your question.... post it on the blog.



Troubleshooting KisMAC

KisMAC 0.3+  Bugs
KisMAC 0.3+  Issues
KisMAC 0.3+  Not Working

KisMAC 0.3+  Bugs, KisMAC 0.3+  Issues, KisMAC 0.3 Not Working

-Did you noticed that KisMAC 0.3 is for Snow Leopard 10.6 ? and not for 10.5? ok....

Can't Scan with KisMAC 0.3

"NOTE: If a previous installation of KisMAC has been used, please make sure to delete the following files,  if they exist:"  ( '~' is your home folder) (Using App Cleaner IS a GOOD IDEA)

  • ~/Library/Preferences/de.binaervarianz.kismac.plist
  • ~/Library/Preferences/com.kismac-ng.kismac.plist
  • ~/Library/Preferences/org.kismac-ng.kismac.plist


Message
Could not instantiate driver. KisMAC has not been able to load the driver backend
Could not initiate driver. KisMAC has not been able to……












Whatever you do, if you have an injection device (WIFI card or USB Adapter)
DO NOT install the drivers of the card / USB adapter unless you have read this post

Possible causes:
You have NOT selected "Use As Primary device"
You Have NO Drivers selected
You have Selected the wrong one
Your Chipset is not supported (see Hardware list)
The Chipset of your USB Network Adapter is not correct (See FCC Number)
In order to avoid those issues => Best Wifi Card for KisMAC

If you look in your console.log (Spotlight >> Console)
you'll probably see a lot of lines with KiMAC as "sender" and an error messages such as:

KisMAC[2928]    vendor 1452 vendorId 3574 product 32773 productId 38674
KisMAC[2928]    Matching finished
KisMAC[2928]    Error could not instantiate driver WaveDriverUSBRalinkRT73
Reading the last line, you can easily guess where the issue comes from: RT73 driver can't be loaded. Why? because you specified to KisMAC not to, or Specified to KisMAC to load the wrong one.
Solutions
Select Appropriate Driver or use the proper USB Network Adapter. You may need to Force Quit the application
You have installed drivers provided with the CD of your USB Network Adapter.
Solution 1:Time machine? if you have Time Machine set up, pat yourself on the shoulder: smart guy!
If not, time to think about it and move onto Solution 1.5

Solution 1.5:
Uninstall the drivers* and the all shebang provided with your injection device
including the proper .plist for Kismac
use AppCleaner to remove all .plist
OR if you had a previous install, remove the following, if any:
~/Library/Preferences/de.binaervarianz.kismac.plist (where '~' is your home folder)
~/Library/Preferences/com.kismac-ng.kismac.plist (where '~' is your home folder)
~/Library/Preferences/org.kismac-ng.kismac.plist (where '~' is your home folder)
(told ya' use AppCleaner)

Solution 2: If, after uninstalling the drivers*, the problem persist, -and- you have trouble with your Airport Extreme, you may be in for a shitload.
Uninstall KisMAC, and re-install


Injection does not work
- Check that your device (USB/Card) is able to inject,  => see Best Wifi Card for KisMAC
- Test injection: Tab “NETWORK” >>>”Test injection”









- Check that you have checked the box “use as primary device” in tab Preference >>> Drivers
- Check that you have the proper driver/chipset selected i.e. USB RT73 or USB RT2570 (Preferences >>>Driver)
- Check that proper channel is selected. One channel only: You cannot inject while Channel hoping is selected

- As stated, be very careful to have the proper chipset, otherwise: nada!
Word of advice, I would suggest you to test the hardware in a “brick and mortar” shop before you buy something that will not work, or take my word and experience for it, and purchase the best card available for KisMAC, it's less than $35 and allows you to get a signal up to 1 mile. it's 20x more powerful than an Hawking.

Reinjection Not Working

If you have tested the Re-injection and your card should re-inject packets, you may have the following issue(s)
- Your card is not powerful enough for the signal to reach the AP => get this one: Best Wifi Card for KisMAC
- There is not enough "good" traffic on the network. IV's (Initialization Vectors) are only about 5% of good traffic.
You also have the remote possibility to have encountered a very rare breed of APs: The one equipped with "WIPS" (Wireless Intrusion Protection System). In that case, Passive Mode is the solution.

If you want to know more, here is an excerpt from the KisMAC FAQ.

"What is packet reinjection?

802.11 requires frame retransmissions in the case of loss, so it may be possible for an attacker to retransmit a frame and replacement injected frame to be accepted as legitimate. Frames on wireless networks can easily be tampered with or forged outright, and the protocol does not provide a way to easily stop or even detect such attacks. Acknowledgment (ACK) and Address Resolution Protocol (ARP) are the management frames that are likely to generate responses from the client and AP

Packet reinjection is a very advanced WEP cracking technique. Be aware that this is the bleeding edge of technology, so it might not work every time. When you use this attack, KisMAC will try to find packets that will cause another computer to respond. The program will then send these packets over and over again. If KisMAC detects answers, it will go into injection mode.....   Please be aware that all detections are of a heuristic nature, therefore it might not always be working" 
Source:  KisMAC


Packet collection is very slow
It’s probably because the network is not very active (low traffic). Just go on YouTube, watch few videos and the packet collection should increase very quickly.

Crack does not work
-Well, as stated in the FAQ, Injection is the bleeding edge of this technology, and I have experienced myself some failures with my own network: I was unable to crack my own key with more than 1,000,000 unique IV’s.
Other possible causes:
The key was changed during the collection
You have selected a 40/64-bit WEP when the key is 104/128-bit WEP, so in doubt, play safe and select both
You have encountered a SOL error: Shit Out of Luck

The wpa key could not be recovered because of the following reason:
the key was none of the tested passwords.."

Most likely, your dictionary file does not contain the exact password, read the article about wordlists.


WPA Reinjection Does Not Work
please note that RE-Injection and Injection are not the same. 

-WPA RE-injection will not work, you can only RE-inject on WEP network, if you have an injection device.  (i.e When you Deauthenticate , you are injecting frames)

KisMAC Crash on WPA Wordlist
KisMAC Can't Perform Injection Test
This is bug with KisMAC 0.3.3 while on 64-bit
Go to Applications >> KisMAC.app >> Get Info
Check "Open in 32-bit Mode"  and restart. 
 


Could not load Airport Driver

KisMAC could not attach to the Apple Airport Driver



This Error Can Have Multiple Origins,  Please Read Carefully.

 KisMAC could not attach to the Apple Airport Driver
 In Preferences >>> Driver
You may not have selected any Driver  (Apple Extreme, RT73, etc etc )and pressed the "Start Scan" button multiple times, this provokes a freeze and return this error.
The "Start Scan" button looks like the one in the picture below (button engaged)
The solution is a Force Quit and to select a correct driver in Preferences >> Driver













KisMAC could not attach to the Apple Airport Driver
Cause: Airport, Airport Extreme in ACTIVE Mode
This issue is fairly new and is related to the brand new Snow Leopard (10.6)
You have this error because you have selected Active Mode
Close KisMAC , re-open and select Passive Mode.
Do not use Active Mode with OS X 10.6 until further notice.



No Driver Selected
Please Select a WIFI Driver










Go back to Preferences and Select a Driver
i.e.  Airport Extreme Passive Mode, USB RT73 Device, or else.

KisMAC Ch/Re Gem
The Ch/Re Gem is situated on the last  column, right after "last seen"
Ch/Re stands for Challenge / Response
 The Gems have 3 colors possible: Green, Orange and Red and the meaning will depends on the type of encryption of the Channel/Network
 





Enc = NO 
The Network has no encryption (Open), (under column "Type") the Ch/Re Gem is green by default
Enc = WEP
The Network is encrypted by a WEP key, the Ch/Re Gem is red by default and indicates that Kismac does not have recovered a key (yet)  No Challenge or No Reponse
Green Challenge or Response
Orange  has a Challenge OR a Response
Enc = WPA
Red: No handshakes captured, don't even try a wordlist
Orange:  Capture Started (?)
Green: Handshake Captured


KisMAC Freezes
KisMAC Hangs 

KisMAC Freeze, KisMAC is hanging, KisMAC Freezes, PinWheel KisMAC

If KisMAC Freezes after few seconds, and hangs (Pinwheel) the first cause that comes to my mind is that you are using (listening to) the wrong channels. 
If you are in USA, you should not be using Channels 12,13 & 14 (Europe and Japan)
If you are in Europe, You should not be using Channel 14 (Japan Only)

Just uncheck 12,13 & 14, that should resolve the problem. 

Possible cause: Channels 12,13 & 14 are close to the microwave range and cordless phones (old ones)
It's possible that you are listening to your coffee or pop corn. 
A second cause could be a large number of router using the same channels (often Ch 6), it may also create issues on your own network. In that case, just switch channels and you'll see an improvement in your Network quality

Can't Collect IV's
Can't Collect Packets
Packets Collection is very slow

I have received a lot of questions about this issue. The most probable cause is a non active network.
A non active or slow network (low traffic) is what makes the collection very slow.
KisMAC in passive mode is like trying to collect rain water: The more it rains, the more you can collect. That simple! If it does not rain .... or very little ... you got the idea!
A good wifi card will help you solve this issue

After receiving 10 + questions on the subject, here is an example of a near silent network:










As you can see 614,847 management packet (beacon) and only 25,945 Data Packets (the good stuff)
so, 615,902 junk.
This network is simply "on" but not used, hence, as long as there is no valid traffic, you need to be more than extremely patient 

Other possible cause: You may be listening to a Probe, or a Router not connected to the internet, or someone that left his router on, but does not use it.   Read the post till the end... 

Here is what I have tested with active networks, and very active networks. It clearly shows that the collection of IV's is related to the traffic. 
The test is with an Airport Extreme, Passive Mode,  NO Re-injection
It took me 5 minutes to reach 130,000 IV on very active network, and 126 min on Active.
For the numerous persons that still believe that Kismac can not crack on Airport Extreme, the following is going to be surprising: 

Very Active Network
Time : 0:02:05  2min, 5 sec
Bytes: 83.42 MiB
Packets 58,423
Unique IV in 0:02:05 = 57,016
U IV/Sec  = 456.12 
Theoretical Time to reach:
130,000 = 285 sec = 4.75 min
200,000 = 438 sec = 7.30 min
300,000 = 658 sec = 11.0 min

Active Network 
Time 03:23:50 3hrs 23 min 50 sec
Unique IV's in 03:23:50 = 210,216
U IV/Sec  = 17.18 
Theoretical Time to reach:
130,000 = 126 min
200,000 = 191 min
300,000 = 285min



1 As Kismac has loaded the Airport Driver, he has control over it. Proof that this is on Airport and not on USB
2 Time
3 Packets
4 Unique IV's Collected with Airport Extreme on Passive Mode.













Kismac still on Airport
b Time  2min and 5 sec
c Unique IV's Collected with Airport Extreme on Passive Mode. = 57,016 in 2 minutes, roughly 11 min to 300,000
d Bytes = 83.42 MiB for 57,000 IV's












Hence, Kismac does work on Passive Mode, and yes, you can crack on Passive mode without Re-Injection. If you can't, it's probably because of the network quality or simply because you may have selected a wrong parameter.


Test Your Own 
One way to be sure is to test your collection speed: 
Go to a friend's house , Start KisMAC , and ask your friend to watch multiple Youtube Video on its network. You want to push the router to the max. 
You'll be then able to see if the issue is due to slow network or not. 
While you're at it, ask your friend to run KisMAC too: You'll be surprised to realize that you can: 
A) exchange PCAP dump files and try multiple cracks on multiple networks
B) if using Re-injection, notice that ONE device will make ALL Macbooks able to pick up the responses


Macbook does not detect edimax ew-7318usg

It's NORMAL!  Don't panic!!!
Your Macbook can NOT detect your Edimax, because your driver(s) are not installed.
KisMAC will detect your edimax, under Preferences >> Driver >> use USB RT73 Device
DO NOT INSTALL the Drivers provided with the install CD of your Edimax unless you have that!
if you do so, or have done so, please refer to Troubleshooting KisMAC. 
  
Kismac weak scheduling attack takes a long time
A Weak Scheduling attack may take some time, but you (yes, YOU) can make much faster:
Don't start cracking unless you have a mini of 130,000 IV's 
200,000 is recommended 
You may have collected corrupted packets, Sorry: S.O.L , try again
Rule of Thumb: The More IV's Collected, The Faster The Crack Will Be.

Another solution is to install Aircrack-ng:  Collect packets (collect or re-inject) with KisMAC, Crack with Aircrack-ng: it's 10 X faster
How Many packets I need for WPA? 
None! For WPA,  you need to capture the Handshakes.
Look at the Ch/Re Gem indicator , or read the post related to that question. 

How Many unique IV's for WEP? 
Number of unique ivs needed kismac?
KisMAC: It is recommended to start at a minimum of 150,000 unique IV's
You can always try under, but it will probably fail or the key recovery may take much longer.
Aircrack-ng:  As little as 40,000  20,000

How fast can I successfully crack a WEP or WPA?
How fast can you crack a WEP key?

You just opened a can of worms ...
WEP
KisMAC: The more IV's you have collected, the faster the crack should be.
I have successfully cracked my own WEP key in less than 3 sec (128 bits key)
I also have, on the same key, spent hours with no success, .... I had up to 2 millions IV's
I suppose some frames were corrupted, but I can't say for sure.  I made a Video on YouTube showing a crack in less than 3 seconds.
Aircrack-ng: 1 second on a 64 bit key with 40,000 IV's 

WPA
It will depend on your password. If you use a dummy password*: between 5 sec and few hours.
If you use a GRC generated password, you better explain to your kids how to do it: they will continue your work long after you'll be dead.  Seriously!

