About rtl8187 patch v3

[ratze]

the wiki is not yet updated, i'll wait for some reports on that.

Thx @ Hirte

Injection is working @ 300 pps and chopchop is very fine (30-600 ms/xor)
Fragmentation still doesn't work (will it ever?)
As always (for me): I didn't test wep/wpa connectivity and all results were achieved using vmware

[Hirte]

Fragmentation still doesn't work (will it ever?)

I never had any problems using fragment attack, it worked since the first version of the patch...

[ratze]

Hmmmm, I only tested against a FritzBox 7050. I will try again against other routers the day after tomorrow.

[Hirte]

Hmmmm, I only tested against a FritzBox 7050. I will try again against other routers the day after tomorrow.

i also got a fritzbox (i think 7050, can't check right now) and that particular model is invulnerable to the fragmentation attack, i guess so is yours.

[darkAudax]

I tested wpa and it works just fine.

d.

[pilotsnipes]

I always seem to be the torn in the side.

At the moment I can't get my card to associate with my AP for love nor money with v4. I shall keep trying....it's definately not crashing the keyboard though. As soon as I go back to v3 or 1025 it associates first time....

[darkAudax]

pilotsnipes,

FYI, I am able to successfully associate with my AP using the v4 patch.

The v4 patch is intended to go against the rtl8187_linux_26.1010.0622.2006 version of the driver.

d.

I always seem to be the torn in the side.

At the moment I can't get my card to associate with my AP for love nor money with v4. I shall keep trying....it's definately not crashing the keyboard though. As soon as I go back to v3 or 1025 it associates first time....

[pilotsnipes]

The v4 patch is intended to go against the rtl8187_linux_26.1010.0622.2006 version of the driver.

Absolutely! Everything installs/compiles/runs perfectly! But I just can't associate which is crazy cos it works with all the others!

I'll find the problem soon!

[knotty66]

Hi all

I am using v4 of the patch with my Alfa and it works almost perfectly ;  i get just over 200 IVs which is fine for me, we don't need many nowadays with PTW of course. It doesn't lock up the keyboard either like the other version.
 
So cracking the WEP is no problem for me.

My question is (probably silly):

Has anybody with an Alfa managed to get dhcpcd to give an address either in non encrypted or WEP mode? For me it always times out, I tried dhcpclient too with the same result.


iwconfig wlan0 essid BTHH
iwconfig wlan0 key b18d269ee4 (I miss this step for non encrypted, but makes no difference)
dhcpcd wlan0   ..... times out

I am sure with my limited linux wireless knowledge I am missing something obvious.... hopefully?

Cheers for you work on these drivers!

Knotty66

PS I am using backtrack 2 final, aircrack 0.9, v4 patched rtl8187 drivers in a vmware 6 VM under XP Pro SP2 on a Macbook Pro.  BTHH is my own router and is about 2 metres away from the Alfa so signal shouldn't be a problem.

[darkAudax]

knotty66,

I have used the older drivers to do dhcp with the alfa.

Make sure to bring your interface up.  After this and prior to running dhcpd, use iwconfig and confirm you have a status of "linked".  Otherwise you are not connected.  While it is trying it will say "link" or "link..".

d.

[pilotsnipes]

Ok, I'm sorry to be annoying ye's - but this is infuriating!

I went back to basics. VMWARE machine, running "clean" original BT2, no previous patches applied.

1) Open Terminal window:

ifconfig wlan0 down   
rmmod r8187.ko   
rmmod ieee80211-rtl.ko   
rmmod ieee80211_crypt_ccmp-rtl.ko   
rmmod ieee80211_crypt_tkip-rtl.ko   
rmmod ieee80211_crypt_wep-rtl.ko   
rmmod ieee80211_crypt-rtl.ko
wget ftp://220.228.150.22/cn/wlan/rtl8187_linux_26.1010.zip
unzip rtl8187_linux_26.1010.zip
cd rtl8187_linux_26.1010.0622.2006/
wget http://patches.aircrack-ng.org/rtl8187_2.6.20v4.patch
tar xzf drv.tar.gz
tar xzf stack.tar.gz
patch -Np1 -i rtl8187_2.6.20v4.patch
make
make install


Everything compiles and installs - no errors.

