Aircrack-ng forum
General Category => Useful stuff => Topic started by: otousama on September 02, 2013, 09:48:53 pm
-
Hi all, as the title says I have a problem with the channel not being fixed and messing up with aireplay.
I followed your guide for WEP cracking without clients (http://www.aircrack-ng.org/doku.php?id=how_to_crack_wep_with_no_clients) and got stuck when tried to fake authentication with aireplay.
This is the command I tried:
aireplay-ng -1 0 -q 10 -e Cisco_WEP_Test -a 00:**:**:**:**:** -h 00:**:**:**:**:** mon0
Waiting for beacon frame (BSSID: 00:**:**:**:**:**) on channel -1
Couldn't determine current channel for mon0, you should either force the operation with --ignore-negative-one or apply a kernel patch
Adding --ignore-negative-one to the line:
aireplay-ng -1 0 -q 10 -e Cisco_WEP_Test -a 00:**:**:**:**:** -h 00:**:**:**:**:** --ignore-negative-one mon0
Waiting for beacon frame (BSSID: 00:**:**:**:**:**) on channel -1
Sending Authentication Request (Open System) [ACK]
Switching to shared key authentication
Read 21 packets...
And here it get stuck indefinitely.
Even airodump is displaying the -1 in channel:
CH 7 ][ Elapsed: 32 mins ][ 2013-09-02 23:06 ][ fixed channel mon0: -1
My setup:
Linux version 3.2.0-4-amd64 (debian-kernel@lists.debian.org) (gcc version 4.6.3 (Debian 4.6.3-14) ) #1 SMP Debian 3.2.46-1+deb7u1
Aircrack-ng 1.2 beta1
Default debian drivers (Unpatched)
RTL8187L wireless card (WIFI SKY WS3650UG-8X) <-- This adapter worked like a charm with Backtrack 3 & 4
Does someone has any advice?
Thanks.
-
i have exactly this problem aswell, and i use exactly the same kernel aswell. have you tried download compat-wireless and patching/installing those? i tried that and they either failed to compile or failed to install :s
next up for me i think is to install the newer kernel 3.10
-
So, I tried to install compat-wireless drivers and every release failed to compile, then I switched to backports and this time the drivers compiled successfully. What I did step by step (as root):
wget https://www.kernel.org/pub/linux/kernel/projects/backports/stable/v3.10/backports-3.10-2.tar.bz2
tar -xf backports-3.10-2.tar.bz2
cd backports-3.10-2
make defconfig-wifi
make install
reboot
The fixed channel issue is gone but the injection fails, dunno if caused by drivers or whatnot (didn't try to patch em yet).
aireplay-ng -1 0 -q 10 -e Cisco_WEP_Test -a 00:**:**:**:**:** -h 00:**:**:**:**:** mon0
Waiting for beacon frame (BSSID: 00:**:**:**:**:**) on channel 13
Sending Authentication Request (Open System)
...
Sending Authentication Request (Open System)
Attack was unsuccessful. Possible reasons:
* Perhaps MAC address filtering is enabled.
* Check that the BSSID (-a option) is correct.
* Try to change the number of packets (-o option).
* The driver/card doesn't support injection.
* This attack sometimes fails against some APs.
* The card is not on the same channel as the AP.
* You're too far from the AP. Get closer, or lower
the transmit rate.
Anyway, marking thread as solved.
-
i tried this too, injection also fails with this backport-compat on non-backport kernel. do you know how to uninstall this? make uninstall doesnt seam to work :s
-
i solved the injection/negative channel issues!! and i believe this should work for you too otousama if its injection that fails for you with compat.
all i did after installing those compat-wireless drivers was disable network manager as that was causing some confliction.
# /etc/init.d/network-manager stop
i tried this on my other laptop without the compat drivers installed and these issues were still there.
-
Sadly the system where I made my previous tests is no more, so I can't try what you suggest.
Anyway, I'm now on Ubuntu 13.04 (Kernel 3.8.8 ) with backports 3.11rc3 and there are problems here too. With default drivers there was the infamous negative channel issue, with this version of backports it is gone but also is the ability of injecting packets with aircrack. On the other hand reaver was able to crack my test WPA in less than 2hrs, so I believe something is working under the hood, but not aircrack. I tried stopping all network services before starting aircrack, nothing changed, the weird thing is that the "injection test" isn't failing.
ifconfig wlan0 down
airmon-ng check kill
Found 6 processes that could cause trouble.
If airodump-ng, aireplay-ng or airtun-ng stops working after
a short period of time, you may want to kill (some of) them!
-e
PID Name
1155 avahi-daemon
1156 avahi-daemon
1425 NetworkManager
1453 dhclient
2837 wpa_supplicant
2839 dhclient
Process with PID 2839 (dhclient) is running on interface wlan0
Killing all those processes...
iwconfig wlan0 channel 11
airmon-ng start wlan0
Interface Chipset Driver
wlan0 Realtek RTL8187L rtl8187 - [phy0]
(monitor mode enabled on mon0)
aireplay-ng -9 -a 00:**:**:**:**:** mon0
Waiting for beacon frame (BSSID: 00:**:**:**:**:**) on channel 11
Trying broadcast probe requests...
Injection is working!
Found 1 AP
Trying directed probe requests...
00:**:**:**:**:** - channel: 11 - 'test'
Ping (min/avg/max): 1.504ms/9.133ms/50.635ms Power: -50.83
30/30: 100%
I'm on a newer kernel now, with a different distro and different drivers and it's still failing.
Did you resolve the injection problem on debian then?
-
yeah, injection worked for me straight out of the box, only when i installed the compat drivers injection started failing. however i found that disabling network-manager then testing(-9)/injection worked for me
-
Which adapter were you using?
-
i solved the injection/negative channel issues!! and i believe this should work for you too otousama if its injection that fails for you with compat.
all i did after installing those compat-wireless drivers was disable network manager as that was causing some confliction.
# /etc/init.d/network-manager stop
i tried this on my other laptop without the compat drivers installed and these issues were still there.
stop the network-manager really works for me, thanks!!!
-
this patch will do it's job against latest backport releases
http://pastebin.com/DcNnpADC
-
They added an ignore negative function for airdump-ng. So you can also work now with Channel -1.
You can use --ig also and dont have to tip the full command.
Just saying
-
Suggest you go here
http://forum.aircrack-ng.org/index.php/topic,748.0.html
MTeams