If you NEED an internet connection because you just moved, are in a new place, can't afford the monthly overpriced FIOS or UberDuper connection, then you'll need a SA-6p, SA-12PSA or SA-24PO
it's not software anymore, it's hardware, but I was successful in cracking a WPA2 in very, very, little time.  
I have heard of BIM attack with Ha100B series, but I never tried it myself.

BTW: Dummy passwords:  lists ARE available :-),  I URGE you to use very serious password and avoid at any cost guessable passwords such as: 123456, 1234567, password, letmein, mustang, iloveyou, etc etc ... 

PCAP Dump
When you check the box "Keep everything" it start saving a file where a bunch of details are kept.
This file is accessible for later review (advanced user only, please) you can use Wireshark to read that file and discover all the little tiny details ;-) 


Console Log  (from Console.app)
it's the log of what is happening behind the doors when you use your computer.
If you keep console log open, you may find messages such as "Warning, deauthentication Frame received"
It means that somebody is trying to penetrate your network with a Deauthentication attack. (more exactly, trying to force capture the handshakes)



KisMAC Freeze, KisMAC is hanging, KisMAC Freezes, PinWheel KisMAC

201 comments:

  1. Goodmornig,
    sorry but i have a problem,
    when i use Kismac, in all network, when i start scan and after captured very very packets i dont see no one unique IV's, Why? i dont understan
    thank you very much!

    ReplyDelete
  2. mini16max

    I need to know how many packets, data packets and Iv's
    also, looking into your console log may help.

    ReplyDelete
  3. Hi there,
    Your guide is thorough and awesome!

    I've downloaded the 0.3 version of kisMAC few days ago. I'm running on OS X 10.6.2, I don't have any external USB wireless card so I'm just using the Airport Extreme card in my 2.5 years old MacBook.

    First thing I'd like to report is crashing of kisMAC. Sometimes it crashes after about half an hour of use, sometimes a bit longer, 2 or 3 hours.

    The IV collect rate is very low, (that's why I've been running kisMAC for hours) guess it's either the signal from the network not strong enough or the network not very active. I could only ever manage to collect a couple thousands unique IVs.

    As for WAP networks, must I use deauthentication in order to receive the handshake? As I don't have an external wireless card to do so, will i be able to pick up the handshake just by waiting for a (much?) longer time? I've never seen the Ch gem turned orange or green.

    ReplyDelete
  4. Crash: If you had a previous install of KisMAC, you MUST remove the .plist previously installed.
    I would un-install everything and re-install clear of any previous plist.

    You can also run Console.app to have an idea of what crashes.

    "Airport Extreme card in my 2.5 years old MacBook"

    Be sure to have the latest Airport Drivers. Apple update.....

    IV collect rate:
    The network is not very active. just slow. Try with a friend and start using Youtube, you'll see the rate going up very fast.

    Signal: You can see the signal on KisMAC, as well as the transmit rate

    WPA, not WAP

    WPA is very serious business.
    Unless you have an idea of the "password range" or the password used is a dummy one, you're in for a very very very long time.

    Deauthentication is an attack.
    It forces the router to "re-send" the handsakes.
    To deauthenticate, you need to be able to inject the network with data, hence it does not work with Airport Extreme.
    AE on Passive mode is only listening, Hence it may take a very long time to capture the handshakes (router on/off, re-setting the connection, etc ...)
    The good point is that you are on "Stealth Mode". When using dehauth, it will reveal that the network is under attack. (if the other party pays attention)

    Let me know if we have any progress...

    ReplyDelete
  5. "have tried to crack a WEP network without injection, I follow all the steps and it says crack was successful and gives me a key, but the key does not work when I try to use it. I then tried to crack the network again and was given a different key, which also didnt work. Then I tried to crack nother WEP network and was again given a key that did not work, anyone have any ideas what is the problem here?"

    ReplyDelete
  6. Erik,
    I need to know: KisMac Version, Airport Version and OS Version too.
    Also,
    Did you enter the Hex key or the ASCII key?
    Did you keep the PCAP dump? (keep everything option)

    ReplyDelete
  7. Hi Erik,

    first, thx for your tuto, it s really helping for me. Shame that there s still some people who can't get properly what s been told... anyway

    i ve got a prob, as you can guess
    and i ve been on forums and everything but in vain

    everything went well till I ask kM to crack... I collected like 180000 packages...
    first time it stopped to 6000 keys, then told me it couldn t make it coz lack of keys or etc...
    then crached...

    second time same thing around 7000 keys, stop, same message but no crash...
    it s always the same now... stopping within 6000 - 8000 then message and no crash

    clues: macbook pro last generation (june 09); snow L; used in passif mode (hours); when i ask to crack my cpu goes like 90°C, fans up to 4000 RPM and cpu usage is 90%, kissMac 0.3...

    file (dump log) too big ?

    well i dunno, do you know what s happening ?


    thank you indeed for your time

    Bo

    ReplyDelete
  8. Bo,
    Packages? do you mean Packets or IV's?
    Start Cracking at 130,000 IV's 200,000 recommended

    Crash: read the install part with the removal of prior .plists

    Dump file too big: Nope! I have PCAP Dump files of 800 MB

    Temp:
    Give the MAc some air. place a pen to lift it a little.
    4000 RPM is ok as they can o up to 6000
    The more IV's, the less time, the less heat ....

    Last possibility: you have captured corrupted frames or packets and in that case, sorry ... re-start again ...

    ReplyDelete
  9. 180,000 IV's
    but it crashes/stop while scanning/cracking the IVs with 6000 and 8000 keys

    ow, is keys and IVs different things ? thaught it has to go till 180000 keys when cracking.. if it s diff things and that there are only 7000 keys into 180000 IVs, I juste have to start again and inceeased the amount of IVs, right ?

    the install part is correct i think, first time i got kM and the latest version... anyway, there s no crash anymore.. but if you say that I MUST, I ll do it.

    temp: alright, it already lift a little with cd's

    (damn, instant reply, good job here)

    ReplyDelete
  10. Packets = packets sent/received
    IVs = Initialization Vectors
    Key = password (tested or not)
    3 different things

    180,000 IVs is the lower end. recommended to crack at 200,000
    300,000 is a good number.
    you always have the possibility to have captured corrupted frames, in that case, you are SOL and need to restart everything.
    If after 30min you have not found the key, I would dump the file and restart.

    ReplyDelete
  11. Alright thx
    I ll go till 300000
    one last question can I stop scanning when i need my wifi back and going back on scannig just after or i havé to scan the whole 300000 at once?
    I ll let you if it worked out. Thx a lot

    ReplyDelete
  12. Hey man,

    First of great great great guide. good tips and nice video. now i have a problem. ihave tons and tons of packets my computer is reciving but the Unique IV's have been sitting at 18 for the past 2 hours. am i SOL or should i be doing something else?

    Im just using aiport no external USB thingy.

    Thanks a lot!

    ReplyDelete
  13. Gop said...
    Alright thx, I ll go till 300000
    one last question can I stop scanning when i need my wifi back and going back on scannig just after or i havé to scan the whole 300000 at once?
    I ll let you if it worked out. Thx a lot

    To Gop
    If you have saved the kismac file, you should have no issues. Just reload the file and keep on scanning.
    If the file contains corrupted frames, then you are SOL.

    ReplyDelete
  14. To John
    "i have tons and tons of packets"

    You need to look at "Can't collect IV's" post on this article.
    You have a pic a example
    I need to know what type of packets you are referring to:

    Packets = (Data + Management)
    Data Packets (good)
    Management Packets (trash)

    2 solutions:
    1) You are listening to a router with no traffic. just "on", only sending management packets.

    2) No or very little traffic

    Just make a test on a very active network to see if it works or change something.
    be sure to listen to one channel only.

    ReplyDelete
  15. Well, it worked. I disabled Growl, no crashes anymore, don't really know if it's relevant.

    But anyway, thx for everything. If I can do anything, rate something or whatever, just let me know...

    Wish you great moments with family and friends this chrimas eve.

    Bo

    ReplyDelete
  16. Thanks a bunch,
    It never crossed my mind that growl could interfere.
    If you want to spread the good word, feel free.

    ReplyDelete
  17. Hi there!

    This is a great tutorial you have here man!

    I've followed the steps on your Youtube video, and still for 270.000 IV's it takes like 1003,000 keys of scheduling attack for a WEP, and I stopped (I tried twice). I'm on Leopard with Airport.

    And a strange thing happened last week. I've collected like 200.000 IV's and the schedule attack was going one while I was doing other things. When I checked (after a short time) I saw that the network I was cracking had the green color (instead of the red one). But the password didn't appear anywhere, I tried to "Join network" with kismac but it said there was no password :S

    Anyone knows what's going on? Thanks in advance!

    ReplyDelete
  18. thanks, I learned a lot from this post!

    ReplyDelete
  19. Hey thanks a lot for making this blog, it's awesome. Just a random non-troubleshooting question as I'm just starting out and so far everything is working for me, albeit slowly. How do packets get "corrupted"? Is there anything I can do during the collection process to minimize this?

    ReplyDelete
  20. To Micheal.
    "How do packets get "corrupted"? Is there anything I can do during the collection process to minimize this?"

    Sorry, I have no idea if there is something that can be done to avoid corrupted frames or packets.

    ReplyDelete
  21. To Anonymous
    "...and still for 270.000 IV's it takes like 1003,000 keys of scheduling attack for a WEP."

    This is abnormal. Corrupted frames ... (that's my best excuse)

    Green dot:
    I don't have ESP, I need to know:

    re-injection / no re-injection?
    Normally no, otherwise you would have mentioned a USB NTWK adapter.
    Passive mode ?
    KisMAC V?
    Leopard V?
    Airport V?

    ReplyDelete
  22. Hello ! I am looking for a PCI network card which support injection but is also a 802.11n card, which one should I buy ? How to know if a card is a RT73 device ? Thanks !

    ReplyDelete
  23. RT73 chipset
    http://aloah.free.fr/mactips/Hardware.html

    or the Kismac website

    ReplyDelete
  24. Hi
    it's me again, Bo (gop)
    I bought rt73 ship device (hawking HWUG1)
    Everything works fine till I inject packets...

    It get stuck on "waiting for interesting packets ..."
    it still scans but never goes "got a valid.."

    How come ?

    Thx a lot

    Bo

    ReplyDelete
  25. Bo,
    that will depend on the network you are scanning.
    Data packets and management packets are not the same. management packets are of very little value.

    S1= The network is not active, hence there is nothing to re-inject.
    S2= unlikely but there is the possibility that the router detects the injection and change channels.

    Try with your own network and test it. if you watch a youtube video in the same time, you should be able to do it in few seconds.
    look at the example given in this article: Can't collect IV's

    ReplyDelete
  26. Well, it collect IV's... can see it on the IV's amount.
    I was reading kM's forum threads, I'm quite confuse on wich device working on Intel MBP.

    I got the very late MBP intel core 2 duo, does HWUG1 works with injection ? Are you using an Intel MBP with yours ?

    If not, hope I can send it back!
    If not, what are the USB devices working with Intel MBP on injection mode ?

    B

    ReplyDelete
  27. Hello, and first of all.. thanks for this excellent tool!

    ..I have an issue with KisMAC "hanging" for some minutes in a specific channel... it's not always the same, but 'till this moment it has only happened with ch 11, 12, 13 and 14... the other channels pass fast, but on these channels it "hangs" for some minutes and then continues the scan...

    I'm using a Macbook, Snow Leopard, KisMAC 0.3 (first install ever) and Airport in passive mode.

    Console is reporting this error:

    .org.kismac-ng[178] Error Domain=APPLE80211_ERROR_DOMAIN Code=-3900 "The operation could not\u2019t be completed. (APPLE80211_ERROR_DOMAIN error -3900.)"

    Any thoughts of what might be causing this issue?

    Thank you.

    ReplyDelete
  28. EM:

    [ Take this answer with a grain of salt ]

    -Theoretically-, you should not use the channels 12, 13 and 14 if you are in the USA.
    It's possible that it creates some sort of issue. (interferences)
    If someone emits in channel 12,13,14 in the US, they are up to no good.

    Try un-checking them in the preferences pane.

    let me know

    ReplyDelete
  29. Hi again,

    If I uncheck those channels all seems to work fine.

    PS: Actually I'm not in the US (currently in Brazil, but I'm from Portugal, Europe)... and I don't know if those channels are used here or not... (that's why I tried to scan them aswell) :)

    Best regards!

    ReplyDelete
  30. Bom dia,
    Glad it worked. You were probably listening to a microwave or else:-)
    To the best of my knowledge, only Japan allows Ch 14.

    It can also happen that in dense wi-fi area, a wi-fi pollution occurs: Too many people on the same channel may cause a decrease in speed or breaks in connection.

    about.com
    "Home wireless networks based on the 802.11b or 802.11g standards transmit their signal in a narrow radio frequency range of 2.4 GHz. Various other electronic devices in a home, such as cordless phones, garage door openers, baby monitors, and microwave ovens, may use this same frequency range. Any such device can interfere with a Wi-Fi home network, slowing down its performance and potentially breaking network connections."

    ReplyDelete
  31. Man, I'm sorry.
    It's finally working...
    Don't really know what happened.

    Anyway, thx again for everything!

    B

    ReplyDelete
  32. Hey there,

    Thanks a lot for the videos and website!

    I have OS X 10.4.11 and I dl kismac 0.2.99 and got myself the Hawking HWUG1... My problem is that each time I start injecting packets, Kismac crashes! Each and everytime that the usb key starts flashing, 3 seconds after it always crash...

    I dunno why is this happening, I have all the settings correct... I would really appreciate some help. Thanks a lot!

    ReplyDelete
  33. Omkara:

    looks like a driver issue ...

