Help - Search - Members - Calendar
Full Version: Wesside-ng & Easside-ng
OESF Forums > Distros, Development, and Model Specific Forums > Distro Support and Discussion > Debian
same
hello,

is wesside-ng (-k option enabled)/easside-ng working (apt-get install aircrack-ng)?

would be the perfect tool for using with zaurus on the road

QUOTE
"Wesside-ng is an auto-magic tool which incorporates a number of techniques to seamlessly obtain a WEP key in minutes. It first identifies a network, then proceeds to associate with it, obtain PRGA (pseudo random generation algorithm) xor data, determine the network IP scheme, reinject ARP requests and finally determine the WEP key. All this is done without your intervention."
http://www.aircrack-ng.org/doku.php?id=wesside-ng

Thnx for sharing your experience

(EDIT) usage examples:

wesside-ng
CODE
wesside-ng -i wlan0 -v $AP_MAC -c $AP_CHAN


easside-ng
CODE
buddy-ng
easside-ng -f wlan0 -s 127.0.0.1 -v $AP_MAC -c $AP_CHAN
Capn_Fish
I don't think we can use it until Yoggun's kernel is patched for HostAP packet injection (I already PM'd him about it and gave him the patch link, so it ought to be in the next realease, thanks 2or0!).
same

thnx for the info Capn.

I installed debian some time ago (uboot age), but moved back to pdaxrom. if aircrack-ng beta2 works on debian i'll consider installing eabi again with dualbooting pdaxrom (cause does too many things eabi can't dry.gif )
2or0
QUOTE(Capn_Fish @ May 13 2008, 03:42 AM) *
I don't think we can use it until Yoggun's kernel is patched for HostAP packet injection (I already PM'd him about it and gave him the patch link, so it ought to be in the next realease, thanks 2or0!).


The kernel was patched for 'HostAP packet injection'. If someone is interested, download and test the modules.
http://yonggun.tistory.com/72
same
lol

2oro, you always have it done before we claim! thanx for your work

then, can anyone test wesside-ng?

PS: testing injection

CODE
aireplay-ng -9 wlan0


it should reply something like this:

CODE
16:29:41  wlan0 channel: 9
16:29:41  Trying broadcast probe requests...
16:29:41  Injection is working!
16:29:42  Found 5 APs

16:29:42  Trying directed probe requests...
16:29:42  00:09:5B:5C:CD:2A - channel: 11 - 'NETGEAR'
16:29:48  0/30: 0%
16:29:48  00:14:BF:A8:65:AC - channel: 9 - 'title'
16:29:54  0/30: 0%
16:29:54  00:14:6C:7E:40:80 - channel: 9 - 'teddy'
16:29:55  Ping (min/avg/max): 2.763ms/4.190ms/8.159ms
16:29:55  27/30: 90%
16:29:55  00:C0:49:E2:C4:39 - channel: 11 - 'mossy'
16:30:01  0/30: 0%
16:30:01  00:0F:66:C3:14:4E - channel: 9 - 'tupper'
16:30:07  0/30: 0%


http://www.aircrack-ng.org/doku.php?id=inj...0482eb4a66345ab
Capn_Fish
It worked for me (the test), but in real-world testing, it didn't. I'm marking it down to a touchy card.
same
QUOTE(Capn_Fish @ May 14 2008, 03:55 AM) *
It worked for me (the test), but in real-world testing, it didn't. I'm marking it down to a touchy card.


that's good, thanx for replying

┐are you using airoscript for the aircrack-ng suite? it's quite easy to use all-together

on the other hand, by "touchy card" i guess you mean low range? you could try to put a LR03 battery (unloaded is ok, no need to be brand new) on the CF card
Click to view attachment
easy mod to extend range (mine is a planex GW-CF11H). play with the position of the battery to get the best range.

anyway, would be nice that someone could post the impressions on using wesside-ng & easside-ng on the zaurus, in pdaxrom the wesside-ng version has no -k param, and I always get "ERROR max"

I know I should test it myself, but I had a hard time restoring all my customization of pdaxrom, couldn't fully restore my backup and I need a good reason to reinstall debian, again huh.gif
Capn_Fish
By "touchy" I mean it SHOULD inject, but won't under some OSs and conditions (in pdaX, it needed its MAC changed, in Angstrom, it worked only without changing the MAC).

