Results 1 to 3 of 3

Thread: Packet injection issues

  1. #1
    Just burned his ISO
    Join Date
    Feb 2010
    Posts
    2

    Default Packet injection issues

    Hi Guys,
    I have recently downloaded backtrack final version 4 iso file and am using bootable usb drive to load it on my system

    I have been able to put the nic in monitor mode and can capture data packets.
    The main problem that i am having is of packet injection.

    I have been able to use aireplay-ng to do a fake authentication with the AP.
    When i use aireplay-ng -3 -b <> mon0 , it waits for ARPs and then after a while it starts to send lots of packets.
    Well , with this , the packet count increases , but #Data remains just the same
    I have also noticed that the place where it is shows my mac address against the bssid of associated AP , the power column remains 0.
    I have tried to configure txpower to auto mode as well , but it doesn't help.

    Further , with aireplay-ng -5 , i am not able to get any RELAYED PACKET. I have tried it for hours

    When i test the packet injection capabilities ( using -9 i guess ) it gives me about 90% success rate on that AP.
    I am using Intel 3945ABG wireless card.

    Can someone please tell me what i am missing ?

    Thanks

  2. #2
    Junior Member
    Join Date
    Feb 2010
    Location
    USA
    Posts
    47

    Default Re: Packet injection issues

    Hey imdbest777,

    I've been working with the aircrack-ng sweet a lot recently; maybe I can give some ideas...

    I have been able to use aireplay-ng to do a fake authentication with the AP.
    When i use aireplay-ng -3 -b <> mon0 , it waits for ARPs and then after a while it starts to send lots of packets.
    Well , with this , the packet count increases , but #Data remains just the same
    It sounds like your WEP authentication is OPEN (not SHARED) which is good.
    Usually the ARP-REPLAY attack (-3) requires packets to be sent over the air before they can be replayed...
    ...if there are no clients on the access point sending/receiving data, then you won't be able to replay any "real" packets (just beacons).
    This attack is handy if there's activity already on the access point.

    Further , with aireplay-ng -5 , i am not able to get any RELAYED PACKET. I have tried it for hours
    When i test the packet injection capabilities ( using -9 i guess ) it gives me about 90% success rate on that AP.
    If injection works 90%, then you're definitely close enough to the Access Point to run some attacks...

    I would recommend the Chop-chop Attack (-4). This has worked on many kinds of Access Points I've come up against, and normally doesn't require clients if you are already fake-authenticated.

    There's other attacks you can try as well (-3 through -6, I believe), so try different techniques until you find one that works with your access point.

    Also, if your injection rate isn't 100% (or close to it), you may need to lower your packet-injection rate using the "-o " argument. Lower packet-injection rates are good if you aren't very close to the router. I think the default injection rate is 500, so you could try "-o 150" when executing aireplay-ng.

    SHAMELESS SELF-PROMOTION
    I've whipped up a WPA/WEP cracker in my spare time, and have been getting people to test it. If you want to automate the airodump/aireplay/aircrack process, then you may want to check it out! It's called GrimWepa and it's been successful for quite a few people

    Derv

  3. #3
    Just burned his ISO
    Join Date
    Feb 2010
    Posts
    2

    Default Re: Packet injection issues

    Derv,

    Thanks for the reply.

    I have run injection tests and sometimes it gives success rate of 90 and sometimes it is 100%.
    So i guess , distance should not be a problem.
    Anyways i will run with reduced rate.

    I have actually tried chopchop attack as well . ( -4 ) but it has also not yielded any results,
    The ivs count remains low as always.

    I tried some other options like -2 -p 08xx which i read on aircrack website but it also didn't help.

    Can susceptibility to these attacks be a property of AP configuration ?

Similar Threads

  1. Packet Replay Problem
    By Blind-Summit in forum Beginners Forum
    Replies: 1
    Last Post: 04-30-2010, 08:48 PM
  2. packet injection
    By benjamin1254 in forum Beginners Forum
    Replies: 0
    Last Post: 02-16-2010, 10:18 AM
  3. RTL8187 Injection problem
    By sataigrey in forum Beginners Forum
    Replies: 7
    Last Post: 02-14-2010, 06:48 AM
  4. Injection?
    By jewel164 in forum Beginners Forum
    Replies: 1
    Last Post: 02-08-2010, 10:26 PM
  5. vmware player and Packet Capture
    By Hadeshorn in forum Beginners Forum
    Replies: 4
    Last Post: 01-29-2010, 10:58 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •