buffer overflow discovery against that specific AP and then add your mac address to the allowed list. :D:D

it could be done, but if the double authentication process is on, it's hard or maybe impossible to make your attack in a hidden state.

The essence of attacking 802.1x is based on state machine...

If you need injection on a PRO/Wireless 3945ABG with Backtrack witoout using mac80211 module and the whole work you need to make it work, here it is a easier way to get injection on this hardware:
...

Looking all around the net i've found:

1) qEmu has a GUI
2) Netkit the ultimate network virtualization software, for testing almost every thing you need to test and to get experienced in many...

To get experienced with many programs inside backtrack it's very usefull to have different computer with different OS and different version of the same OS, so we need to have some...

phil , the creator of scapy, very kindly helped me to solve the problem and seems that
ipw3945 needs a patch to aply to scapy itself, here is it:
...

uhm , no it doesn't help me so much !

i've take a look at the scapy.py source and i've found this

if LINUX:
DNET=PCAP=0
else:
DNET=PCAP=1

since it's linux DNET (libdnet for...

I'm a newbie of scapy and i can't make it correctly decode the dot11 frames.
Is there someone can help me?

wireshark decode 802.11 correctly , i saved the packets sniffed and opened with scapy,...

i've a Dell LAtitude d620 with widescreen (1200x800) but i can't make backtrack run with this resolution, i've changed the xorg.conf to fit my needs, but in any case the xserver runs with 1024x768...

i'm not sure that is the hardware not able to inject, but i think is that aireplay-ng that does not support injection on the ipw3945 hardware.

If i'm right, you can use "scapy" to inject...

Since Vmware Server downloaded from vmware is SystemV init style, does someone know how to make the installation proccess works on backtrack, that has a BSD-style init system?

Thanks for helping...