    OS Tiger? Well, ahem ... upgrade???? :-)

    If there is a crash, there is a trace in the Console.log , that's where you should start looking.

    HWUG1: Check your FCC number, just in case

    ReplyDelete
  34. Thanks for the great blogs. (Y)

    So far I have been lucky enough to get away without having to bug you for a question, but I'm at a loss now.

    Firstly and most annoyingly, I cannot seem to inject packages in to a WEP network anymore. The first time I tried KisMAC it worked perfectly (working chipset, same router, etc.) - now it just waits on interesting packets, best I got was 4 or so before it went back to 0.

    Secondly, I tried the Newshame 21-bit attack and found out it works brilliantly (under 20s having just started collecting packets) but the key it gives me is "for Key 0" or something (no ASCII key if that helps). Entering that key with/without punctuation in the required "WEP password" field gives no results what-so-ever.

    Do I have to convert it or something? I'm really clueless at the moment. (For injection, I run on average with a signal of 20~ to the router if this influences how effectively it can inject - I did hit a max of 180 or so when I had about 3-4 responses, before leisurely hitting 0 again.)

    Thanks a million, keep up the solid effort.

    ReplyDelete
  35. ok. I am trying to crack a WEP with airport extreme, passive mode. but every time i try to start the collecting IVs it gives me the error message "no primary device has been selected." Can anyone help?

    ReplyDelete
  36. Anonymous AKA dkruger12
    Your question is the 101 of KisMAC

    You REALLY need to READ carefully the following post:
    http://easymactips.blogspot.com/2009/03/kismac-ultimate-wifi-stumbler.html

    ReplyDelete
  37. Sean:

    OS?
    KisMAC V?
    Console?
    Network Adapter?

    ReplyDelete
  38. Thanks for the speedy reply, I wasn't expecting it so soon (just got back home).

    I'm currently running KisMAC 0.2.9 on a Mac OS X 10.5.8 trying to crack a Cisco-Linksys.

    What perplexes me is I've done it all before, and it all worked...
    Also, is the "... for Key 0" code I cracked in 20s useful? I obtained it with the Newsham 21-bit attack.

    Thanks again.

    ReplyDelete
  39. ok,
    now we have the OS and the Kismac version.

    Network Adapter + FCC number?
    Console log ?

    ReplyDelete
  40. I'm too "noob" to give you either of those.
    What about the Newsham 21-bit key I got? Is that useful in any way?
    I also accidentally deleted my last 2 days of leeching, I was at about 1,200,000 packets and 55,000 IV's, would that have been enough?

    Thanks. (Y)

    ReplyDelete
  41. Sean,
    "noob" is not an issue, or an excuse.
    what I am trying to do here is to teach you how to fish instead of giving you the fish.
    unless Google is broken you can try: "console + mac" and "FCC number"

    console is the second thing you should turn on after KisMAC
    FFC # will tell us what is the chipset on your usb thingy

    you can find a contact email in the Q&A and em me if you do not want to publish the key found.

    ReplyDelete
  42. Hi there, this is my second post! It took me a while to figure out how to know if I had the correct chipset but it seems I have (NDD957318s607). Do you think the problem (crashing when injecting packets) can be resolved if I upgrade my OS(currently 10.4.)?

    Thanks a lot for your earlier reply and for all the help you're giving.

    Omkara

    ReplyDelete
  43. Omkara:
    So you have a RT73 Chipset.
    The latest V of Kismac is more stable than the previous, but there is no guarantee that it will be "perfect" if you upgrade your OS.
    I have some crashes too. Rare, but it happens.
    After all, it's your call. But I like Snow Leopard a lot....

    ReplyDelete
  44. Hey there!
    Can't believe you are seriously answering all the questions... therefore I'll try my luck =)
    Alright, system specifications:
    - OSX Snow Leopard 10.6.2
    - KisMAC V. 10.3
    - D-Link DWL-G122, H/W Ver.: C1

    Ok... then here we go. I was trying to test my own network. Therefore I scanned with my MacBook while connecting to the network with my other Notebook. I'm using WPA encryption, therefore tried to collect handshakes. Well, Growl tells me that I got the 4-way handshakes (challenge, response). I did it a couple of times, just to make sure that I have enough handshakes. Then I used the wordlist crack with a textfile which definitely had my password in it, since I created it. I read that one possible reason could've been the missing return key, so I pasted couple words before and after the real one, still no luck. Then I tried to dump every data and tried to crack it with aircrack-ng. For some reason aircrack-ng tells me that in the dump file, which KisMAC created, there are no handshakes for my network. So I'm little confused if either KisMAC has a bug, since the gem turns green, or the dumpfile is corrupted?! I hope you're understanding what I'm trying to get at. Plus, aircrack-ng tell me something of "read(file header) failed: Undefined error: 0. Is the dump file a normal text file? Because I tried to open it in TextEdit, but it's all encrypted ;)
    Hope you can help.
    Thanks in advance!

    Cheers,
    Christian

    ReplyDelete
  45. Christian,
    No, I do not answer all the questions. Some of them are stuck for ever in the "How Not to go about things" ;-)

    Handshakes: I am not sure why multiple set of handshakes are better? Only one set is necessary. You can use a Deauthenticate attack to speed up.

    PCAP Dump:
    Not a normal text file
    To read, You can use either:
    KisMAC >> File >> Decrypt PCAP Dump or Wireshark. Download Wireshark from http://themacschool.blogspot.com
    As you mentioned Aircrack, you'll be able to use Wireshark: it's not for everybody

    Wordlist:
    txt file, not RTF or else
    password must me entered "verbatim"
    be careful to not have a space after the word(otherwise your password is pswd+space) and leave a blank line at the end of the file.

    Let's say that your pswd is: 12345678

    Dic file: anyname.txt

    [SOF]
    qwertyuo
    qwertyui
    qwertyuop
    qwertyuiopa
    12345678
    {blank line inserted here}
    [EOF]

    A bad example below: the numbers are ok, but the words have an extra space at the end. (also, WPA is 8CH mini)
    [SOF]
    123456
    password
    12345678
    1234
    pussycat
    12345
    dragon
    qwerty
    696969
    mustang
    letmein
    baseball
    [EOF]

    Also, disable Growl for a test and use Console.app for messages.
    Let me know ...

    ReplyDelete
  46. I am new to all of this and I need help! I have been running my computer for 20hrs trying to get KisMac (0.2.99)to work on my G4 quicksilver will (0.3) work for me or am I SOL? Is it normal for it to take hours on end to get 200 or 300,000 IVs? Please help!!!!!!

    ReplyDelete
  47. Newguy,

    KisMAC 0.3 is for Snow Leopard 10.6 only.

    Collecting IV's

    http://easymactips.blogspot.com/2009/07/kismac-ultimate-stumbler-ressources.html

    ReplyDelete
  48. I have a mbp and I'm using a rtl8187 chip. I've been collecting packets for 2 days now and I'm still at 40,000 iv's when I try a deauth it doesn't increase the speed and I also try re-inject and its stuck saying 0 interesting packets and still taking forever. About 15,000 iv's every 12 hrs. Is there a reason it's so slow? What can I do to make it faster?

    ReplyDelete
  49. Blufloyd6:

    All your questions have been previously answered.
    Furthermore, why would you use Deauth when you are collecting packets? what are you trying to do? A WEP or WPA?

    Here is a copy of what was asked first:
    If your question is somewhat technical, please state your:
    >> OS + KisMAC Versions
    >> Type of Network Adapter + FCC number
    >> Errors in console log (no need to send me the 4000 last lines)

    Then again ...
    I have received a lot of questions about this issue. The most probable cause is a non active network.
    A non active or slow network (low traffic) is what makes the collection very slow.
    KisMAC in passive mode is like trying to collect rain water: The more it rains, the more you can collect. That simple! If it does not rain .... or very little ... you got the idea!

    ReplyDelete
  50. Hi,
    Could you please explain what hardware do you mean by "SA-6p, SA-12PSA or SA-24PO"? I've tried googling these, but wasn't able to find anything useful(
    Thank you.

    ReplyDelete
  51. Genka:

    The SA series is a set of hardware used to crack WPA at very high speed.
    This Attack does not work on the network itself, but on the owner of the network.
    It is, to the best of my knowledge and experience, one of the most successful technique; Specially if you are in a building.
    The higher the number, the greater the chance.

    SA-6P: Sam Adams 6 pack
    SA-12PSA: Sam Adams 12 Pack, Summer Ale
    SA-24PO: Sam Adams 24 Pack, Original

    Believe me: It will take you less time to get the password with a SA-12PSA than a bruteforce.

    Just Ask your neihgbor politely, and use the SA as a lubricant.
    If your neigbor is a she, a small CH/F works at 99% success rate.
    (Chocolate or Flowers)

    ReplyDelete
  52. Hey! Thanks for all the information you provided! Helped alot! BUT I think that the Q&A part on this page is pretty useless and missing its purpose. I get that stupid questions can be annoying, but it would be totally enough to say "Watch the video carefully before asking, I wont answer stupid questions" Normally people look at the Q&A topic to see if there might be something they are looking for, but all they will are sarcastic comments by you, SO unnecessary . Thats all. I|m doing tutorials myself and think its really inappropriate, there are always people less familiar with what they are trying to do. Anyways, thanks again, A* Tutorial.

    ReplyDelete
  53. Anonyous
    You have a point, but to be honest with you, When the question is properly formulated I make an effort.

    The main issue is a sense of entitlement. Some people believe that they are entitled to anything, hence believing that no efforts whatsoever is required.


    I remove or delete about 5 posts per week, often because the question has been answered 5 times previously. Stating to watch the video carefully is not enough for some. Take a look at the section "how not to go about things" and multiply that by 10. I perfectly understand that nobody is born with knowledge, but when asked to, at least provide the OS & KisMAC version, you still have 60% of question that are "IDK, not working" it's a little bit too much.
    Even with a very powerful ESP, there is nothing I can do.

    When somebody make a minimal efort, i.e reading, I am willing to help.

    Example:

    Q: Where do you get the Dictionary list? can you also make a tutrorial for a bruteforce cracking?

    DO you REALLY think he watched the video?? or read anything? The Answers are repeated 3 times!
    He is either not interested in learning how to use KisMAC or expect that somebody will chew his food for him. No Thanks.


    Q&A: I answer where people post their questions

    Sarcasm: Some like it, some don't. I do.

    "I think that the Q&A part on this page is pretty useless and missing its purpose"

    I hope that you noted that this blog contains multiple Kismac post, 5 to be exact. Including a Q&A not on this post. ;-)

    ReplyDelete
  54. When viewing properties of a network i see that my "Channel" and "Main Channel" entries are different. Which channel should i set my preferences to? "Main" or "Channel"?

    ReplyDelete
  55. Hello mate,
    First of all, thanks for all this useful information, really it helped, the first time, yes, I was able to crack "my router" but when I tried to crack my "second router" i couldnt.
    When I get to the part of reinject packets, it just stays in 'Waiting for interesting packets' and it just keeps like that for a long time, whereas the last time did it in no time.
    I have checked the box use as primary, selected only one channel, and the packets are going up(very slow tho).
    Furthermore, I have tested the injection and 1 trough 18 are green dots, the last ones are red.
    I just dont know what seems to be the problem, any help at all should be greatly apreciated, since we are students and lack the economical power to adquire our own private modem.

    ReplyDelete
  56. Mister Gibson
    Just for the sake of clarity, when you say "since we are students and lack the economical power to adquire our own private modem." I hope that you are not trying to crack an encryption without permission. You are not, huh? That would be illegal.

    If you are trying on your own network, and can't collect or re-inject enough data packet, the answer is in this post:
    Can't Collect IV's
    Can't Collect Packets
    Packets Collection is very slow

    ReplyDelete
  57. Hi,

    it's gop (Bo) again! Hope everything's fine for ya.
    I've been using KisMac for many times now but I got some issues.
    3 questions:

    Several times, monitoring wifis, the amount of data packets was increasing, so network is quite active but no IV's at all... not even one! How come ?

    Second, I haven't been, for while now, able to inject with my RT73 chipset... even after full result injection test... and this, on every networks... ????

    Third, after having key... it happend that my airport says that the network is connected but no internet available coz, Im sure of this, he couldn t find autmotically DNS... how can I find DNS ? Does KisMac do that work ? Or another software or commands ??

    Thx a lot,

    R's

    Bo

    ReplyDelete
  58. Bo,
    As Q1 & Q2 are explained in details, it seems that you NEED a private tutor.
    Pls Contact me, I have very affordable rates.
    I'll include a quick fix for Q3 as well.
    Best regards

    ReplyDelete
  59. Hi,

    haha, sorry to bother you... well I read again all the faqs but still no answers for Q1 & Q2... Q1: I was monitoring my girlfriend's wifi and sure that isn t just a router not connected to internet & she was watching something on youtube.... Q2: well it wasn't about mistaking between WPA and WEP... shipset is alright... same for Q1...

    Well sorry about that.... I just wanted to go further wich it ain't easy apparently to me even if i feel like to be someone who read first before asking. I sure may be a bit stupid somehow coz I m just not into computer stuff but art.

    Thx for everything you've done so far. I appreciate it.
    Have a nice day anyway.
    All the best.

    Bo

    ReplyDelete
  60. Bo,

    copy of the first paragraph:

    "If you have a question, leave a comment, BUT: Do NOT leave a comment if your question is "Not working, IDK, LOL?" or "Can you send me a dictionary file?"
    As much as I don't mind helping, I am not your mom and can't help you to learn how to read.
    If your question is somewhat technical, please state your:
    >> OS + KisMAC Versions
    >> Type of Network Adapter + FCC number
    >> Errors in console log (no need to send me the 4000 last lines)"

    So, OS, FCC# etc etc
    As well as : Are you trying on a WPA or a WEP?

    otherwise, the first question that I will ask is: Do you have electricity?
    # Do you have a computer, if yes, is it "on"?
    etc etc
    it's going to be a looooooong Q&A.

