Works for me with AWUS036H =P

Bluetooth hacking wth Backtrack 4 | SOLDIERX.COM
New Tutorial For BT3 ONLY

I have been using the following 2 websites as a guide plus a hell of a lot of googling to try and get my Bluetooth...

Lupin, who is a mod obviously doesnt think its a bad idea... i mean its just a better way of organising things. You look on the old forums and they had sub sections all layed out nicely and things...

Can we please have a forum category Called Tutorials & Sub-Cat's for Wireless, Bluetooth etc etc just so its easier to find these tutorials rather then having to ask for them all the time.

Your distance seems to be the issue,

I have an ALFA'36H USB and more then 15m line of sight i cant get a deauth or handshake.

Thanks guys,

And yes i did spend about 2-3 hours searching around, looking for valid links and trying all sites i could find... im not trying to be spoonfed i just wanted a few resources i could...

Bump... i need some sort of thread or post which gets people started, all the videos and information are scarce and very vague.

There was a thread on the old remote exploit forums called...

Hey guys, im trying to use bluesmash with my dongle & phone but im getting some issues.


root@bt:~# hciconfig
hci0: Type: USB
BD Address: 00:15:83:17:C5:DB ACL MTU: 384:8 SCO MTU:...

500 is what i usually get & my understanding is that its a very good rate as Encrypted said.

Thanks, ill set up a wire shark capture and try some out.

My only question is, once i find out which traffic is aloud on a certain service/port say 445 microsoft-ds for example with the firewall...

Ive been playing around with msf and have had success with 2-3 different exploits, and its fine when my firewall on my XP SP2 Machine is down, but im wondering how vulnerable is SP2 with its firewall...

Thanks guys =] clears things up.

And yes .8 would be nice :P

im using apt-get update && apt-get upgrade to update sslstrip fron 0.6 to 0.7 but im still getting the 0.6 message come up when i use sslstrip, is this a bug?

Sweet, thanks mate.

Yea i gave ettercap a go and it wouldnt do it for me either, even though it has similar setup as cain & abel i stilll couldnt get it working that way.

Im using the ALFA'36H and im having troubles wit the handshake.

What happens is if i take the target laptop and put it within 5m of the router i can capture the handshake, but as soon as i go...

Yep, the arp poisoning both ways is what did the trick for me. Thanks.

Yep, ive had a similar issue.

Your card will capture the handshake & it will inject. I have tested this on both WEP & WPA its just a matter of being in the right range for the handshake. Ive found...

Yea this card got me with this as well, then i went for the tlwn321g from tp-link and that worked great. uses rt73.

but the best card ive used is the ALFA'36H such good range & power.

Its because BT4 comes with the mac80211 drivers pre installed & patched for better performance/injection. iwpriv works with iee.. drivers

If you want to play around with your power levels you will...

Ahh thank you very much, i will try that and see how i go.

im running this arpspoof command, same as i did for eth0 on my wired side.


arpspoof -i wlan0 -t <targetIP> <GatewayIP>

AWUS036H with rtl8187l works out of the box for me.

If you are using mac80211 drivers you can use this code and it should give you 27db
iw reg set US

check with

iwlist wlan0 txpower

--

ieee80211 drivers you can use

Try sitting right next to the router, you might be to far away. I have had trouble injecting at distances.