AE1000(Ralink RT2870) aireplay airodump no results
Ok this is driving me bonkers. I've worked through all the guides to get the AE1000 working with backtrack. I can get the internet to work using the DHclient no problem. I can issue scan commands and come back with results but when it comes to airodump and aireplay I get absolutely no results. I'll give you as much info as I can right off the bat, unsure what exactly you'll need so please just ask if I miss something.
Code:
root@bt:~# iwconfig
lo no wireless extensions.
eth0 no wireless extensions.
ra0 Ralink STA ESSID:"" Nickname:"RT3572STA"
Mode:Monitor Frequency=2.427 GHz Access Point: 68:7F:74:8C:76:4D
Bit Rate=1 Mb/s
RTS thr:off Fragment thr:off
Encryption key:off
Link Quality=10/100 Signal level:-83 dBm Noise level:-83 dBm
Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0
Tx excessive retries:0 Invalid misc:0 Missed beacon:0
Code:
root@bt:~# lsusb
Bus 002 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 001 Device 004: ID 13b1:002f Linksys AE1000 v1 802.11n [Ralink RT2870]
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
root@bt:~# iwlist ra0 scan
ra0 Scan completed :
Cell 01 - Address: 00:21:91:D9:17:DB
Protocol:802.11b/g
ESSID:"You Dbase!!"
Mode:Managed
Frequency:2.412 GHz (Channel 1)
Quality=31/100 Signal level=-77 dBm Noise level=-72 dBm
Encryption key:on
Bit Rates:54 Mb/s
IE: IEEE 802.11i/WPA2 Version 1
Group Cipher : CCMP
Pairwise Ciphers (1) : CCMP
Authentication Suites (1) : PSK
Preauthentication Supported
Cell 02 - Address: 00:23:69:B9:F6:71
Protocol:802.11b/g/n
ESSID:"linksys"
Mode:Managed
Frequency:2.437 GHz (Channel 6)
Quality=2/100 Signal level=-89 dBm Noise level=-84 dBm
Encryption key:on
Bit Rates:144 Mb/s
IE: WPA Version 1
Group Cipher : TKIP
Pairwise Ciphers (1) : TKIP
Authentication Suites (1) : PSK
IE: Unknown: DD0E0050F204104A0001101044000102
Cell 03 - Address: C0:83:0A:1A:4D:29
Protocol:802.11b/g
ESSID:"2WIRE551"
Mode:Managed
Frequency:2.432 GHz (Channel 5)
Quality=0/100 Signal level=-91 dBm Noise level=-86 dBm
Encryption key:on
Bit Rates:54 Mb/s
IE: WPA Version 1
Group Cipher : TKIP
Pairwise Ciphers (2) : CCMP TKIP
Authentication Suites (1) : PSK
IE: IEEE 802.11i/WPA2 Version 1
Group Cipher : TKIP
Pairwise Ciphers (2) : CCMP TKIP
Authentication Suites (1) : PSK
IE: Unknown: DD0E0050F204104A0001101044000102
Cell 04 - Address: 00:22:75:9C:C9:53
Protocol:802.11b/g
ESSID:"Belkin_G_Wireless_9CC953"
Mode:Managed
Frequency:2.437 GHz (Channel 6)
Quality=13/100 Signal level=-85 dBm Noise level=-80 dBm
Encryption key:on
Bit Rates:54 Mb/s
IE: WPA Version 1
Group Cipher : TKIP
Pairwise Ciphers (2) : TKIP CCMP
Authentication Suites (1) : PSK
IE: Unknown: DD0E0050F204104A0001101044000102
Cell 05 - Address: 00:14:D1:E9:F9:2F
Protocol:802.11b/g
ESSID:"TOADSTOOL"
Mode:Managed
Frequency:2.437 GHz (Channel 6)
Quality=23/100 Signal level=-81 dBm Noise level=-76 dBm
Encryption key:on
Bit Rates:54 Mb/s
IE: WPA Version 1
Group Cipher : TKIP
Pairwise Ciphers (1) : TKIP
Authentication Suites (1) : PSK
IE: Unknown: DD0E0050F204104A0001101044000102
Cell 06 - Address: 00:25:9C:D2:A2:41
Protocol:802.11b/g/n
ESSID:"ilikecox"
Mode:Managed
Frequency:2.462 GHz (Channel 11)
Quality=78/100 Signal level=-59 dBm Noise level=-92 dBm
Encryption key:on
Bit Rates:144 Mb/s
IE: WPA Version 1
Group Cipher : TKIP
Pairwise Ciphers (2) : CCMP TKIP
Authentication Suites (1) : PSK
IE: IEEE 802.11i/WPA2 Version 1
Group Cipher : TKIP
Pairwise Ciphers (2) : CCMP TKIP
Authentication Suites (1) : PSK
IE: Unknown: DD0E0050F204104A0001101044000102
To me everything looks like its working. As for injection im not sure. But when issue command.
