Page 1 of 2 12 LastLast
Results 1 to 10 of 17

Thread: AP rejects the source MAC address?

  1. #1
    Just burned his ISO
    Join Date
    Nov 2008
    Posts
    1

    Default AP rejects the source MAC address?

    hi guys.

    after " aireplay-ng -1 0 -a 00:01:E3:41:7B:FB -h 00:11:22:33:44:55 -e wisi83475 wifi0 "

    i get this message.( AP rejects the source MAC address) what's wrong?

  2. #2
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by golum View Post
    hi guys.

    after " aireplay-ng -1 0 -a 00:01:E3:41:7B:FB -h 00:11:22:33:44:55 -e wisi83475 wifi0 "

    i get this message.( AP rejects the source MAC address) what's wrong?
    Holy lack of searching.

    http://www.google.com/search?q=AP+re...ient=firefox-a
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  3. #3
    Junior Member
    Join Date
    Jun 2008
    Posts
    27

    Default

    you know, one good thing about error messages is that it narrows down what you have to search on... and second thing, more often than not, you're not the first one to encounter the problem... happy hunting...
    Dum spiro spero

  4. #4
    Very good friend of the forum Virchanza's Avatar
    Join Date
    Jan 2010
    Posts
    863

    Default

    An access point will reject a frame if the source MAC address is not associated with the access point. (Just there yesterday I had this problem with my Internet Prober program and it took me a few minutes to realise that the access point was rejecting frames that had a random source MAC address).

    There are two circumstances in which you aren't associated:
    1) You haven't tried to associate
    2) You tried but failed because of MAC filtering
    Ask questions on the open forums, that way everybody benefits from the solution, and everybody can be corrected when they make mistakes. Don't send me private messages asking questions that should be asked on the open forums, I won't respond. I decline all "Friend Requests".

  5. #5
    Junior Member alexsys's Avatar
    Join Date
    Oct 2007
    Posts
    25

    Default Can't associate to the AP with a registered MAC address.

    Hi Guys,
    I hope you'll be able to shed some light on this issue.
    I am testing my wireless network.
    We have MAC Filtering in place.
    After cracking the WEP key with the Aircrack-ng suite (and verified it is correct), I change my laptop's MAC address (using macchanger) to one that is registered on the AP access list.
    However, I fail to associate with the AP. I even tried with a static IP address, as our AP supports both DHCP and static assigned IP addresses.
    Does someone know why this happens?
    Thanks in advance for your help,
    Best Regards
    Alexsys
    MCP, CEH, CHFI, SSCP

  6. #6
    Very good friend of the forum Virchanza's Avatar
    Join Date
    Jan 2010
    Posts
    863

    Default

    Quote Originally Posted by alexsys View Post
    However, I fail to associate with the AP. I even tried with a static IP address, as our AP supports both DHCP and static assigned IP addresses.
    MAC addresses are a Layer 2 concept, also known as the "Datalink Layer". Once you're associated with an access point, that means you can send frames to other machines on the network.

    IP addresses are concerned with Layer 3, the "Network Layer", which sits atop the Datalink Layer.

    Anyway, to be short, how you set your IP address has nothing to do with being able to send and receive frames at Layer 2.

    So here's what you want to do. Firstly associate with the access point as follows:

    iwconfig wlan0 essid MyNetwork key 0123456789 ap 00:01:02:03:04:05

    Wait a few seconds, then just type:

    iwconfig

    This will tell you whether you've got a Layer 2 connection. Next you can set your IP address:

    ifconfig wlan0 192.168.0.123 netmask 255.255.255.0

    And then try to ping another machine on the network:

    ping 192.168.0.1

    If you're having trouble, then copy the stuff you see when you type "iwconfig" and "ifconfig" and post it here.
    Ask questions on the open forums, that way everybody benefits from the solution, and everybody can be corrected when they make mistakes. Don't send me private messages asking questions that should be asked on the open forums, I won't respond. I decline all "Friend Requests".

  7. #7
    Junior Member alexsys's Avatar
    Join Date
    Oct 2007
    Posts
    25

    Default

    Quote Originally Posted by Virchanza View Post
    MAC addresses are a Layer 2 concept, also known as the "Datalink Layer". Once you're associated with an access point, that means you can send frames to other machines on the network.

    IP addresses are concerned with Layer 3, the "Network Layer", which sits atop the Datalink Layer.

    Anyway, to be short, how you set your IP address has nothing to do with being able to send and receive frames at Layer 2.

    So here's what you want to do. Firstly associate with the access point as follows:

    iwconfig wlan0 essid MyNetwork key 0123456789 ap 00:01:02:03:04:05

    Wait a few seconds, then just type:

    iwconfig

    This will tell you whether you've got a Layer 2 connection. Next you can set your IP address:

    ifconfig wlan0 192.168.0.123 netmask 255.255.255.0

    And then try to ping another machine on the network:

    ping 192.168.0.1

    If you're having trouble, then copy the stuff you see when you type "iwconfig" and "ifconfig" and post it here.
    Dear Virchanza,

    Thanks for the explanation...however, I am aware of the OSI Model.
    The issue here seems to be the fact the Macchanger does not do a good job with faking my MAC address. Although the output of macchanger --mac=YY:YY:YY:YY:YY:YY ath0 shows a successful change, the router logs show "unauthorized access to XX:XX:XX:XX:XX:XX, which is my original MAC address.
    Any ideas as to why this happens?
    Regards
    Alexsys
    MCP, CEH, CHFI, SSCP

  8. #8
    Very good friend of the forum Virchanza's Avatar
    Join Date
    Jan 2010
    Posts
    863

    Default

    Quote Originally Posted by alexsys View Post
    The issue here seems to be the fact the Macchanger does not do a good job with faking my MAC address. Although the output of macchanger --mac=YY:YY:YY:YY:YY:YY ath0 shows a successful change, the router logs show "unauthorized access to XX:XX:XX:XX:XX:XX, which is my original MAC address.
    Machanger is a hacking tool used mostly for setting a random (yet valid) MAC address.

    Here's how I set my MAC address:

    ifconfig wlan0 hw ether 00:01:02:03:04:05

    And if you want to check your MAC address, do:

    ifconfig wlan0
    Ask questions on the open forums, that way everybody benefits from the solution, and everybody can be corrected when they make mistakes. Don't send me private messages asking questions that should be asked on the open forums, I won't respond. I decline all "Friend Requests".

  9. #9
    Junior Member alexsys's Avatar
    Join Date
    Oct 2007
    Posts
    25

    Default

    Again, negative.
    Even using the ifconfig hw ether command, the router logs show my original mac address.
    Any other ideas?
    Alexsys
    MCP, CEH, CHFI, SSCP

  10. #10
    Senior Member
    Join Date
    Apr 2008
    Posts
    2,008

    Default

    Quote Originally Posted by alexsys View Post
    Again, negative.
    Even using the ifconfig hw ether command, the router logs show my original mac address.
    Any other ideas?
    What make/model of wireless card are you using and if you have multiple cards available are you certain that you are changing the MAC of the one you are using to connect?
    Quote Originally Posted by alexsys View Post
    After cracking the WEP key with the Aircrack-ng suite (and verified it is correct), I change my laptop's MAC address (using macchanger) to one that is registered on the AP access list.
    However, I fail to associate with the AP.
    This part puzzles me somewhat, you state that you fake your MAC only when you already have cracked the WEP encryption. However, as you have a MAC filter in place you would not have been able to inject to the AP in the first place, while working on obtaining the WEP key. This is unless you was just sitting around passively sniffing packets without injecting, which normally would take a very long time.
    -Monkeys are like nature's humans.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •