Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

Sorry Guest, you are banned from posting and sending personal messages on this forum.

This ban is not set to expire.

[9147]

Hello all,

Anyone would have a suggestion on a USB adapter capable to inject: a CTS / RTS flood and a Deauth flood in the 5 GHz band (802.11a)?

So far I've been successful with these injections in the 2.4 GHz band only (802.11b/g)

TIA

[Jano]

Hi 9147
- Injection test on "band a" work correctly?
- Post your:

Code: [Select]

sudo iw phy0 info
Bye Jano

[9147]

Hi 9147
- Injection test on "band a" work correctly?
- Post your:

Code: [Select]

sudo iw phy0 info
Bye Jano

Hello Jano,

Here is the info:

-----Injection test on Channel 36

root@kali-1:~# airmon-ng start wlan7 36


Interface   Chipset      Driver

wlan7      Ralink RT2870/3070   rt2800usb - [phy0]
            (monitor mode enabled on mon0)

root@kali-1:~# airmon-ng


Interface   Chipset      Driver

wlan7      Ralink RT2870/3070   rt2800usb - [phy0]
mon0      Ralink RT2870/3070   rt2800usb - [phy0]


root@kali-1:~# iwconfig
lo        no wireless extensions.

wlan7     IEEE 802.11abgn  ESSID:off/any 
          Mode:Managed  Access Point: Not-Associated   Tx-Power=20 dBm   
          Retry  long limit:7   RTS thr:off   Fragment thr:off
          Encryption key:off
          Power Management:on
         
mon0      IEEE 802.11abgn  Mode:Monitor  Frequency:5.18 GHz  Tx-Power=20 dBm   
          Retry  long limit:7   RTS thr:off   Fragment thr:off
          Power Management:on
         
eth1      no wireless extensions.

root@kali-1:~# aireplay-ng -9 mon0
15:20:35  Trying broadcast probe requests...
15:20:36  Injection is working!
15:20:37  Found 1 AP


-----sudo iw phy0 info

root@kali-1:~# sudo iw phy0 info
Wiphy phy0
   Band 1:
      Capabilities: 0x272
         HT20/HT40
         Static SM Power Save
         RX Greenfield
         RX HT20 SGI
         RX HT40 SGI
         RX STBC 2-streams
         Max AMSDU length: 3839 bytes
         No DSSS/CCK HT40
      Maximum RX AMPDU length 65535 bytes (exponent: 0x003)
      Minimum RX AMPDU time spacing: 2 usec (0x04)
      HT RX MCS rate indexes supported: 0-15, 32
      TX unequal modulation not supported
      HT TX Max spatial streams: 1
      HT TX MCS rate indexes supported may differ
      Frequencies:
         * 2412 MHz [1] (20.0 dBm)
         * 2417 MHz [2] (20.0 dBm)
         * 2422 MHz [3] (20.0 dBm)
         * 2427 MHz [4] (20.0 dBm)
         * 2432 MHz [5] (20.0 dBm)
         * 2437 MHz [6] (20.0 dBm)
         * 2442 MHz [7] (20.0 dBm)
         * 2447 MHz [8] (20.0 dBm)
         * 2452 MHz [9] (20.0 dBm)
         * 2457 MHz [10] (20.0 dBm)
         * 2462 MHz [11] (20.0 dBm)
         * 2467 MHz [12] (20.0 dBm) (passive scanning, no IBSS)
         * 2472 MHz [13] (20.0 dBm) (passive scanning, no IBSS)
         * 2484 MHz [14] (20.0 dBm) (passive scanning, no IBSS)
      Bitrates (non-HT):
         * 1.0 Mbps
         * 2.0 Mbps (short preamble supported)
         * 5.5 Mbps (short preamble supported)
         * 11.0 Mbps (short preamble supported)
         * 6.0 Mbps
         * 9.0 Mbps
         * 12.0 Mbps
         * 18.0 Mbps
         * 24.0 Mbps
         * 36.0 Mbps
         * 48.0 Mbps
         * 54.0 Mbps
   Band 2:
      Capabilities: 0x272
         HT20/HT40
         Static SM Power Save
         RX Greenfield
         RX HT20 SGI
         RX HT40 SGI
         RX STBC 2-streams
         Max AMSDU length: 3839 bytes
         No DSSS/CCK HT40
      Maximum RX AMPDU length 65535 bytes (exponent: 0x003)
      Minimum RX AMPDU time spacing: 2 usec (0x04)
      HT RX MCS rate indexes supported: 0-15, 32
      TX unequal modulation not supported
      HT TX Max spatial streams: 1
      HT TX MCS rate indexes supported may differ
      Frequencies:
         * 5180 MHz [36] (20.0 dBm)
         * 5190 MHz [38] (20.0 dBm) (passive scanning, no IBSS)
         * 5200 MHz [40] (20.0 dBm) (passive scanning, no IBSS)
         * 5220 MHz [44] (20.0 dBm) (passive scanning, no IBSS)
         * 5230 MHz [46] (20.0 dBm) (passive scanning, no IBSS)
         * 5240 MHz [48] (20.0 dBm)
         * 5260 MHz [52] (disabled)
         * 5270 MHz [54] (disabled)
         * 5280 MHz [56] (disabled)
         * 5300 MHz [60] (disabled)
         * 5310 MHz [62] (disabled)
         * 5320 MHz [64] (disabled)
         * 5500 MHz [100] (disabled)
         * 5510 MHz [102] (disabled)
         * 5520 MHz [104] (disabled)
         * 5540 MHz [108] (disabled)
         * 5550 MHz [110] (disabled)
         * 5560 MHz [112] (disabled)
         * 5580 MHz [116] (disabled)
         * 5590 MHz [118] (disabled)
         * 5600 MHz [120] (disabled)
         * 5620 MHz [124] (disabled)
         * 5630 MHz [126] (disabled)
         * 5640 MHz [128] (disabled)
         * 5660 MHz [132] (disabled)
         * 5670 MHz [134] (disabled)
         * 5680 MHz [136] (disabled)
         * 5700 MHz [140] (disabled)
         * 5745 MHz [149] (20.0 dBm) (passive scanning, no IBSS)
         * 5755 MHz [151] (20.0 dBm) (passive scanning, no IBSS)
         * 5765 MHz [153] (20.0 dBm) (passive scanning, no IBSS)
         * 5785 MHz [157] (20.0 dBm) (passive scanning, no IBSS)
         * 5795 MHz [159] (20.0 dBm) (passive scanning, no IBSS)
         * 5805 MHz [161] (20.0 dBm) (passive scanning, no IBSS)
         * 5825 MHz [165] (20.0 dBm) (passive scanning, no IBSS)
         * 5835 MHz [167] (disabled)
         * 5845 MHz [169] (disabled)
         * 5855 MHz [171] (disabled)
         * 5865 MHz [173] (disabled)
         * 4920 MHz [-16] (disabled)
         * 4940 MHz [-12] (disabled)
         * 4960 MHz [-8] (disabled)
         * 4980 MHz [-4] (disabled)
         * 6040 MHz [208] (disabled)
         * 6060 MHz [212] (disabled)
         * 6080 MHz [216] (disabled)
      Bitrates (non-HT):
         * 6.0 Mbps
         * 9.0 Mbps
         * 12.0 Mbps
         * 18.0 Mbps
         * 24.0 Mbps
         * 36.0 Mbps
         * 48.0 Mbps
         * 54.0 Mbps
   max # scan SSIDs: 4
   max scan IEs length: 2257 bytes
   Coverage class: 0 (up to 0m)
   Supported Ciphers:
      * WEP40 (00-0f-ac:1)
      * WEP104 (00-0f-ac:5)
      * TKIP (00-0f-ac:2)
      * CCMP (00-0f-ac:4)
   Available Antennas: TX 0 RX 0
   Supported interface modes:
       * IBSS
       * managed
       * AP
       * AP/VLAN
       * WDS
       * monitor
       * mesh point
   software interface modes (can always be added):
       * AP/VLAN
       * monitor
   valid interface combinations:
       * #{ AP } <= 8,
         total <= 8, #channels <= 1
   Supported commands:
       * new_interface
       * set_interface
       * new_key
       * new_beacon
       * new_station
       * new_mpath
       * set_mesh_params
       * set_bss
       * authenticate
       * associate
       * deauthenticate
       * disassociate
       * join_ibss
       * join_mesh
       * set_tx_bitrate_mask
       * action
       * frame_wait_cancel
       * set_wiphy_netns
       * set_channel
       * set_wds_peer
       * Unknown command (84)
       * Unknown command (87)
       * Unknown command (85)
       * Unknown command (89)
       * connect
       * disconnect
   Supported TX frame types:
       * IBSS: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
       * managed: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
       * AP: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
       * AP/VLAN: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
       * mesh point: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
       * P2P-client: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
       * P2P-GO: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
       * Unknown mode (10): 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
   Supported RX frame types:
       * IBSS: 0xb0 0xc0 0xd0
       * managed: 0x40 0xd0
       * AP: 0x00 0x20 0x40 0xa0 0xb0 0xc0 0xd0
       * AP/VLAN: 0x00 0x20 0x40 0xa0 0xb0 0xc0 0xd0
       * mesh point: 0xb0 0xc0 0xd0
       * P2P-client: 0x40 0xd0
       * P2P-GO: 0x00 0x20 0x40 0xa0 0xb0 0xc0 0xd0
       * Unknown mode (10): 0x40 0xd0
   Device supports RSN-IBSS.
   HT Capability overrides:
       * MCS: ff ff ff ff ff ff ff ff ff ff
       * maximum A-MSDU length
       * supported channel width
       * short GI for 40 MHz
       * max A-MPDU length exponent
       * min MPDU start spacing
   Device supports TX status socket option.
   Device supports HT-IBSS.
root@kali-1:~#

[Jano]

@9147,
- Your wireless card/driver should work.

- You have tried to crack/test a network on that frequency ?
(for example on channel 36)

- However, Aircrack-ng work properly on the 5Ghz band, if your tests fail is driver issue (the rt2800usb not work very good).

- In my Country this frequency is not used very much, and for my tests using an ALFA-AWUS050NH and Intel PRO/Wireless 3945ABG.
- I attacked my capture files recovered during  the the tests of WEP and WPA/WPA2 encryption and all works fine.

NOTE:
- This Forum not accept large file and this is the link for download:
1) - www.janoweb.net/test/Test-5Ghz-WEP.cap-01.cap.7z
2) - www.janoweb.net/test/Test-5Ghz-Wpa.cap-01.cap.7z
- The WPA passphrase is "testtest"
 
Bye Jano

[9147]

Hi Jano,

Thanks for your reply and capture samples. I tried again, this time with the same USB adapter you use (ALFA-AWUS050NH) and it now works! My previous adapter may be failed.

Regards.