airodump-ng ra0
It will sit there hopping through channels but get no results. I may be wrong and this does involve injection which could be my issue but if its only scanning I should be at least picking up the wireless networks right?
CH 10 ][ Elapsed: 32 s ][ 2011-05-05 01:22
BSSID PWR Beacons #Data, #/s CH MB ENC CIPHER AUTH ESSID
BSSID STATION PWR Rate Lost Packets Probes
Note time elapsed 30 seconds, no results.
When I issue command
root@bt:~# aireplay-ng -9 ra0
01:13:14 Trying broadcast probe requests...
01:13:15 No Answer...
01:13:15 Found 0 APs
Ive read several forums stating they were able to accomplish the task. One went so far as saying he got it to work with airoscript but stopped short of mentioning how he did it.
http://forum.aircrack-ng.org/index.php?topic=8027.0
When I went through airoscript commands ra0 was already detected so I wasn't having the issue he was. So I proceeded through the commands it offered. Ran a scan and as usual it produced the same results as airodump-ng ra0 command.
What is it that I am missing? From what I've read some people seem to be able to get injection to work with this WUSB. Im hoping im not mistaken.
Thanks in advance.
Re: AE1000(Ralink RT2870) aireplay airodump no results
did you actually put your card into monitor mode with airmon-ng?
Re: AE1000(Ralink RT2870) aireplay airodump no results
Yea I made sure it was in monitor mode
Code:
root@bt:~# ifconfig ra0 up
root@bt:~# ifconfig
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:4 errors:0 dropped:0 overruns:0 frame:0
TX packets:4 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:200 (200.0 B) TX bytes:200 (200.0 B)
ra0 Link encap:Ethernet HWaddr 68:7f:74:fe:f6:ad
inet6 addr: fe80::6a7f:74ff:fefe:f6ad/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:29 errors:0 dropped:0 overruns:0 frame:0
TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:7772 (7.7 KB) TX bytes:744 (744.0 B)
root@bt:~# airmon-ng start ra0
Interface Chipset Driver
ra0 Ralink 2560 PCI rt2500 (monitor mode enabled)
root@bt:~# airodump-ng ra0
CH 10 ][ Elapsed: 32 s ][ 2011-05-05 05:41
BSSID PWR Beacons #Data, #/s CH MB ENC CIPHER AUTH ESSID
BSSID STATION PWR Rate Lost Packets Probes
root@bt:~# aireplay-ng -9 ra0
05:41:21 Trying broadcast probe requests...
05:41:23 No Answer...
05:41:23 Found 0 APs
now when I tried to run a normal scan it wouldnt work. not sure if its some type of conflict between airmon or not
Code:
root@bt:~# iwlist ra0 scan
ra0 Interface doesn't support scanning : Invalid argument
Had to do this to get the scan to work again.
Code:
root@bt:~# ifconfig ra0 up
root@bt:~# airmon-ng start ra0
Interface Chipset Driver
ra0 Ralink 2560 PCI rt2500 (monitor mode enabled)
root@bt:~# airmon-ng stop ra0
Interface Chipset Driver
ra0 Ralink 2560 PCI rt2500 (monitor mode disabled)
root@bt:~# iwlist ra0 scan
ra0 Interface doesn't support scanning : Network is down
root@bt:~# ifconfig
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:4 errors:0 dropped:0 overruns:0 frame:0
TX packets:4 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:200 (200.0 B) TX bytes:200 (200.0 B)
root@bt:~# ifconfig ra0 up
root@bt:~# iwlist ra0 scan
ra0 Scan completed :
Cell 01 - Address: 00:21:91:D9:17:DB
Protocol:802.11b/g
ESSID:"You Dbase!!"