    ReplyDelete
  61. is there a reason why key checking is very slow? I have collected almost 400k unqi iv and started the weak scheduling attack, both. Now the rate of keys checked is very slow...

    ReplyDelete
  62. is there a reason why key checking is very slow? I have collected almost 400k unqi iv and started the weak scheduling attack, both. Now the rate of keys checked is very slow...

    ReplyDelete
  63. top of my head, no reason.
    What do you call "very slow"?
    Machine?, OS? KisMAC version?
    Resources?

    That should help make an educated guess ....

    ReplyDelete
  64. Innlegg
    Hello!
    Thank you for this great site, have been a big help for me. Just want to make this tidy as I have a question:

    Mac OS X 10.6.4 and Kismac 0.3
    Ralink RTL8188S / FCC: 4195614720
    It is a Dealextreme dongle but it is based on the RTL8188 chipset as far as I have understood.

    I have modified my RTL8192SUl.kext to match the decimal Vendor/Product ID.
    RTL8188SU

    CFBundleIdentifier
    com.realtek.driver.RTL8192SU
    IOClass
    RTL8192SU
    IOKitDebug
    65535
    IOProviderClass
    IOUSBInterface
    Realtek_WLAN_NIC_parameter

    LedCtrl
    1

    Realtek_common_reg

    CcxOffLineDurUpLimit
    0
    CcxRm
    1
    Channel
    1
    HalfNMode
    1
    NetworkType
    1
    QoS
    1
    SSID
    ANY
    StaUapsd
    0
    WiFi11bIbss
    0

    bConfigurationValue
    1
    bInterfaceNumber
    0
    bcdDevice
    512
    idProduct
    33137
    idVendor
    3034


    I have also modified my UsbVedorsRTL8187.plist in the Kismac Resources folder to point at the right driver:





    RTL8188S WLAN Adapter

    idProduct
    33137
    idVendor
    3034


    Thus matching the Product/Vendor ID.

    Console log after starting scan:
    ...blablabla..
    25.09.10 03.16.57 KisMAC[741] Matching finished
    25.09.10 03.16.57 KisMAC[741] _init
    25.09.10 03.16.57 KisMAC[741] Number of configs found: 1
    25.09.10 03.16.58 KisMAC[741] Interface found.
    25.09.10 03.16.58 KisMAC[741] 1 1
    25.09.10 03.16.58 KisMAC[741] 2 0
    25.09.10 03.16.58 KisMAC[741] 3 0
    25.09.10 03.16.58 KisMAC[741] 4 0
    25.09.10 03.16.58 KisMAC[741] USBJack is now ready to start working.
    25.09.10 03.16.58 KisMAC[741] Start capture
    25.09.10 03.16.58 KisMAC[741] 000000000000
    25.09.10 03.16.58 KisMAC[741] hwaddr 000000000000, rtl8187 V0 + rtl8225
    25.09.10 03.16.58 KisMAC[741] _init exit
    25.09.10 03.16.58 KisMAC[741] Start capture
    25.09.10 03.17.00 KisMAC[741] RF Calibration Failed! 0

    Kismac scans, but no networks shows up. And I know they are there. Google tells me nothing about RF Calibration. Seems like the dongle works besides the search results.. And there is no activity light on the dongle (this works under Windows 7) so I suspect a driver error of some kind.
    Hope I have provided sufficient info, hope some of you can help.
    - M

    ReplyDelete
  65. Hello Marius,

    First, thanks for providing all the info.

    Your FCC ID# is incomplete, you should have letters too. can you please provide the complete number? i.e NDD957318S607
    As per what you have provided me, it seems (repeat: seems) that your are using an unsupported chipset.

    resend the complete info, as well as the link to the Dealextreme WS.

    ReplyDelete
  66. Thanks for your quick reply!
    DX: http://www.dealextreme.com/details.dx/sku.33997
    I have also dug up more info from dhgate, but no FCC ID. I am having a hard time finding it.
    http://www.dhgate.com/usb-adapter-network-card-wifi-adapter-edup/r-ff8080812b471494012b47939e462708.html

    Seems like som of the units shipped is RaLink, but I certainly got a "Realtek RTL8188SU Wireless LAN 802.11n USB 2.0 Network Adapter"
    I am sorry I cant provide the FCC ID.

    - M

    ReplyDelete
  67. Upon opening the unit I figured it is a RTL8188SU Realtek unit.
    The chip says:
    RTL8188SU
    A1F38S1 GA08

    This info led me to http://www.realtek.com/products/productsView.aspx?Langid=1&PNid=21&PFid=48&Level=5&Conn=4&ProdID=228 whitch tells me that my unit " ...combines a MAC, a 1T1R capable baseband, and RF in a single chip"
    The RF part seems to be the problem here. If it is a dead end , I will just assemble and return it and start figuring out my Gigabyte RT73 unit instead.
    Hope it helps.

    ReplyDelete
  68. "Thanks for the quick reply"

    You are one of the rare ones that can read and provide more info than the average "Kissmax iz no working"

    My pleasure.

    back to business:

    it seems that you have the model # WIFI-WWK-00158


    The RTL8188SU is not a supported chipset. yet. Sorry.
    If you want to, you may ask the KisMac -ng forum.
    FYI: READ THE RULES! APPLY them, then, be polite and a monster of knowledge known as "fish" will probably help you. If he can't, nobody can.

    otherwise, stick to the list of working compatible chipset and it will be a go at first try.

    I have contacted the manufacturer directly and hope to get a response for the chipset type and FCC ID.


    Good luck

    ReplyDelete
  69. I have browsed the forums for a while - and fish is an impressive source of information! I guess I will be sending back my DX unit and maybe order one later when/if it is supported by Kismac.

    But as you said, I should rather stick to the list of working chipset for a plug-and-play experience. Therefore I purchased a D-Link DWL-G122 (C1, 3.30, KA2DWLG122C1) today, confident of an easy install.

    Plugging in the dongle gives me this:
    25.09.10 21.22.27 kernel RT2573USBWirelessDriver: Ethernet address 00:24:01:13:b8:d8

    OK so far.

    In Kismac I choose RT73 chipset, Use as primary device and Keep all dumps.
    The problem is that I get this console readout when starting scan in Kismac 0.3. Of course this gives me the "..unable to create interface.." error, but the console readout is the important part.
    ...blabla...
    25.09.10 21.24.04 KisMAC[831] Matching finished
    25.09.10 21.24.04 KisMAC[831] Device already in use.
    25.09.10 21.24.04 KisMAC[831] Device could not be opened
    25.09.10 21.24.05 KisMAC[831] Matching finished
    25.09.10 21.24.07 KisMAC[831] Error could not instantiate driver WaveDriverUSBRalinkRT73

    This happens even though I have installed (only to test the unit) the Ralink drivers and then uninstalling them. Of course with reboots inbetween. Cant really see why the OS should be using the unit as it not is listed in System Prefs/Network and the drivers are uninstalled.

    And again, info:
    OS X 10.6.4
    MacBook Pro 15" 2.4ghz Core i5
    Kismac 0.3
    Ralink drivers installed then uninstalled with the uninstall utility plus double checking with these (http://meinit.nl/kismac-and-a-d-link-dwl-g122-wireless-usb-network-card) uninstall commands.
    Unit: DWL-G122 (C1, 3.30, FCC ID: KA2DWLG122C1)

    Have also deleted ~/Library/Preferences/org.kismac-ng.kismac.plist before plugging in the unit.

    As a result of the Ralink uninstall, there is no RT73 kext in the Extensions dir. Also, my current Kismac version contains the correct Vendor/Product ID.
    Somehow the OS still uses the dongle - and this is where I need help. I have read the FAQ time after time and several forum threads regarding this chipset - all fruitless. I cant find a similar case where the drivers are uninstalled and the OS still grabs hold of the unit. Hope you can help me resolve this, it might be more of a known field. Thank you for your patience.

    ReplyDelete
  70. I have browsed the forums for a while - and fish is an impressive source of information! I guess I will be sending back my DX unit and maybe order one later when/if it is supported by Kismac.

    But as you said, I should rather stick to the list of working chipset for a plug-and-play experience. Therefore I purchased a D-Link DWL-G122 (C1, 3.30, KA2DWLG122C1) today, confident of an easy install.

    Plugging in the dongle gives me this:
    25.09.10 21.22.27 kernel RT2573USBWirelessDriver: Ethernet address 00:24:01:13:b8:d8

    OK so far.

    In Kismac I choose RT73 chipset, Use as primary device and Keep all dumps.
    The problem is that I get this console readout when starting scan in Kismac 0.3. Of course this gives me the "..unable to create interface.." error, but the console readout is the important part.
    ...blabla...
    25.09.10 21.24.04 KisMAC[831] Matching finished
    25.09.10 21.24.04 KisMAC[831] Device already in use.
    25.09.10 21.24.04 KisMAC[831] Device could not be opened
    25.09.10 21.24.05 KisMAC[831] Matching finished
    25.09.10 21.24.07 KisMAC[831] Error could not instantiate driver WaveDriverUSBRalinkRT73

    This happens even though I have installed (only to test the unit) the Ralink drivers and then uninstalling them. Of course with reboots inbetween. Cant really see why the OS should be using the unit as it not is listed in System Prefs/Network and the drivers are uninstalled.

    And again, info:
    OS X 10.6.4
    MacBook Pro 15" 2.4ghz Core i5
    Kismac 0.3
    Ralink drivers installed then uninstalled with the uninstall utility plus double checking with these (http://meinit.nl/kismac-and-a-d-link-dwl-g122-wireless-usb-network-card) uninstall commands.
    Unit: DWL-G122 (C1, 3.30, FCC ID: KA2DWLG122C1)

    Have also deleted ~/Library/Preferences/org.kismac-ng.kismac.plist before plugging in the unit.

    As a result of the Ralink uninstall, there is no RT73 kext in the Extensions dir. Also, my current Kismac version contains the correct Vendor/Product ID.
    Somehow the OS still uses the dongle - and this is where I need help. I have read the FAQ time after time and several forum threads regarding this chipset - all fruitless. I cant find a similar case where the drivers are uninstalled and the OS still grabs hold of the unit. Hope you can help me resolve this, it might be more of a known field. Thank you for your patience.

    ReplyDelete
  71. I have browsed the forums for a while - and fish is an impressive source of information! But as you said, I should rather stick to the list of working chipset for a plug-and-play experience. Therefore I purchased a D-Link DWL-G122 (C1, 3.30, KA2DWLG122C1) today, confident of an easy install.

    Plugging in the dongle gives me this:
    25.09.10 21.22.27 kernel RT2573USBWirelessDriver: Ethernet address 00:24:01:13:b8:d8

    OK so far.

    In Kismac I choose RT73 chipset, Use as primary device and Keep all dumps.
    The problem is that I get this console readout when starting scan in Kismac 0.3. Of course this gives me the "..unable to create interface.." error, but the console readout is the important part.
    ...blabla...
    25.09.10 21.24.04 KisMAC[831] Matching finished
    25.09.10 21.24.04 KisMAC[831] Device already in use.
    25.09.10 21.24.04 KisMAC[831] Device could not be opened
    25.09.10 21.24.05 KisMAC[831] Matching finished
    25.09.10 21.24.07 KisMAC[831] Error could not instantiate driver WaveDriverUSBRalinkRT73

    This happens even though I have installed (only to test the unit) the Ralink drivers and then uninstalling them. Of course with reboots inbetween. Cant really see why the OS should be using the unit as it not is listed in System Prefs/Network and the drivers are uninstalled.

    And again, info:
    OS X 10.6.4
    MacBook Pro 15" 2.4ghz Core i5
    Kismac 0.3
    Ralink drivers installed then uninstalled with the uninstall utility plus double checking with these (http://meinit.nl/kismac-and-a-d-link-dwl-g122-wireless-usb-network-card) uninstall commands.
    Unit: DWL-G122 (C1, 3.30, FCC ID: KA2DWLG122C1)

    Have also deleted ~/Library/Preferences/org.kismac-ng.kismac.plist before plugging in the unit.

    As a result of the Ralink uninstall, there is no RT73 kext in the Extensions dir. Also, my current Kismac version contains the correct Vendor/Product ID.
    Somehow the OS still uses the dongle - and this is where I need help. Thank you for your patience.

    I have browsed the forums for a while - and fish is an impressive source of information! I guess I will be sending back my DX unit and maybe order one later when/if it is supported by Kismac.

    But as you said, I should rather stick to the list of working chipset for a plug-and-play experience. Therefore I purchased a D-Link DWL-G122 (C1, 3.30, KA2DWLG122C1) today, confident of an easy install.

    Plugging in the dongle gives me this:
    25.09.10 21.22.27 kernel RT2573USBWirelessDriver: Ethernet address 00:24:01:13:b8:d8

    OK so far.

    In Kismac I choose RT73 chipset, Use as primary device and Keep all dumps.
    The problem is that I get this console readout when starting scan in Kismac 0.3. Of course this gives me the "..unable to create interface.." error, but the console readout is the important part.
    ...blabla...
    25.09.10 21.24.04 KisMAC[831] Matching finished
    25.09.10 21.24.04 KisMAC[831] Device already in use.
    25.09.10 21.24.04 KisMAC[831] Device could not be opened
    25.09.10 21.24.05 KisMAC[831] Matching finished
    25.09.10 21.24.07 KisMAC[831] Error could not instantiate driver WaveDriverUSBRalinkRT73

    This happens even though I have installed (only to test the unit) the Ralink drivers and then uninstalling them. Of course with reboots inbetween. Cant really see why the OS should be using the unit as it not is listed in System Prefs/Network and the drivers are uninstalled.

