PaulDotCom mailing list archives
packet injection on ipw2200bg
From: mailing at vankets.com (Bert Van Kets)
Date: Fri, 04 Sep 2009 23:26:10 +0200
Hi all, I would like to use the build in network card of my Dell Latitude D510 (Intel IPW2200BG) to demonstrate the (in)security of WEP. The two major internet providers in Belgium install wireless routers using WEP encryption. A perfect situation for an IT consultant like me to set up security properly afterwards. Of course I will have to able to demonstrate how easy it is to crack WEP. I would like to do this without added hardware like PCMCIA cards or USB dongles and *without any connected clients*. I have managed to crack my own WEP key using aircrack-ng by creating traffic using a second computer. That required moving about 600MB of data over the wireless. Not an ideal situation for demo purposes. Hence the requirement for packet injection. I'm using Backtrack 3 for this. AFAIK this live CD contains the patched kernel module. Here's what I do: - airodump-ng eth1 (to get the channel and possibly the ESSID of the AP) - rmmod ipw2200 - modprobe ipw2200 rtap_iface=1 channel=<AP-channel> - ifconfig eth1 essid <essid> - ifconfig eth1 key s:fakekey - ifconfig eth1 mode managed - ifconfig eth1 up - ifconfig rtap0 up - airodump-ng -c <AP-channel> -w dump -bssid <AP-Mac> -ivs eth1 In new window - aireplay-ng --arpreplay -b <AP-Mac> -h <Mac> -i rtap0 eth1 As I do not manage to capture any arp packages I can not replay them and can not get any IVs so running aicrack-ng has not been at order yet. :-( What am I missing? What are the requirements for the IPW2200 card to be able to use arpreplay attacks? I can not successfully run "iwconfig eth1 ap <AP-Mac>". I always get errors saying that the AP parameter does not accept a Mac address even though the manual says the command is correct. Do I need to configure an AP? How??? Thanks for any help. Bert
Current thread:
- packet injection on ipw2200bg Bert Van Kets (Sep 04)
- packet injection on ipw2200bg Jason Jones (Sep 05)
- packet injection on ipw2200bg Bert Van Kets (Sep 07)
- packet injection on ipw2200bg Bert Van Kets (Sep 09)
- packet injection on ipw2200bg Bert Van Kets (Sep 11)
- packet injection on ipw2200bg Nicholas B. (Sep 11)
- packet injection on ipw2200bg Jim Chrisos (Sep 11)
- packet injection on ipw2200bg Bert Van Kets (Sep 14)
- packet injection on ipw2200bg Bert Van Kets (Sep 07)
- packet injection on ipw2200bg byte.bucket at 4a44.com (Sep 11)
- packet injection on ipw2200bg Jason Jones (Sep 05)