Mode:Managed
Frequency:2.412 GHz (Channel 1)
Quality=37/100 Signal level=-75 dBm Noise level=-70 dBm
Encryption key:on
Bit Rates:54 Mb/s
IE: IEEE 802.11i/WPA2 Version 1
Group Cipher : CCMP
Pairwise Ciphers (1) : CCMP
Authentication Suites (1) : PSK
Preauthentication Supported
Cell 02 - Address: 00:23:69:B9:F6:71
Protocol:802.11b/g/n
ESSID:"linksys"
Mode:Managed
Frequency:2.437 GHz (Channel 6)
Quality=2/100 Signal level=-89 dBm Noise level=-84 dBm
Encryption key:on
Bit Rates:144 Mb/s
IE: WPA Version 1
Group Cipher : TKIP
Pairwise Ciphers (1) : TKIP
Authentication Suites (1) : PSK
IE: Unknown: DD0E0050F204104A0001101044000102
Cell 03 - Address: 00:22:75:9C:C9:53
Protocol:802.11b/g
ESSID:"Belkin_G_Wireless_9CC953"
Mode:Managed
Frequency:2.437 GHz (Channel 6)
Quality=13/100 Signal level=-85 dBm Noise level=-80 dBm
Encryption key:on
Bit Rates:54 Mb/s
IE: WPA Version 1
Group Cipher : TKIP
Pairwise Ciphers (2) : TKIP CCMP
Authentication Suites (1) : PSK
IE: Unknown: DD0E0050F204104A0001101044000102
Cell 04 - Address: 68:7F:74:8C:76:4D
Protocol:802.11b/g/n
ESSID:"linksys"
Mode:Managed
Frequency:2.437 GHz (Channel 6)
Quality=23/100 Signal level=-81 dBm Noise level=-76 dBm
Encryption key:off
Bit Rates:54 Mb/s
IE: Unknown: DD0E0050F204104A0001101044000102
Cell 05 - Address: 00:14:D1:E9:F9:2F
Protocol:802.11b/g
ESSID:"TOADSTOOL"
Mode:Managed
Frequency:2.437 GHz (Channel 6)
Quality=23/100 Signal level=-81 dBm Noise level=-76 dBm
Encryption key:on
Bit Rates:54 Mb/s
IE: WPA Version 1
Group Cipher : TKIP
Pairwise Ciphers (1) : TKIP
Authentication Suites (1) : PSK
IE: Unknown: DD0E0050F204104A0001101044000102
Cell 06 - Address: 00:25:9C:D2:A2:41
Protocol:802.11b/g/n
ESSID:"ilikecox"
Mode:Managed
Frequency:2.462 GHz (Channel 11)
Quality=78/100 Signal level=-59 dBm Noise level=-92 dBm
Encryption key:on
Bit Rates:144 Mb/s
IE: WPA Version 1
Group Cipher : TKIP
Pairwise Ciphers (2) : CCMP TKIP
Authentication Suites (1) : PSK
IE: IEEE 802.11i/WPA2 Version 1
Group Cipher : TKIP
Pairwise Ciphers (2) : CCMP TKIP
Authentication Suites (1) : PSK
IE: Unknown: DD0E0050F204104A0001101044000102
Cell 07 - Address: 68:7F:74:33:58:9E
Protocol:802.11b/g/n
ESSID:"Marc"
Mode:Managed
Frequency:2.462 GHz (Channel 11)
Quality=0/100 Signal level=-91 dBm Noise level=-86 dBm
Encryption key:on
Bit Rates:144 Mb/s
IE: WPA Version 1
Group Cipher : TKIP
Pairwise Ciphers (2) : CCMP TKIP
Authentication Suites (1) : PSK
IE: IEEE 802.11i/WPA2 Version 1
Group Cipher : TKIP
Pairwise Ciphers (2) : CCMP TKIP
Authentication Suites (1) : PSK
IE: Unknown: DD0E0050F204104A0001101044000102
Re : Re: AE1000(Ralink RT2870) aireplay airodump no results
Quote:
Originally Posted by
bolexxx
did you actually put your card into monitor mode with airmon-ng?
This. And make sure you use drivers patched for injection (they should natively be present though). Then put in monitor mode, test for injection, and off you go !