(Also install aircrack-svn - no errors on compile)

2) Now I plug in my Alfa.


3) Open 2 new terminal windows, In Window 1, I run this command

airmon-ng start wlan0
airodump-ng -w output -c5 wlan0    (My AP is on channel 5)


In the second window I put

aireplay-ng -1 0 -h 00:c0:ca:17:xx:xx -e 'zixxx' -a 00:11:09:F8:xx:xx wlan0   (Where x's are correct values)

It never associates!!! With 2.6.20v3  or even the very buggy 1025 patch it would associate (and does if I revert back) instantly. I do exactly the same thing only replacing rtl8187_2.6.20v4.patch with rtl8187_2.6.20v3.patch and I can associate no problems.

Is the order of me doing these things ANY different to those of you who are getting it to work. I'd love to use v4 as there's NO keyboard crashing AND the power settings look great!!

Thanks for your time...

[darkAudax]

pilotsnipes,

Run script: wlan0up
Current MAC: 00:c0:ca:17:db:6a (Alfa, Inc.)


airmon-ng start wlan0 9


Interface       Chipset         Driver

wifi0           Atheros         madwifi-ng
ath0            Atheros         madwifi-ng VAP (parent: wifi0)
wlan0           RTL8187         r8187 (monitor mode enabled)

aireplay-ng -1 6000 -o 1 -q 10  -e teddy  -a 00:14:6C:7E:40:80 -h 00:c0:ca:17:db:6a wlan0
14:14:28  Waiting for beacon frame (BSSID: 00:14:6C:7E:40:80)
14:14:29  Sending Authentication Request
14:14:29  Authentication successful
14:14:29  Sending Association Request
14:14:29  Association successful :-)
14:14:39  Sending keep-alive packet


For yourself, are you on the correct channel?  Try "aireplay-ng -1 6000 -o 1 -q 10".  You can also sniff with tcpdump on the interface to make sure you are receiving packets.

d.

[pilotsnipes]

pilotsnipes,

Run script: wlan0up

GOD DAMMIT!!

That was it - I had forgotten to run the wlan0up script which makes all the difference, for some reason it was working even if I had forgotten to run it with v3 etc.

Thank you for pointing it out. I hated being the odd one out. Initial tests show indeed a better ivs/sec rate (now getting normally 250-300) than previous patches. No keyboard crashes, and seems very stable. Well done chaps!

I did find that I needed to limit the card using -x 250 - for me that's the sweet spot....is it any use putting either these bits of info on the wiki? ie. the need to use wlan0up script AND the possibility of needed to limit the card to get much improved speeds?

I appreciate your help darkAudax.

[knotty66]

darkAudax

Thanks for your helpful reply! 

I have tried V3 and V4 of the patch so far and following your advice I get 'link..' .. but never 'linked'.

I've tried doing things through the GUI wireless assistant in backtrack too and it times out during connection in the same way, it works fine in OSX and XP of course.

Do you remember which version of the patch and driver you were using when you got dhcp to work ?

Cheers, Knotty66

[darkAudax]

pilotsnipes,

Following the new install instructions should put the modules into the correct locations and be loaded at boot time.  You should not really have to run the script.  Maybe investigate what is happening on your PC.

The "-x 250" suggestion has been added.

d.

pilotsnipes,

Run script: wlan0up

GOD DAMMIT!!

That was it - I had forgotten to run the wlan0up script which makes all the difference, for some reason it was working even if I had forgotten to run it with v3 etc.

Thank you for pointing it out. I hated being the odd one out. Initial tests show indeed a better ivs/sec rate (now getting normally 250-300) than previous patches. No keyboard crashes, and seems very stable. Well done chaps!

I did find that I needed to limit the card using -x 250 - for me that's the sweet spot....is it any use putting either these bits of info on the wiki? ie. the need to use wlan0up script AND the possibility of needed to limit the card to get much improved speeds?

I appreciate your help darkAudax.