Author Topic: Aircrack  (Read 2949 times)

VirtusRex

  • Full Member
  • ***
  • Posts: 126
    • View Profile
Aircrack
« on: May 04, 2006, 12:22:46 pm »
Hello all,

I don’t know if anyone out there has played around with aircrack, but I can’t seem to get ARP-request replay attack to work correctly.

The problem is everytime I run the following code:

aireplay -3 -b 00:13:10:30:24:9C -h 00:11:22:33:44:55 eth0
 
I get the following message:

Saving ARP request in replay_arp_1203-14640.cap
You must also start airodump to capture replies.
Got a deauth/disassoc packet from the AP - Is the source MAC associated?
Read 5999(got 0 ARP requests), sent 0 packets …


In the past I’ve run this on a laptop with no problems, but for some reason it gives me this message when I use on my Zaurus.

My Zaurus c760 is running PDAXROM 1.1.0beta3, Symbol CF card.

Thanks,

Virtusrex

Wildherb

  • Jr. Member
  • **
  • Posts: 92
    • View Profile
Aircrack
« Reply #1 on: May 05, 2006, 12:16:35 pm »
Quote
Hello all,

I don’t know if anyone out there has played around with aircrack, but I can’t seem to get ARP-request replay attack to work correctly.

The problem is everytime I run the following code:

aireplay -3 -b 00:13:10:30:24:9C -h 00:11:22:33:44:55 eth0
 
I get the following message:

Saving ARP request in replay_arp_1203-14640.cap
You must also start airodump to capture replies.
Got a deauth/disassoc packet from the AP - Is the source MAC associated?
Read 5999(got 0 ARP requests), sent 0 packets …


In the past I’ve run this on a laptop with no problems, but for some reason it gives me this message when I use on my Zaurus.

My Zaurus c760 is running PDAXROM 1.1.0beta3, Symbol CF card.

Thanks,

Virtusrex
[div align=\"right\"][a href=\"index.php?act=findpost&pid=125729\"][{POST_SNAPBACK}][/a][/div]


I have not tried Aircrack myself but I have spent quite a lot of time playing with security tools on various Z platforms including pdaXrom. My advice is first to run tcpdump or ethereal and ensure that you can capture data in promiscuous mode. I've tried pdaXrom on a C3000 with an Ambicom card and had no luck. To capture data intended for other hosts I must put the wireless card into full RF monitor mode and if you do that, then you cant send packets!

I have never used a C7xx model so I dont know if the same holds true but I suspect it will and that this is your problem. Incidentally, I've come across some laptops have this problem too.

When I use the Sharp ROM, promiscuous mode works perfectly which is why I favour it for security applications. By installing PocketWorkstation you can get all the latest security tools and actually get full use of them through the console using the chroot command!

For information, I could not get Cacko on the C3000 to operate in promiscuous mode. I've also tried the latest versions of OZ (OPIE and GPE). In both cases, they did appear to operate correctly for a short time but then stopped capturing. Dont know why which is a shame because the new releases do look very promising.
C3000 running OpenBSD 4.4
C3100 running OpenZaurus

VirtusRex

  • Full Member
  • ***
  • Posts: 126
    • View Profile
Aircrack
« Reply #2 on: May 05, 2006, 12:27:46 pm »
Well I did a little reading and it seems that Symbol Wireless cards are based on Orinoco drivers, which are unable to do packet injection. That would explain why I can use airodump no problem, but aireplay seems to act strange. I'm getting my hands on a Dlink CF wireless card in a week, which will allow me to test aireplay on another wireless card with a different chip set.

realm

  • Jr. Member
  • **
  • Posts: 79
    • View Profile
    • http://
Aircrack
« Reply #3 on: May 09, 2006, 11:44:27 am »
Quote
Well I did a little reading and it seems that Symbol Wireless cards are based on Orinoco drivers, which are unable to do packet injection. That would explain why I can use airodump no problem, but aireplay seems to act strange. I'm getting my hands on a Dlink CF wireless card in a week, which will allow me to test aireplay on another wireless card with a different chip set.
[div align=\"right\"][a href=\"index.php?act=findpost&pid=125871\"][{POST_SNAPBACK}][/a][/div]