    ReplyDelete
  72. Character limitation split my post, here is part 2.

    And again, info:
    OS X 10.6.4
    MacBook Pro 15" 2.4ghz Core i5
    Kismac 0.3
    Ralink drivers installed then uninstalled with the uninstall utility plus double checking with these (http://meinit.nl/kismac-and-a-d-link-dwl-g122-wireless-usb-network-card) uninstall commands.
    Unit: DWL-G122 (C1, 3.30, FCC ID: KA2DWLG122C1)

    Have also deleted ~/Library/Preferences/org.kismac-ng.kismac.plist before plugging in the unit.

    As a result of the Ralink uninstall, there is no RT73 kext in the Extensions dir. Also, my current Kismac version contains the correct Vendor/Product ID.
    Somehow the OS still uses the dongle - and this is where I need help. I have read the FAQ time after time and several forum threads regarding this chipset - all fruitless. I cant find a similar case where the drivers are uninstalled and the OS still grabs hold of the unit. Hope you can help me resolve this, it might be more of a known field. Thank you for your patience.

    ReplyDelete
  73. As out of nowhere I just got my breakthrough - my G122 just worked in Kismacwith injection and deauthification.
    I did this by uninstalling drivers and not addoing the RT73USBWirelessDriver.kext to Extensions as I previousle attempted to - and voila!
    Thank you for all your help. I feel a bit inspired to join the KisMac -ng forum and contribute as an active member.
    (No need to publish this or any of the previous entries, it will will look like a mess. Please feel free to contact me if you want me to summarize the last entries and make one post of it. Thanks for all help!

    - M

    ReplyDelete
  74. ok,
    for the sake of clarity I will delete your posts and mines, and re- edit.

    in the future:
    a) Never install any drivers provided with a USB network adapter for use with KisMAC
    b) stick with the list of known working chipset
    c) delete any plist (kismac related) that were cretaed

    by experience I can tell you that I had major issues while trying to finagle with a "non-approved" chipset and installed non working drivers. Never again .. :-)

    ReplyDelete
  75. hi buddy...i'm J and thumbs up on your blog, keep it rocking...

    Info:

    OS X 10.6.4
    Kismac 0.3
    MacBookPro 15' 2.4 GHz Intel Core Duo
    Network adapter model : AWUS036H 1000 mw
    FCC ID: UQ2AWUS036H


    Got an issue...just bought this AWUS036H 1000 mw and I followed all your instructions, speciallly not installing the drivers as I like this blog a lot, I follow everything like in the bible and ... as soon I start scan this pops up

    http://www.fileden.com/files/2009/4/2/2388935/Screen%20shot%202010-10-26%20at%20%20%20Tue%2026%20PM%204.25.png

    Yep, the usual....

    I had previous kismac versions but I cleaned it all with appcleaner so guess no hidden plists...I hope not

    Kismac team adviced the AWUS036H 500 mw as a USB Realtek RTL8187L based devices that worked great and injects on intel leopard...

    Does it changed on Snow leopard?
    the AWUS036 1000mw got the same FCC id as the AWUS036 500mw and exactly with same chipset RTL8187L, so where is the problem?


    here are the results on my console
    http://www.fileden.com/files/2009/4/2/2388935/Screen%20shot%202010-10-26%20at%20%20%20Tue%2026%20PM%204.56%201.png

    would be nice to hear your comments about this issue and what Im doing or I did wrong...

    Thanks in advance and keep it rocking!

    J

    ReplyDelete
  76. J,

    A) Thanks a bunch for posting all specs and techs.
    B) Thanks a bunch for the cheers

    The Alfa is not the issue (you DO have an hologram on the back, do you?)

    Do you load more than one driver at anytime? i.e Airport Passive + RTL8187

    Have you checked the "Use as Primary device" with the Alfa? Should be checked.

    Uncheck channels 12,13,14 if you are in the US

    if that does not work, use AppCleaner again and select ONLY the .plist

    After that, if still SOL. Contact me directly via em.

    Good luck and let me know

    ReplyDelete
  77. bud, thanks for such a quick reply :)

    a) I've got an hologram on the back
    b) I load only RT8187 and checked "use as primary device"
    Im not in US so I didnt unchecked channels 12,13,14,
    (see pic)

    http://www.fileden.com/files/2009/4/2/2388935/Screen%20shot%202010-10-26%20at%20%20%20Tue%2026%20PM%206.31.png

    I used Appcleaner and deleted only the .plist and installed again kismac 0.3..... till now everything still the same

    http://www.fileden.com/files/2009/4/2/2388935/Screen%20shot%202010-10-26%20at%20%20%20Tue%2026%20PM%204.25.png

    Also letting you know that i've got installed on my mbp a Norton Antivirus and Norton Internet Security for mac...I disabled all to give it a try checking if kismac would work and still the same....

    Cant really get it whats is going on... :(

    ReplyDelete
  78. Hey J.
    I have an Alfa too. I checked, and everything is fine with me.


    Channel 14 is for Japan only.

    Do you see your Alfa? in Apple >> About this Mac >> More Info >> Hardware >> USB
    You should see a "USB High Speed Bus" RTL8187
    If not, your Alfa could be fried.

    Out of precautions, In Preferences >> Advanced >> click on "Reset To Defaults"

    Your Console log is only partially complete: after line
    KisMAC[7307] vendor 1452 vendorId 2118 product 32773 productId 24832
    I would like to know the rest ...

    Use the filtering or send the file (txt) via email. Search for (Re-Captcha Protected) in this blog, go at the end of the post.

    ReplyDelete
  79. buddy, Glad you got an alfa 2.. :)
    heres what I got with my alfa plugged in

    http://www.fileden.com/files/2009/4/2/2388935/Screen%20shot%202010-10-26%20at%20%20%20Tue%2026%20PM%208.04.png

    http://www.fileden.com/files/2009/4/2/2388935/Screen%20shot%202010-10-26%20at%20%20%20Tue%2026%20PM%208.04%201.png


    Also I clicked on reset to defaults on preferences...

    heres what I got on my console

    http://www.fileden.com/files/2009/4/2/2388935/Screen%20shot%202010-10-26%20at%20%20%20Tue%2026%20PM%208.13.png



    when I got the Alfa yesterday it came with a litle DVD, the instructions were to install the driver and restart the pc before plugging the Alfa, but I guess the DVD are the drivers of the Alfa....so as on kismac we shouldnt install the drivers to make it work, I didnt install anything...

    Im scratching my head for hours and dunno where can I be wrong to make kismac to work properly, as you got an alfa too, it should work fine....

    ReplyDelete
  80. J,
    The little CD (80 mm) will make a mess
    a) With your Mac, because MBP do not accept that format and you'll need a lot of patience and few screwdrivers to remove the mini cd STUCK IN THE DRIVE.

    b) the drivers will F-up Kismac

    Now, core of the problem
    this is what you should see:
    http://tinyurl.com/29j4k96

    before you return your Alfa, because your card seems DOA (Dead on Arrival)

    check the following:

    1) the USB cable , check with another one.

    2) USB port, try #2 & #3

    3) Try with another Mac, just in case. You should see the "USB high Speed"

    4) if you have a windoes, either on BootCamp, or on PC, Download drivers from Alfa.com. install and check if working under PC or Win, it should not.

    If nothing work, I would say "Hello Houston, We Have a Problem"

    Look with Alfa Network if your reseller was a genuine one. lots of copies on ebay. Return the card for exchange.

    Good luck and let me know

    ReplyDelete
  81. Thanks, bud...The reason that Alfa didn't work at all....The USB cable is dead, lol, I changed it with another one, and yadayadaya.....it's working now!
    I will check it tomorrow if It really works

    Thanks a lot, U rock!!!

    ReplyDelete
  82. This comment has been removed by the author.

    ReplyDelete
  83. Hi, fist of all thanks.

    Then: just cleaned config and upgraded to Kismac 0.3: and passive scanning does not work at all, just silent, not even beacon packets. Active scanning works but # packets is zero. ??

    Everything used to work fine with older Kismac.

    ..puzzled.

    PS:
    (MBP2009, OSX10.6.4, kismac0.3,
    AirPort Extreme (0x14E4, 0x8D)
    Firmware Version: Broadcom BCM43xx 1.0 (5.10.91.27)
    Supported PHY Modes: 802.11 a/b/g/n

    )

    ReplyDelete
  84. Puzzled:
    a) "Active scanning works but # packets is zero. ??"
    Active scanning send probes, and only log received answers. Most likely normal that you do not receive packets.
    The + is that your Airport is not loaded by KisMAC and you do not lose your connection. The - are all the rest. I do NOT recommend using Active as it has very little value.

    "Cleaned config"
    How did you cleaned it? removed all plist?

    Do you mean that ALL APs are returning ZERO?

    I have 0.3, it works. The issue is not in 0.3, promised.

    let me know

    ReplyDelete
  85. Thanks.

    Active driver) I see. Here I get zero packets also in the network that I'm currently using... is it ok?

    Clean config) yes, I did "rm Library/Preferences/*kis*"
    (and also Caches/org.kismac-ng.kismac, to be sure)

    Now, with the Passive driver I do not get any network... but I do not even get the growl message Kismac starting scanning.. The console log seems also empty, see below. In the advanced menu, kismac keeps putting wlt1 instead of en1 (after reset, when I go back there)....

    ..uhm.


    PS: last console log since kismac startup, and srated passive scan

    11/29/10 4:22:27 PM KisMAC[34830] {
    IOProviderClass = IOUSBDevice;
    idProduct = 2110;
    idVendor = 6017;
    }
    11/29/10 4:22:27 PM KisMAC[34830] DEVICE ADDED
    11/29/10 4:22:27 PM KisMAC[34830] *** WARNING: Method drawsGrid in class ColoredRowTableView is deprecated. It will be removed in a future release and should no longer be used.
    11/29/10 4:22:27 PM KisMAC[34830] KisMAC startup done. Version 0.3. Build from Dec 7 2009 01:11:17. Homedir is /Applications/KisMAC.app. NSAppKitVersionNumber: 1038.320000
    11/29/10 4:22:27 PM KisMAC[34830] Registering with Growl
    11/29/10 4:22:28 PM KisMAC[34830] GPS integration disabled
    11/29/10 4:22:30 PM [0x0-0xa99a99].org.kismac-ng.kismac[34830] [name=en1]
    11/29/10 4:22:30 PM KisMAC[34830] /usr/bin/chgrp
    11/29/10 4:22:30 PM kernel AirPort: Link Down on en1. Reason 8 (Disassociated because station leaving).
    11/29/10 4:22:30 PM kernel Warning: audit space low (< 5% free)on audit log file-system
    11/29/10 4:22:30 PM _atsserver[34840] audit warning: allsoft
    11/29/10 4:22:30 PM _atsserver[34841] audit warning: closefile /var/audit/20101129150032.20101129152230
    11/29/10 4:22:30 PM _atsserver[34839] audit warning: soft /var/audit
    11/29/10 4:22:31 PM configd[16] network configuration changed.
    11/29/10 4:22:33 PM authexec[34848] executing /usr/bin/chgrp
    11/29/10 4:22:33 PM authexec[34849] executing /bin/chmod
    11/29/10 4:22:33 PM kernel Warning: audit space low (< 5% free)on audit log file-system
    11/29/10 4:22:34 PM authexec[34850] executing /usr/bin/chgrp
    11/29/10 4:22:34 PM authexec[34851] executing /bin/chmod

    ReplyDelete
  86. Thanks,

    Cleaning) yes I did "rm Library/Preferences/*kis*" (and also removed Caches/org.kismac-ng.kismac to be sure)


    Active) Yes I get all AP but zero packets in all of them, even in the network I am using.. (is this correct?)

    Passive) I do not get any AP at all, but not even the growl message (kismac starting scan..), and the console log does not seem to show anything (see below).

    ..uhm.


    PS: Console log from kismac startup and started scanning:

    11/29/10 4:22:27 PM KisMAC[34830] {
    IOProviderClass = IOUSBDevice;
    idProduct = 2110;
    idVendor = 6017;
    }
    11/29/10 4:22:27 PM KisMAC[34830] DEVICE ADDED
    11/29/10 4:22:27 PM KisMAC[34830] *** WARNING: Method drawsGrid in class ColoredRowTableView is deprecated. It will be removed in a future release and should no longer be used.
    11/29/10 4:22:27 PM KisMAC[34830] KisMAC startup done. Version 0.3. Build from Dec 7 2009 01:11:17. Homedir is /Applications/KisMAC.app. NSAppKitVersionNumber: 1038.320000
    11/29/10 4:22:27 PM KisMAC[34830] Registering with Growl
    11/29/10 4:22:28 PM KisMAC[34830] GPS integration disabled
    11/29/10 4:22:30 PM [0x0-0xa99a99].org.kismac-ng.kismac[34830] [name=en1]
    11/29/10 4:22:30 PM KisMAC[34830] /usr/bin/chgrp
    11/29/10 4:22:30 PM kernel AirPort: Link Down on en1. Reason 8 (Disassociated because station leaving).
    11/29/10 4:22:30 PM kernel Warning: audit space low (< 5% free)on audit log file-system
    11/29/10 4:22:30 PM _atsserver[34840] audit warning: allsoft
    11/29/10 4:22:30 PM _atsserver[34841] audit warning: closefile /var/audit/20101129150032.20101129152230
    11/29/10 4:22:30 PM _atsserver[34839] audit warning: soft /var/audit
    11/29/10 4:22:31 PM configd[16] network configuration changed.
    11/29/10 4:22:33 PM authexec[34848] executing /usr/bin/chgrp
    11/29/10 4:22:33 PM authexec[34849] executing /bin/chmod
    11/29/10 4:22:33 PM kernel Warning: audit space low (< 5% free)on audit log file-system
    11/29/10 4:22:34 PM authexec[34850] executing /usr/bin/chgrp
    11/29/10 4:22:34 PM authexec[34851] executing /bin/chmod

    ReplyDelete
  87. Puzzled:

    Is your network a "n"? or a 5GHz? type dual band?


