Atheros 5212 and Wifi Exploits

[mrowley at esoft.com (mat)]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Yeah, im assuming thats what the airmon-ng script does, but even when I
do that command manually and try to run an exploit with msfconsole I get
this error

msf auxiliary(daringphucball) > run
Unable to open proc device "/proc/sys/dev/ath1/rawdev", fopen: No such
file or directory
Error enabling athXraw interface.
[-] Auxiliary failed: Lorcon could not open the interface

when you are doing stuff with airpwn, is lorcon trying to write to this
same place?  Do you even have a /proc/sys/dev/ath1?  Im not sure exactly
how this works, but im assuming that msf will tell lorcon to put packets
on the wire and lorcon uses that file to do so.  Maybe im missing
something.  Im gonna mess around with some source code later, maybe I
can get it working.



Burns Bryan wrote:
> I've had decent luck doing custom packet generation using madwifi-ng
> drivers and lorcon as part of airpwn. In order to send arbitrary packets
> I have to create a new interface in monitor mode using the following
> command:
>
> wlanconfig ath1 create wlandev wifi0 wlanmode monitor
> ifconfig ath1 up
>
> -Bryan
>
> On Nov 14, 2006, at 11:46 AM, max moser wrote:
>
> > Hi there,
> >
> > as far as i know, the madwifi-ng driver is not best choice for
> > arbitrary packet generation.
> > Prism64/GT is the best choice for that. As far as i remember packet
> > generation on madwifi-ng has problems
> > with not being able to completely control all fields in a packet.
> > (Sequences etc)
> >
> > Madwifi-old should be better but did not test it lately.
> >
> > Hope this helps. Btw i right now try to prepare a special iso of
> > BackTrack to demonstrate this attack. If you like i can
> > post it here when i was successful.
> >
> > Greetings
> >
> > Max
> >
> > ---
> >
> > On Nov 14, 2006, at 7:56 PM, H D Moore wrote:
> >
> > > I haven't had any luck using lorcon with madwifi-ng (all testing is
> > > performed with madwifi-old and a WPN511 Netgear PC card).
> > >
> > > -HD
> > >
> > > On Tuesday 14 November 2006 11:40, mat wrote:
> > > > Im trying to get the daringphucball exploit to work with my Atheros
> > > > 5212 card, but I am receiving this error.
> > > >
> > > > Unable to open proc device "/proc/sys/dev/ath1/rawdev", fopen: No such
> > > > file or directory


- --


\\ Mathew Rowley
\\ eSoft Inc.
\\ email: echo 'kpmujcw>cqmdr,amk'|perl -pe 's/(.)/chr(ord($1)+2)/ge;'
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iD8DBQFFWkWq47s/xIwy7o0RAi2eAJ0TvjSWeJ3cMqtFJfUUaPQESar7ewCfaPl9
xgeA6hylF/okJ4aarSEpd5g=
=T+dA
-----END PGP SIGNATURE-----