Many cards that work with orinoco drivers will also work with hoastap drivers because they are based on prism2 chips. try and edit your pcmcia config so that instead of binding  your card to orinoco so it binds your card to a hostap driver, they you should be good to go
SL-C860   r197
SL-C3000 Angstrom with e17 /1 Gig SD/Senao Wifi/CF Bluetooth/CF GPS

VirtusRex

  • Full Member
  • ***
  • Posts: 126
    • View Profile
Aircrack
« Reply #4 on: May 09, 2006, 11:55:47 am »
Quote
Quote
Well I did a little reading and it seems that Symbol Wireless cards are based on Orinoco drivers, which are unable to do packet injection. That would explain why I can use airodump no problem, but aireplay seems to act strange. I'm getting my hands on a Dlink CF wireless card in a week, which will allow me to test aireplay on another wireless card with a different chip set.
[div align=\"right\"][a href=\"index.php?act=findpost&pid=125871\"][{POST_SNAPBACK}][/a][/div]

Many cards that work with orinoco drivers will also work with hoastap drivers because they are based on prism2 chips. try and edit your pcmcia config so that instead of binding  your card to orinoco so it binds your card to a hostap driver, they you should be good to go
[div align=\"right\"][a href=\"index.php?act=findpost&pid=126296\"][{POST_SNAPBACK}][/a][/div]

Ok, sounds good. How and where would I do this? What file do I need to modify?

Glaive

  • Newbie
  • *
  • Posts: 18
    • View Profile
Aircrack
« Reply #5 on: May 11, 2006, 02:51:38 pm »
edit /etc/pcmcia/hostap_cs.conf
there you add an entry for your card or edit it if you allready have it so it looks like this

card "enter name of card here"
manfid (you enter 2 comma separated values which you can find with the "cardctl info" command, it looks like for example MANFID=0319,0000. You write these 2 values)
bind "hostap_cs"  (this indicates that you want to use the hostap driver)

then eject/insert your card

hope this helps
Zaurus C3100 /Pdaxrom 1.1.0beta4  + 1GB CF + D-link 660w
Asus Z71v laptop w/Ubuntu 6.06
Athlon XP desktop w/Freebsd 5.3

VirtusRex

  • Full Member
  • ***
  • Posts: 126
    • View Profile
Aircrack
« Reply #6 on: May 11, 2006, 08:12:04 pm »
Quote
edit /etc/pcmcia/hostap_cs.conf
there you add an entry for your card or edit it if you allready have it so it looks like this

card "enter name of card here"
manfid (you enter 2 comma separated values which you can find with the "cardctl info" command, it looks like for example MANFID=0319,0000. You write these 2 values)
bind "hostap_cs"  (this indicates that you want to use the hostap driver)

then eject/insert your card

hope this helps
[div align=\"right\"][a href=\"index.php?act=findpost&pid=126591\"][{POST_SNAPBACK}][/a][/div]

Hello Glaive,

Thanks for the info. Ok, I went to my hostap_cs.conf file and entered it exactly how it appears in my spectrum.conf file. Then rem out the copy in the spectrum.conf as not to reference it.

spectrum.conf
card "LA4100 Spectrum24 CF WLAN Card"
manfid 0x26c, 0x0001
bind "spectrum_cs"


hostap_cs.conf
card "LA4100 Spectrum24 CF WLAN Card"
manfid 0x26c, 0x0001
bind "hostap_cs"

Then eject and insert my wifi card.

Still didn't work. Not sure how to proceed next, I don't think my card can use hostap drivers.

Thanks for all your help Glaive.

Virtusrex