    "PM KisMAC[34830] Registering with Growl"
    = Growl is working

    "PM kernel AirPort: Link Down on en1. Reason 8 (Disassociated because station leaving)."

    "the advanced menu, kismac keeps putting wlt1 instead of en1 (after reset, when I go back there)...."

    Can't find Airport

    When I write "Using App Cleaner is a good idea" I mean it!
    Download App Cleaner, Un-install KisMAC with it, re-download, re-install. It seems to me that you have played a bit too much.
    make a good cleaning, and restart from fresh.

    ReplyDelete
  88. Ok. I AppCleaned (which just found the plist and some old log), reinstalled, and again nope - ignores the passive scan.

    Then rebooted.. and it works! (Ehh.. good ol' Windows-way)

    Maybe some driver was still loaded?
    Also tried some clash with a USB 3G modem I was using but everything is seamless now. Don't know.

    Incidentally, in the advanced setup I still find always "wlt1"...

    Thanks in any case for the support, and keep up the good work!

    ciao,
    puzzled (was and should still be)

    ReplyDelete
  89. Puzzled,

    If you had to reboot, it's probably because a driver or kext was still loaded. Did you install some drivers for a card before?
    I would suggest to take a look into processes to determine what's making it coming up. You can try to unload the driver and remove it.

    ReplyDelete
  90. I just got the Alfa AWUS036H RTL rtl8187 chip and I get the "Driver could not instantiate" message.

    - I got the right chipset
    - correct driver selected in Kismac 0.3 (on MBP 10.6.5) prefs

    I installed the SL driver (strangely titled 10.4!?!)
    the interface is recognized in System preferences and working...

    I've googled all day, been reading for 2 hours.

    I just don't get it...

    btw- are we supposed to use the driver on Mac OS X or not?

    I also tried on my Mac mini running Leopard 10.5.8 with Kismac 0.2.99.. same problem except
    it's not even recognized by System Prefs.

    USB info is viewable in "About this mac" on both computers so the adapter is good.

    please help!

    here is the console log

    11-01-06 14:47:51 KisMAC[759] vendor 1452 vendorId 2118 product 32773 productId 24832
    11-01-06 14:47:51 KisMAC[759] Matching finished
    11-01-06 14:47:51 KisMAC[759] _init
    11-01-06 14:47:51 KisMAC[759] Number of configs found: 1
    11-01-06 14:47:55 KisMAC[759] Interface found.
    11-01-06 14:47:55 KisMAC[759] unable to open interface (e00002c5)
    11-01-06 14:47:55 KisMAC[759] unable to find interfaces on device: e00002c5
    11-01-06 14:47:55 KisMAC[759] Device could not be opened
    11-01-06 14:47:59 KisMAC[759] Error could not instantiate driver WaveDriverUSBRealtekRTL8187

    ReplyDelete
  91. Hi I would like to know if the owner of the wireless network that I crack can detect an intrusion when I crack and then use the network. If so then is there a way to solve this problem?

    Thanks

    ReplyDelete
  92. MACandroid:

    The short answer: yes / yes / no

    The long answer: your attack can be revealed when you are active, not when you are passive.

    Then, when you connect on a network, of course you are visible to the owner of the network. (i.e KisMAC will tell)

    I am not aware of any solution to hide yourself.

    furthermore, when you are connecting to a network, the owner has also the encryption key, and could also possibly read your packets. (Wireshark, Cocoa Packet Analyzer)
    it's a double edge sword...

    ReplyDelete
  93. AWESOME BLOG!
    One quick question, does the Alfa AWUS036H (Best WiFi Card compatible with KisMAC) support packet injection?
    If it does, what driver do I enable in KisMAC?

    Also, how can i make a .pcap dump with the packets (500,000) and iv's (20,000) I have on KisMAC for use with aircrack-ng?

    ReplyDelete
  94. Hector,
    Alfa: Of course it does support packets RE-injection.
    The Driver is the RTL8187.
    please read the entire post before buying on anywhere else than the link provided. Knock-off are rampant

    When you select "Keep Everything" KisMAC saves a file (dumplog).
    That file has no extension, but is absolutely readable by Aircrack-ng

    It seems that you need to read more about packets and IV's. Packets are useless, IV's and /or DATA packets are the good stuff.
    You'll need at least, bare minimum 40,000 IVs
    80,000 recommended

    http://tinyurl.com/6klfdtx

    ReplyDelete
  95. yes, of course. i did neglect to mention the WEP network i'm working with is my own. i don't want to get anyone in trouble, least of all me!

    i've cracked my WEP network. i have the ssid, bssid and now a hex key (example 12:34:56:78:90)

    now how do i actually join the network? i've tried using "Join Other Network..." in the airport menu, using either the ssid or bssid as the network name and then the hex key as the pass (without colons).

    and it won't connect. i'm sure i'm missing something obvious, but i can't see what.

    thanks, again!

    ReplyDelete
  96. Much better :-)

    So...
    A) use the ASCII key
    B) use the Hex key if you want to, but you'll have to add the 0x (zero x) to stipulate to Airport that you are using a Hex key, otherwise 1234567890 could be the password in ASCII ;-)
    the 0x or $ are called the Hex Escape.

    Example:
    Hex Key 12:34:56:78:90
    ASCII ?4Vx?

    Enter either ?4Vx?
    or
    0x1234567890
    $1234567890

    Also: WEP is weak. but a 40bit key is obscenely weak. So, Change you OWN network to WPA2
    ;-)
    54:68:61:74:20:57:61:73:20:45:61:73:79:2c:20:4e:6f:3f:20:20:3b:2d:29:20:20

    ReplyDelete
  97. any ideas why this might not work? for example...

    my access point is an actiontec and the key is 18:01:C7:23:3C

    so prefixing that (without colons) using 0x or $ or nothing at all, won't let me connect.

    and i've tried a few hex to ascii converters online and none have given me anything i can use.

    sometimes the characters are nonsense. i can't paste them into the airport password field (either using the WEP ascii option or the straight password.

    am i missing a step?

    ReplyDelete
  98. a) Possible MAC Address Filtering.
    b) Use the ASCII key provided by KisMAC
    c) send me the .kismac file & the dumplog

    ReplyDelete
  99. Hey, i have looked your tuto sur http://www.youtube.com/watch?v=lBGN5OGCPgI but i have a problem, when i choose a network for Crack > Weak Scheduling Attack > Against both, i haven't Data Packets and Unique IVs, 0 nothing... I need your help !

    ReplyDelete
  100. Damien,
    Your question simply shows that your are trying step 10 when step 1 to 9 have clearly not been understood.
    if you have zero data or packet, it's because you have not captured anything.

    ReplyDelete
  101. I followed all step in your video..

    ReplyDelete
  102. Damien,
    Obviously you did not, or you are missing something. Out of roughly 20,000 visitors a month, you are the first one to mention this, or ask the question. please re-watch the tutorial, or follow the one on this blog.
    Thank you.

    ReplyDelete
  103. Ok, i re-try and if you want i make screen.

    ReplyDelete
  104. You can re-try and make as many screen capture as you wish.
    If you are in need of a one to one session, or a private tutorial session, please follow that link and select "Platinum"
    http://easymactips.blogspot.com/2009/11/support-donate.html

    ReplyDelete
  105. Hey man! I'm in Australia on holiday and don't have alot of time to surf the web since it's expensive as shit. I've got Kismac on my mac and I managed to "crack" a WEP password here on my hostel. I say "crack" since I used a Newshams 21 bit attack and I don't understand. I was wondering what E4:AE:1E:D6:48 for Key 0 means, It would help a brother out!

    I've seen that alot of people has written similar questions and I apologize...but I haven't got the time to learn now :P

    ReplyDelete
  106. Hey man!
    Since you have clearly admitted that you have "Craked" a network who does not belong to you, I am sorry to tell you that it would be illegal for me to help you.

    Quote: "but I haven't got the time to learn now"
    - Ok, I'll wait, I am not in a hurry. :p
    otherwise, we have a consulting/Tutoring service

    ReplyDelete
  107. Huh?
    I guess you did not liked my answer. We're not brother anymore?

    ReplyDelete
  108. WHAT THE HELL DO THE DOUBLE LETTERS MEAN AND HOW DO I CONVERT THEM FOR EXAMPLE FF:FF:DA:B1:E6 IS THE KEY HOW DO I PUT THAT IN THE PASSWORD FOR THE NETWORK?

    ReplyDelete
  109. 49:20:52:45:41:4c:4c:59:20:44:4f:4e:22:54:20:4b:4e:4f:57:20:57:48:41:54:20:49:54:20:43:4f:55:4c:44:20:4d:45:41:4e:2e:20:57:48:41:54:20:54:48:45:20:48:45:4c:4c:21:20

    ReplyDelete
  110. Amazing info but even better, well organized. I have seen two vids and they are outstanding!

    I have the AWUS036H which seems to use the RTL8187L driver. (osx 10.5.8) I noticed in kismac 0.2.99 that only the RTL8187 is listed.

    Are they the same and if not can I add the "L"? I have never seen reinjection work, though, the test works fine. I have gone through the Trob-Shot and Q&A trying many suggestions.

    Any thoughts? Much appreciated!

    ReplyDelete
  111. The AWUS036H use the RTL8187 driver, either on KisMAC 0.2.99 or 0.3+ .
    If your injection test works, the card works too. if you can't re-inject packets it's probably because the network has very little traffic (most common cause)

    ReplyDelete
  112. hey sorry for being such a "newb" but when collecting IVs to test a network (using airport extreme on passive setting, MBP OSX snow leapord, and kismac .3.3) should i get 200000 IVs on one network i want to test the security for or can i speed it up by collecting IVs from different sources? thanks for you pacients for noobs like me xD

    ReplyDelete
  113. Jonathan,
    You need to collect the number of IV's needed for one network. You can not add them.
    In passive mode, the more traffic the more you will collect.
    IV's are only relevant for WEP, not for WPA.
    To Speed Up the collection, you'll need to re-inject the packets with the card specified in this blog.
    Finally, you can try starting at 120,000 IVs if you crack with KisMAC or just 40,000 if you crack with Aircrack.

    ReplyDelete
  114. sorry- i just don't understand how you begin collecting Unique IVs. can someone please help me out? The video tutorial jumps straight into "collect over 150,000 unique IVs" or something like that without actually explaining how to do begin collecting them.

    ReplyDelete
  115. you start collecting IVs when you press "Start Scan"

    ReplyDelete
  116. Hello,
    I start scanning and all networks write:
    SSID ENC TYPE
    NO lucent tunnel
    or
    NO ad-hoc

    Could you tell me plz what i have to do from the begging because everything that i have read is about WEP or WPA.
    Thank you,

    ReplyDelete
  117. SSID: or
    ENC:NO
    TYPE:lucent tunnel or ad-hoc

    Now it's better.

    ReplyDelete
  118. Hello again,
    No i am on mac version 10.6.7
    SSID:lucent tunnel or no ssid
    ENC:no or no
    TYPE:lucent tunnel or ad-hoc

    ReplyDelete
  119. and you are using backtrack or aircrack?

    ReplyDelete
  120. I use apple airport extreme card, passive mode for scanning.

    ReplyDelete
  121. ok,
    and you use it with? i.e what application

    ReplyDelete
  122. Sorry because i am not very good but i am trying and reading around.

    I use kisMAC as application.
    I don't know if you mean something else.

    ReplyDelete
  123. KisMAC, the R297 Trunk or another version?
    We're getting there ....

    ReplyDelete
  124. I use KisMAC version 0.3.3(0.3.3).
    About the trunk i don't know how can i see it.
    IF you mean device because i see some R... there, i use apple airport extreme card,passive mode.

    Sorry again for my low knowledge.

    ReplyDelete
  125. "Sorry again for my low knowledge"
    it has nothing to do with knowledge.

    Last verification, your screen is on, correct?
    If yes, how come that you can't see or read the 10 first line of this page?
    Would you try to read them out loud?
    Do you understand why? it's a bit like calling a doctor, saying "I am sick" hanging up and then expecting a diagnostic.

    As for your answer, I'll spend as much time than you have spent reading what was previously written.
    Answer: leave it alone.

    ReplyDelete
  126. Hi could anyone tell me how i can hide the 500+ networks that kismac has found called its really anoying.

    Thanks

    ReplyDelete
  127. "..kismac has found called its.."
    - Not sure what you mean.

    secondly:
    http://bit.ly/isitjustmeoramidoingsomethingwrong

    ReplyDelete
  128. sorry they are called no ssid

    ReplyDelete
  129. second attempt:

    http://bit.ly/isitjustmeoramidoingsomethingwrong

    hint: it's a link

    ReplyDelete
  130. Kismac 0.3.3 Mac os x 10.6.7

    Alfa AWUS036H RTL8187 Chip

    *I think this is what you where looking for if not i cant find what im looking for from that link you provided*

    I just need to know why im getting thousands of networks with the name no ssid

    I need to hide them some how.

    ReplyDelete
  131. Without seeing your screen, I am not really sure.
    Thousands seems really high, few is ok.
    No SSID means that the SSID is cloaked or hidden, but that's already explained in the blog.

    You can filter , top right.
    hide: Ctr-l + click on the SSID tab

    ReplyDelete
  132. Kismac 0.3.3 Mac os x 10.6.7

    Alfa AWUS036H RTL8187 Chip


    Hi i have a wpa table. File extensions on the end are .tar.lzma

    Will kismac 0.3.3 be able to use this when cracking WPA Networks?