EDIT: airoscript doesn't work either. I'll run more tests later (it had errors, but closed the terminal windows too fast to read them).
BarryW
QUOTE(same @ May 14 2008, 01:06 PM) *
QUOTE(Capn_Fish @ May 14 2008, 03:55 AM) *
It worked for me (the test), but in real-world testing, it didn't. I'm marking it down to a touchy card.


that's good, thanx for replying

┐are you using airoscript for the aircrack-ng suite? it's quite easy to use all-together

on the other hand, by "touchy card" i guess you mean low range? you could try to put a LR03 battery (unloaded is ok, no need to be brand new) on the CF card
Click to view attachment
easy mod to extend range (mine is a planex GW-CF11H). play with the position of the battery to get the best range.

anyway, would be nice that someone could post the impressions on using wesside-ng & easside-ng on the zaurus, in pdaxrom the wesside-ng version has no -k param, and I always get "ERROR max"

I know I should test it myself, but I had a hard time restoring all my customization of pdaxrom, couldn't fully restore my backup and I need a good reason to reinstall debian, again huh.gif

You've got one of those "gold" stickers on the back of your cell phone too don't you.
same
Capn
QUOTE
EDIT: airoscript doesn't work either. I'll run more tests later (it had errors, but closed the terminal windows too fast to read them).
just watch the initial variables of airoscript.sh, you could have to change something.
for closing windows change DEBUG=0 to DEBUG=1, it will hold shell windows to see the error

Barry
QUOTE
You've got one of those "gold" stickers on the back of your cell phone too don't you.


┐have you tried that? i suppose not. the battery is just concentrating the WiFi signal, much as would any metallic item ( nail/screw etc) that acts as a radio antenna.

You don't need a battery- maybe just wrap some wire around the CF card & move it near a window (and keep doing the idiot), but battery is the more portable and does a very good job, at least for my card scheme.

use a program that reports you real time signal values, test things before talkin shit. or just shut up

EDIT: the gold sticker in action, from 3 APs seen to 15 or 20 APs.
mikeones
QUOTE(BarryW @ May 14 2008, 05:07 PM) *
You've got one of those "gold" stickers on the back of your cell phone too don't you.

/me wonders if BarryW is on netstumbler.org forums... :-/
maemorandum
Zero:
- You can dismantle the spcelink cf-card to solder a sma-connector for better signals.

First:
- The kernel-driver for hostap is already patched for packet-injection. This seems surprising - but if you know how to test is, you will see, smile.gif

Second:
- Airoscript works perfect on eabi/yonggun with the patches hostap-drivers. If you know how to use it and how to set the parameters - test it.

Third:
- wesside-ng and easside-ng are absolutely experimental. And important: Both technics won┤t work with the hostap-drivers.
You have to use other drivers for it. Unfortunately there are no other patched drivers skipped with this kernel.

Forth:
- Do not play around with wep-cracking-technics if you absulutely don┤t know what you are doing!!!!!!!!! Only use them for your own ap - or yours might be the next victim. smile.gif
same
maemorandum thnx for your reply, very helpfull for this topic

as I could read so far:

QUOTE
Hostap Limitations
There are some important limitations with this driver:

Fragmentation attack does not work
...

http://www.aircrack-ng.org/doku.php?id=hostap

as wesside-ng uses fragmentation tech, it's not going to do anything with hostap driver
zeroc87
can I install this kernel with uboot bootloader and not with sharp bootloader?thanks
xamindar
anyone still messing with these? It looks like yongguns hostap driver doesn't even work at all. I get better luck with the orinoco drivers which don't even have injection. with orinoco "aireplay -9 eth4" at least gives me results that it found APs, but with hostap it just gives three messages about "invalid skb-cb magic" or something and quits.

wesside-ng just scans forever never finding any APs with hostap whereas with orinoco it finds one right away and attempts to crack it.

Is hostap just broken on yongguns kernel or am I missing something?
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2014 Invision Power Services, Inc.