    ReplyDelete
  133. Not sure, the lzma is a Linux compression algo. Can you send me the file? i.e via Dropbox
    http://db.tt/KtYQIll

    On the top of it, if you are using a Rainbow, it's only for specific SSIDs.

    ReplyDelete
  134. Hi! First of all, gratz on your blog!

    I have a Macbook Pro and i have bought an usb wireless card TP-LINK TL-WN321G. I installed KisMAC and selected RT73 (checked at hardware list) as primary, always keep and channels. I didnt install anything else such as a driver or anything so i dont know if im doing fine. The thing is that i get instantiate the driver error (i checked and no driver is installed). So, what am i missing? (I also tried adding the line in the plist without successing).

    OS: 10.6.8
    KisMAC: 0.3.3

    USB card TL-WN321G

    Last console lines:

    10/08/11 02:20:16 KisMAC[644] vendor 1452 vendorId 15366 product 32773 productId 2001
    10/08/11 02:20:16 KisMAC[644] vendor 1452 vendorId 1041 product 32773 productId 217
    10/08/11 02:20:16 KisMAC[644] vendor 1452 vendorId 5041 product 32773 productId 32
    10/08/11 02:20:16 KisMAC[644] vendor 1452 vendorId 2001 product 32773 productId 15364
    10/08/11 02:20:16 KisMAC[644] vendor 1452 vendorId 5041 product 32773 productId 35
    10/08/11 02:20:16 KisMAC[644] vendor 1452 vendorId 1784 product 32773 productId 57376
    10/08/11 02:20:16 KisMAC[644] vendor 1452 vendorId 29586 product 32773 productId 29464
    10/08/11 02:20:16 KisMAC[644] vendor 1452 vendorId 3574 product 32773 productId 38674
    10/08/11 02:20:16 KisMAC[644] vendor 1452 vendorId 5298 product 32773 productId 15394
    10/08/11 02:20:16 KisMAC[644] vendor 1452 vendorId 5952 product 32773 productId 14081
    10/08/11 02:20:16 KisMAC[644] vendor 1452 vendorId 15367 product 32773 productId 2001
    10/08/11 02:20:16 KisMAC[644] vendor 1452 vendorId 5263 product 32773 productId 9587
    10/08/11 02:20:16 KisMAC[644] vendor 1452 vendorId 1293 product 32773 productId 28762
    10/08/11 02:20:16 KisMAC[644] vendor 1452 vendorId 1089 product 32773 productId 244
    10/08/11 02:20:16 KisMAC[644] vendor 1452 vendorId 5263 product 32773 productId 9587
    10/08/11 02:20:16 KisMAC[644] vendor 1452 vendorId 2821 product 32773 productId 5923
    10/08/11 02:20:16 KisMAC[644] vendor 1452 vendorId 1293 product 32773 productId 36955
    10/08/11 02:20:16 KisMAC[644] vendor 1452 vendorId 3574 product 32773 productId 37036
    10/08/11 02:20:16 KisMAC[644] vendor 1452 vendorId 1784 product 32773 productId 57360
    10/08/11 02:20:16 KisMAC[644] vendor 1452 vendorId 2001 product 32773 productId 15363
    10/08/11 02:20:16 KisMAC[644] vendor 1452 vendorId 1293 product 32773 productId 36956
    10/08/11 02:20:16 KisMAC[644] vendor 1452 vendorId 5263 product 32773 productId 9587
    10/08/11 02:20:16 KisMAC[644] Matching finished
    10/08/11 02:20:19 KisMAC[644] Error could not instantiate driver WaveDriverUSBRalinkRT73

    Thank you in advance!

    ReplyDelete
  135. Karlos, What's the FCC ID # on your Tp-link
    I smell a rat on the Chipset ....

    ReplyDelete
  136. Thanks for fast reply.

    FCC ID #: TE7WN321GV4

    ReplyDelete
  137. Karlos,

    You have a RT2070 Chipset, not a RT73

    http://www.wikidevi.com/wiki/TP-LINK_TL-WN321G_v4

    The only card that I recommend is this one:
    http://kismaxx.blogspot.com/2008/11/kismac-best-compatible-wifi-card-re.html

    It's not more expensive than others, and so far, it is the only one compatible that can get a signal at 1km

    ReplyDelete
  138. Thank you for the answer!

    I exchanged my TL-WN3121G for ALFA AWUS036H and first tried it worked great! But i have a couple of questions i'd like you to solve.

    1. Can i connect to a network using this adapter once i know the key? I think its range is way better than airport's one so i'd prefer using it, but i think i cant install (for KisMAC to work) the driver so i am a little confused.

    2. What is testing injection for? When i try testing injection, i get some green lights in some numbers and red ones in some other. Is that ok?

    3. When i'm attacking some WEP network, i can generate some Inj. packets, so i can proceed with Reinject Packets. But most of the time those packets are going down (in console i can check it is injecting) without receiving anything. And some other times i get some responses, maybe 40-50 and get a lot of IV's, but after that it says Injecting... and no more packets are coming fast. Is that ok too? I thought, injecting allow me to generate traffic easier in a non very active network.

    4. And last thing (by the way :d), i tried cracking 2 WPA networks using DA. In one of them, the light turned to green very fast with few data packages, but in the another one i have 200 data packages and still no green light. Shall i keep waiting?

    Best regards!

    ReplyDelete
  139. Karlos,
    All the 4 questions are already answered in the blog

    ReplyDelete
  140. I bought one 036NHR to replace my previous 036NH that has been outdated for MAC OSX 10.6.8
    I have successfully installed the software but unable to navigate on the web !
    The antenna is connected to the network but seems not to be able to provide datas to my Firefox...

    Can help ?

    Nicolas

    ReplyDelete
  141. it's strange, because I have a H, NH and NHR and they all work under 10.6.8
    The issue seems not related to the card but most likely to your network settings

    ReplyDelete
  142. Thx for answering !
    Any chance to find a good "how to" ?
    I've been surfing for hours over google and youtube.
    Nothing really accurate to find where the trouble is !
    Nicolas

    ReplyDelete
  143. Firstly,
    You have omitted to let me know what is your config. -complete config-

    secondly, where did you purchased your alfa? eBay?

    1) uninstall the drivers and the Realtek utility app, re-install, then try again.

    2) if not working, try on a different network

    3) if not working, ask a friend to install the Realtek app and try with his computer.

    This is how you troubleshoot something: you remove "possible" causes one by one. Trying again and again the same thing does not improve your chances to fix an issue.
    As a repeat, I have 3 models of Alfa: 036H, NH, NHR
    All of them work under 10.6.8, I can also make them work under Lion, hence the issue seems NOT to be the Alfa itself.

    ReplyDelete
  144. Nice being able to cry with you on me !
    ;-)
    Here my answers:
    --> COMPLETE CONFIG
    MacBook Pro 13"
    IOS Snow leopard 10.6.8
    ALFA AWUS036NHR
    --> PURCHASED
    On a pro shop online where I bought my previous ALFA. I've got the sticker on the back of the antena. I'm sure it's guenine: www.avenir-informatique.eu
    1) I tried several times ti install and uninstall
    2) I tried on several network (2 at home)
    3) I tried on my 3 son's Macbook and macBookpro..
    I also tried something with the apple "Terminal.app" to view active drivers... nothing to see !
    Nevertheless the "wireless network utility" seems to work properly. I'v got the 1.9.4 release.

    ReplyDelete
  145. --> COMPLETE CONFIG
    >> About this Mac >> More Info
    Then: Config for
    Network
    System Software
    USB when NHR is plugged

    networks:
    If your home network has MAC Address filtering, it may not work. Try a not "home" network or remove /check firewall and mac address filtering.

    I hope the blue light is blinking, correct?

    ReplyDelete
  146. The Blue light Blink !
    I remove the MAC adress filtering and it works now ! You're my hero !

    I hope that helps others (sorry in french).
    Now I have to find a soft to do the job cause kismac has no TTL8188RU drivers...

    >>>ALFA AWUS036NHR :

    Type : Ethernet
    Matériel : Ethernet
    Nom de périphérique BSD : en7
    Adresses IPv4 : 192.168.1.14
    IPv4 :
    Adresses : 192.168.1.14
    Méthode de configuration : DHCP
    Nom de l’interface : en7
    Signature réseau : IPv4.Router=192.168.1.1;IPv4.RouterHardwareAddress=00:26:91:a8:28:7f
    Routeur : 192.168.1.1
    Masques de sous réseau : 255.255.255.0
    IPv6 :
    Méthode de configuration : Automatique
    DNS :
    Nom de domaine : home
    Adresses du serveur : 192.168.1.1
    Réponses du serveur DHCP :
    Nom de domaine : home
    Serveurs de noms de domaine : 192.168.1.1
    Durée du bail (secondes) : 0
    Type de message DHCP : 0x05
    Routeurs : 192.168.1.1
    Identifiant du serveur : 192.168.1.1
    Masque de sous-réseau : 255.255.255.0
    Ethernet :
    Adresse MAC : 00:c0:ca:52:c6:26
    Options Média :
    Sous-type Média : Sélection automatique
    Proxys :
    Liste de exceptions : *.local, 169.254/16
    Mode FTP passif : Oui
    Ordre des services : 1

    ReplyDelete
  147. "Now I have to find a soft to do the job cause kismac has no TTL8188RU drivers..."

    1) Linksys sucks, huh?
    2) "home" You are asking for trouble. Change the SSID
    3) The 036H works perfectly under 10.6.8 and 10.7
    3a) Capture with KisMAC (036H), crack with Pyrit-Cuda or aircrack
    4) RTL81888RU: Aircrack on BT5, or Pyrit

    ReplyDelete
  148. Thx.... I tried but now:
    --> No more blue light blinking.
    --> I uninstall and reinstall several times.
    Nothing... unlucky you said ?

    Here it is in Network menu
    ===============
    ALFA AWUS036NHR :

    Type : Ethernet
    Matériel : Ethernet
    Nom de périphérique BSD : en7
    Adresses IPv4 : 192.168.1.14
    IPv4 :
    Adresses : 192.168.1.14
    Méthode de configuration : Manuelle
    Masques de sous réseau : 255.255.255.0
    IPv6 :
    Méthode de configuration : Automatique
    Proxys :
    Liste de exceptions : *.local, 169.254/16
    Mode FTP passif : Oui
    Ordre des services : 0
    ===============

    ReplyDelete
  149. 1) please stop using "anonymous" use name/url instead. Even a fake a one will do.

    "Thx.... I tried but now:"
    Tried What? it was working before, no?

    How did you uninstall? details please.

    Before
    IPv4 :
    Adresses : 192.168.1.14
    Méthode de configuration : DHCP
    Nom de l’interface : en7
    Signature réseau : IPv4.Router=192.168.1.1;IPv4.RouterHardwareAddress=00:26:91:a8:28:7f
    Routeur : 192.168.1.1
    Masques de sous réseau : 255.255.255.0

    Now
    >> IPv4 :
    Adresses : 192.168.1.14
    Méthode de configuration : Manuelle

    ReplyDelete
  150. It works good until I follow a tutorial to uninstall old drivers via "Terminal"...on this website !
    I am desperate like a windows user !

    Any chance to change to let you take control of my Mac via "http://showmypc.com/" to fix it ?
    I spent too many hours now...

    ReplyDelete
  151. Hi. I followed your recommendation and bought the Alfa AWUS036H. I have Kismac 0.3.3 running on a Macbook Pro 8,2 with Mac OS 10.6.8.

    I'm trying it on one of those FiOS routers (Actiontec), but it fails the injection test. When I try to inject it gives me 0 responses, no Inj. Packets and IVs are very slow coming in. To make it short: injection isn't working.

    I followed all the steps in a few different tutorials but nothing seems to work.

    Can you help me troubleshoot this? Thanks.

    ReplyDelete
  152. Jack,

    >>Macbook Pro 8,2 with Mac OS 10.6.8.
    Are you in 32 or 64 bit mode?

    >>FiOS routers (Actiontec)
    Router model#?

    >>fails the injection test
    on all speed?
    Average signal please

    >> Packets and IVs are very slow coming in
    Increase traffic on the network. If you have no or very little traffic, that's the main cause.

    ReplyDelete
  153. I'm in 64 bit mode

    Router model is MI424-WR rev. F

    Weird, I went to try the injection test again and now it's working on all speeds. Avg signal is 68. When I start WEP injection it is still adding IVs very slowly.

    Isn't increasing the traffic on the network something that goes against the purpose of the hack? If the only people who could crack my network were the ones that already have access to it, there'd be no point in studying this.

    Or is there a way of increasing traffic without being inside the network?

    Thank you so much for the prompt reply.

    ReplyDelete
  154. Jack,
    Switch KisMAC to 32-bit, there are still some bugs hanging... explained above...

    Some routers have WIPS or WIDS, in that case, trying an active attack is not really useful.(Not wps, but "wIps")

    The last time I spoke with a Verizon "Tech" I was told that Verizon was not supporting WPA yet and I was assured that WEP and WPA were "UNBREAKABLE"
    Fifteen minutes after, my client was calling back Verizon. It was nasty...

    I hope for your own F* sake that you are on WPA2 with a serious passphrase

    "Isn't increasing the traffic on the network...the only people who could crack my netw...."

    Well, legally, you are not allowed to (crack smbdy else Nt). If it's illegal, we could be in trouble, Hence the "play with your own toys"

    As for "slow collection" it has been covered multiple times.

    Increasing, not really beside "flood"

    Alfa 036H > Sorry, still one the best card I have tested. by far.

    ReplyDelete
  155. Me Again!

    update (10:09pm): after an hour I have 10 UIV. I have COD on the ps3 going right now over wifi does that count as data packet? lol

    I am running MBP Intel core Duo on Leopard 10.5.8 (apple takes their time shipping snow leopard). I have downloaded the universal binary version 0.2.99. I selected the RTL8187 (passive) drivers from the preferences ad started the scan and it scans perfect. However I tried to test my WEP encryption but to no luck. I have 70 signal strength and captured up to 2.1MiB (bytes) but still had no Unique IV's. I also switch to Injection to speed up the process and waited 45minutes and still no Unique IV's I also have my other computer browsing and downloading off the internet to keep the data going but still no luck.

    My question, is there another separate or newer trunk drivers for my AWUS036H that i need to install other than the default that comes with the KisMac 0.2.99 binary release? Or is my DLINK GL-4500 router just that secured? (lol i doubt it)

    I just dont understand why i can t capture any unique IV's with optimum setup. is there a difference between the USB RTL8187 and RTL8187L drivers, but all i see in the drivers pref. of KisMac is RTL8187? thanks!

    Thank you,
    BS.

    ReplyDelete
  156. Big Sam
    "I have 70 signal strength and captured up to 2.1MiB (bytes) but still had no Unique IV's."

    > 70 is the signal to noise ratio
    > 2.1MiB of what? Management packets? Data Packets?

    "I also have my other computer browsing and downloading off"

    if your other computer is on a /n band, it's not going to help.... plus, as you have the Alfa plugged, you should be able to use Airport and the Alfa together.

    Assuming that we're talking WEP, IF you are doing it right, you MUST capture IV's. Otherwise, I would guess that the other computer is on /n. KisMAC can not see /n. I think you are capturing beacons only (management packets) from the router on the /g band.

    You also have an SPI, but it should not interfere with passive mode.
    Please read the article (above) about "can't collect IV's"

    ReplyDelete
  157. Thank you for the reply.

    Yes I am connected to my wifi via the Airport Extreme and I am using the Alfa in Kismac for the monitor/capturing. The other Computer was setup to download a 1gig file and is connected via the ethernet cable to the router.

    Sorry, after reading your post and watching your videos closely, i now have a better understanding the difference of packets. it seems i was only capturing the management packets, the data packets only showed 110 and I forget but the total packets were roughly only around 3000. But thats odd, because like i previously stated i have the desktop (ethernet) downloading a file at 1.7mb).

    Well i will have more time to fool around with it this wknd, i'll probably start everything from scratch. I also received my copy of Snow leopard so i will be upgrading to 0.3.3.

    What is the best way for me to uninstall Kismac and to be sure any all the older 0.2.99 packages/drivers are removed? I was just going to move the Kismac from the application folder to the trash bin, would this suffice?

    thanks.

    ReplyDelete
  158. Big Sam,
    you either NEED to read a lot more, or to get a KisMAC one to one session to bring you up to speed: It started as a probable tech issue, but now it's simply that you are extremely confused about what does what.

    "The other Computer was setup to download a 1gig file and is connected via the ethernet cable to the router."
    - So you are using a WIFI monitoring software in the expectation to capture data sent via CABLE? correct?

    "i was only capturing the management packets,"
    - yup!, probably because most of the traffic was via cable....

    "desktop (ethernet) downloading a file at 1.7mb)"
    You can try to download the entire internet. If you do it via cable, there will be no packets sent via WIFI

    "What is the best way for me to uninstall Kismac"

    - Definitely, the KisMAc School. it's here:
    http://easymactips.blogspot.com/2009/11/kismac-school.html

    ReplyDelete
  159. yup.. thats my fault for jumping the gun thinking i got it down.. after reading my tech problems, i too notice my ignorance. well thank you for the help :) I am definitely going to read more into this, have a good weekend.

    ReplyDelete
  160. Big Sam-Steph,
    it's nothing personal, everybody has to learn, but you'll save a lot of time if you read it twice instead of fumbling for few hours. As for the uninstall, that's in the first 5 lines of this article. Answering 50 times the same previously answered questions is time consuming, and after #10, starts to get under my skin. have a good week end too.

    ReplyDelete
  161. When will be kismac compatible with rtl8188ru? Because im still waiting

    ReplyDelete
  162. Hi!

    Supernice tutorial!

    I have an intermittent issue with kismac, i get the "unable to load interface error" after just using it. I have checked all the things in your list. Before it worked in a new user, now i get the same error. It works in safemode!!?? however not after reboot.. i have created a interface for the RTL8187 in network panel, on top off list. I have tried both with the realtek usb wlan utility client off/on, with airport off/on. I have reinsatelled both realtek client utility andd kismac using appcleaner, can only locate ~/Library/Preferences/org.kismac-ng.kismac.plist though... have check manually for plists also... Dont understand, very frustrating... Any ideas??

    ReplyDelete
  163. Popsynator:
    "I have tried both with the realtek usb wlan utility client off/on, with airport off/on."

    Quoted: Whatever you do, if you have an injection device (WIFI card or USB Adapter)
    DO NOT install the drivers of the card / USB adapter unless you have read this post

    The post is : http://easymactips.blogspot.com/2011/05/kali-app.html

    ReplyDelete
  164. Hi Admin, great blog :)

    Had a couple quick questions that I don't believe have been answered:

    1) This is a pretty basic one, but do I NEED to purchase a suggested router that can do packet injection, etc.? With enough time I can just scan in passive mode from my MacBook Pro's onboard card correct?

    2) I run OSX 10.7.2, tried and collected a good amount of packets before KisMAC stopped collecting packets completely. The program didn't freeze, but all APs' Signal strength were 0. This would happen at random times during the scan, sometimes at ~40,000 Unique IVs and sometimes ~90,000. So I partitioned the drive and threw 10.6.8 on it, tried again still showing the same issue. I noticed that it hangs when the Inj. Packets (on the individual AP page) reaches 100. Not sure what that has to do with anything, but it was the only thing constant in each attempt. Hopefully you've had someone else that's run into this issue and have a quick fix!

    3) Is there an easy way to toggle KisMAC to run in 32/64bit modes? Was just thinking of other things that might fix the hang.


    Thanks for your help!

    ReplyDelete
  165. after i cracked "my" wep it gives me the password it is just number (e.g. 11:11:1:1, etc) what do with that an how do i get onto the network???

    ReplyDelete
  166. - Your question has been already answered multiple times.
    - You did not use the bare minimum etiquette
    - RTFM/STFW

    ReplyDelete
  167. well thank you for your kind words, since i am new this :) as well if you would point out to where the answer is would be greatly appreciated.

    ReplyDelete
  168. remove the semicolon, e.g. 11:11:1:1 would be 111111, and that's your hexadecimal password.

    ReplyDelete
  169. Admin please remove My previous post, I cannot seem to do it.
    if you doubt my honesty please email the email and I will reply.

    ReplyDelete
  170. I'm running a MacbookPro - Intel I7 Quad Core, OS 10.7.3, I have an ALfa AWUSO36H , I installed the Kali app.I open KisMAC 0.3.3 select the driver USB RTL8187 and click start scan. AN error message comes up and says "Could not connect to the Kismet server" and "KisMac could not connect to the Kismet server at 127.0.0.1 port 2501. Check the IP address and port."
    While the error message is up I see Networks and Packets slowly increasing in number. I click OK on the error message and KisMac locks up.
    How can I resolve this?

    ReplyDelete
  171. Sketchy,
    You probably have more than one selected in the preference pane, remove all but the rtl8187.

    ReplyDelete
  172. It solved the problem. Thanks!

    ReplyDelete
  173. Hi admin:

    I get always the same mistake:

    ' 01/12/12 03:13:54,884 ReportCrash[831]: Saved crash report for KisMAC[824] version KisMAC 0.3.3 (0.3.3) to /Users/Pol/Library/Logs/DiagnosticReports/KisMAC_2012-12-01-031354_POL-MacBookPro.crash
    01/12/12 03:14:27,637 mdwrite[840]: [ERROR] [0.000s] com.apple. UBItemStatusNotification.c:805 _do_UBItemStatusNotificationRegisterURLs() can't find realpath for "/Users/Pol/Library/Mobile Documents/com~apple~system~spotlight/mdlabels", was blocked at "/Users/Pol/Library/Mobile Documents": 2 (No such file or directory)'

    I'm running a MacBookPro8,1, BootROM MBP81.0047.B27, 2 processors, Intel Core i7, 2.8 GHz, 8 GB, SMC 1.68f98
    Graphics: Intel HD Graphics 3000, Intel HD Graphics 3000, Built-In, 512 MB


    Thanks a lot for your time and help !!

    ReplyDelete
    Replies
    1. Thanks for the info, it's appreciated.
      You just forgot to mention the OS. 10.8 I suppose?

      It's pretty hard to make an educated guess as I don't know what you are doing before the crash occurs.
      Can you detail a bit?
      Thanks

      Delete
    2. Hi Admin !! I'm John,

      I recently upgraded my OS version to "OS X 10.8.2 (12C60)". Once I choose the "Apple Airport Extrem card, passive mode" capture device and start to scan for networks it suddenly crushes down. I got the message above. What am I missing ?

      Thanks a lot

      Delete
    3. 10.8. is your issue with Airport passive mode. Ain't going to work.

      Either Use an Alfa 036H
      http://kismaxx.blogspot.com/2008/11/kismac-best-compatible-wifi-card-re.html

      Or

      Boot from a USB Stick under 10.6.8
      http://easymactips.blogspot.com/2001/06/how-to-create-usb-bootable-osx-leopard.html



      Delete
  174. Hi,
    I am having the same problem as John. Can't you fix the problem by making an update of the app ?
    Thanks :)

    ReplyDelete
    Replies
    1. Fixed just as above: Use an Alfa 036H

      http://kismaxx.blogspot.com/2008/11/kismac-best-compatible-wifi-card-re.html

      Delete
  175. Isn't there a way to do that with my macbook only ? I just want to get the wifi's password just for the fun of it, I don't want to invest into a wifi card...

    ReplyDelete
    Replies
    1. Boot under OS X 10.6 with a USB thumbdrive.
      If you do not want to invest in a USB thumbdrive, or in 10.6, you could invest in a hammer or a lot of alcohol:
      If you cannot get the password from somebody drunk, try the hammer ...

      Delete
  176. KisMAC 0.3.3 (0.3.3)
    OS 10.8.5
    MacPro4,1
    AirPort Extreme (0x14E4, 0x8E)

    Hell I've been searching a lot and I couldn't find a answer to my problem.
    KisMac I just quitting every time a start a Scan.
    I use Channel 12, 13 (I am in EU)

    Growl is giving Star Scan notification and immediately KisMac Quit
    I had delete the preferences.
    Reinstalled.

    Thanks for the help

    ReplyDelete
    Replies
    1. Try without Channel 12 and 13, they often cause a crash

      Delete
  177. i have an imac running 10.5.8 and version .29 of kismac. when i scan, i get nothing. it just sits there. no hanging, just no results. what am i doing wrong?

    ReplyDelete
    Replies
    1. And the scan parameters are what? Active, Passive? With what do you scan? Airport? and which channels are you scanning? 1 to 12 , 1 to 14?

      Delete
    2. having same issue,(airport extreme) passive scanning all channels yields no results.. running on mac 10.10.1 with kismet 0.3.3

      Delete
    3. See last question asked by Ken Frick on this page.
      kismet? Do you mean KisMac?

      Delete
    4. Yes i meant KisMac.
      When i first downloaded the app i was able to scan networks and it would post their names and relevant data, now it just scans with no results.

      airport extreme, passive scanning all channels, no data dump worked once but then when i restarted the procedure the next day didn't get the same results.. so should i create a bootable drive? and how would it solve my result-less scans?

      Delete
    5. " how would it solve my result-less scans? "
      By solving your passive scan issues. Bootable with 10.6.8+ to 10.9
      Or by using an Alfa. See below for that too

      Delete
  178. I am trying to crack my WPA. I have scanned, have gotten the handshake and the green light, but when i attempt a wordlist attack against WPA key with a couple different password lists nothing happens. I understand this will take a long time but when i open the file the dialog box to open it closes like it recognizes what i want to open and the scan stops and nothing happens.

    ReplyDelete
    Replies
    1. Neil, OS version and KisMAC version.
      If it's your WPA network, just add the password at the beginning of the wordlist, it won't take a long time.
      As mentioned multiple times, the cracking engine of KisMAC can be slow. See this post http://easymactips.blogspot.com/2011/07/kraken-has-been-released.html

      Delete
    2. OS X 10.9.2 and I'm running KisMAC 0.3.4. I added my password to the top of the list but when i open the word list for a crack all the menus grey out. I can still start and stop scanning for packets but there is no indication that it is scanning my wordlist at all

      Delete
    3. Neil,
      I just tried on 10.9.2 and everything works fine. Double check your settings.

      Delete
  179. KisMAC 0.3.3 allows me to select KisMAC > Preferences... > Driver > Apple Airport Extreme card, passive mode > Channel Hopping: All > Dump Filter: Keep everything > Start Scan.
    Nothing happens as there's no driver in the KisMAC window?
    I'm using Mac OS X 10.10.1.

    ReplyDelete
    Replies
    1. Yes, the driver is b0rken on 10.1
      You can always use an Alfa http://kismaxx.blogspot.com/
      or do a retrograde on 10.8 with a thumbdrive (boot on the thumbdrive) as explained here: http://easymactips.blogspot.com/2001/06/how-to-create-usb-bootable-osx-leopard.html

      Delete
  180. Please help. Something is very wrong. The first few times I used KisMac it worked perfectly. Now it won't even show networks that are in range. Ive tried everything I can think of to fix it but it's not working

    ReplyDelete
  181. Please help. Something is very wrong. The first few times I used KisMac it worked perfectly. Now it won't even show networks that are in range. Ive tried everything I can think of to fix it but it's not working

    ReplyDelete