Page 1 of 3 123 LastLast
Results 1 to 10 of 24

Thread: Intel 4965AGN (Lenovo T61)

  1. #1
    coolwazza
    Guest

    Exclamation Intel 4965AGN (Lenovo T61)

    My Intel 4965AGN card that came with my Lenovo T61 still has no injection capability. I can view wireless networks, sometimes I am able to connect to my own wireless network and browse (other times I can connect and get an IP but can't ping router or have access to internet.)

    airmon-ng shows a chipset which is a change over the previous BETA.

    The main point being injection is still not working, previous BETA was the same story. Has anyone got this wireless card to work with injections? if so how? I tried patching drivers with previous BETA and it did not go too well.


    Thanks ahead

  2. #2
    Just burned his ISO
    Join Date
    Jul 2009
    Posts
    1

    Default

    I'm also trying to get injection working on the Intel PRO/Wireless 4965 AGN. I have the exact same T61 with an Intel PRO/Wireless 4965 card. My problem was the failed authentication. I have also tried both BT4-beta and BT4-Pre Final. I tried to use a workaround with wpa_supplicant but, that didn't seem to work either. Thanks to anyone who can help out.

  3. #3
    Junior Member Zermelo's Avatar
    Join Date
    Feb 2010
    Posts
    54

    Default

    You should really post what commands you are trying to use and the results of those commands and results of the injection test.

    I have injection working fine with the 4965. Some people have experienced problems with fakeauth, but there is a work around for that. I have all attacks working.

    Since the card is definitely capable of injection, you need to be more specific on the steps you took and the commands you use to eliminate user error.

  4. #4
    Member alacrityathome's Avatar
    Join Date
    Jan 2010
    Posts
    248

    Default

    Ditto to Zermelo's comments. I have a Lenovo T61p (see my signature block) and my iwlagn 4965 is running very well. Fake authentication is via wpa_supplicant.

    And, there are many very nice scripts that forum members have designed both for triggering the wpa_supplicant and complete scripts specificially for the 4965 that do everything all the way thru wep cracking.

    If your 4965 is like mine.......the receiving (airodump-ng) sensitivity is excellent compared to other wireless cards.......so I am sure some day there will be an aireplay-ng -1 capability.

    A

  5. #5
    Just burned his ISO
    Join Date
    Jul 2009
    Posts
    19

    Default

    Quote Originally Posted by Zermelo View Post
    You should really post what commands you are trying to use and the results of those commands and results of the injection test.

    I have injection working fine with the 4965. Some people have experienced problems with fakeauth, but there is a work around for that. I have all attacks working.

    Since the card is definitely capable of injection, you need to be more specific on the steps you took and the commands you use to eliminate user error.
    I have tried two different methods to get the injection working using my 4965 on both BT4 Pre-Final and Beta, with no success:

    1) David Barchiesi's script, as posted here by cruisex: hxxp://forums.remote-exploit.org/backtrack-4-general-support/24273-my-4965agn-working-fluke-2.html#post140782

    2) The script + instructions posted here by saftus: hxxp://forums.remote-exploit.org/bt4beta-working-hardware/20119-4965-agn-6.html#post124317

    In both instances, I started the KDE via startx and went straight into the terminal to execute the commands and/or scripts. Note that I tried following both of the above procedures with and without running 'Services/Networking/Start Networking' (in the case of the BT4 Pre-Final version)/initializing networking using the 'etc/init.d/networking start' command (in the case of the BT4 Beta version).

    Does that help you help us ?

  6. #6
    coolwazza
    Guest

    Unhappy

    Quote Originally Posted by alacrityathome View Post
    Ditto to Zermelo's comments. I have a Lenovo T61p (see my signature block) and my iwlagn 4965 is running very well. Fake authentication is via wpa_supplicant.

    And, there are many very nice scripts that forum members have designed both for triggering the wpa_supplicant and complete scripts specificially for the 4965 that do everything all the way thru wep cracking.

    If your 4965 is like mine.......the receiving (airodump-ng) sensitivity is excellent compared to other wireless cards.......so I am sure some day there will be an aireplay-ng -1 capability.

    A
    Can you please list the steps you did to get it working? Was it working out of the box? I have read a lot about it over the last couple of month and have tried all steps but injection just doesnt work with my T61. I might add the 4965 Intel wireless card is a AGN not the normal AGN(but n-disabled) card.

    Any help would be appreciated, Im not alone with this injection not working for the 4965. Also sometimes my card cannot even connect to my router (i.e. it connects to router and authenticates okay and get an IP, but can't ping my own router or anything past it) but I doubt this would be related.

    Laptop and wireless card work flawlessly in Windows so I know hardware and antena are okay.


    Thanks again

  7. #7
    Member alacrityathome's Avatar
    Join Date
    Jan 2010
    Posts
    248

    Default

    whoops...double posted....see the most recent message above.

    A

    coolwazza,

    I have BT4PF on a usb......just fired it up now. Did the following injection test:

    john@john-laptop:~$ iwconfig
    lo no wireless extensions.

    wmaster0 no wireless extensions.

    wlan0 IEEE 802.11abgn ESSID:""
    Mode:Managed Frequency:2.412 GHz Access Point: Not-Associated
    Tx-Power=14 dBm
    Retry min limit:7 RTS thrff Fragment thr=2352 B
    Power Managementff
    Link Quality:0 Signal level:0 Noise level:0
    Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0
    Tx excessive retries:0 Invalid misc:0 Missed beacon:0

    john@john-laptop:~$ sudo airmon-ng start wlan0

    Interface Chipset Driver

    wlan0 Intel 4965/5xxx iwlagn - [phy0]
    (monitor mode enabled on mon0)

    john@john-laptop:~$ sudo aireplay-ng mon0 --test
    03:25:24 Trying broadcast probe requests...
    03:25:24 Injection is working!

    Then, did a sudo airmon-ng stop mon0 , sudo wicd, then connected to my wpa2 AP to send this message.

    So, it does it all "out of the box"

    In terms of wep cracking......you still have to use the "wpa_supplicant" approach but......there are threads on that.

    So, in your case, are you using BT4PF? Do you have networking and wicd "off" when you do an injection test? What command(s) do you use to test for injection? And so on.....as Zermelo asked earlier.

    Good luck.

    A

  8. #8
    Just burned his ISO
    Join Date
    Jul 2009
    Posts
    19

    Default

    alacrityathome,

    When I run the 'sudo aireplay-ng mon0 --test' command, I get the following result:

    root@bt:~# sudo aireplay-ng mon0 --test
    17:33:15 Trying broadcast probe requests...
    17:33:17 No Answer...
    17:33:17 Found 0 APs
    And that ^ is without having launched any applications (e.g., wicd) or having executed the "Start Networking" link from the start menu. Previous to executing that I did turn on monitoring mode from the terminal however, using 'sudo aireplay-ng start wlan0' as you had done. Fyi, here's what my 'iwconfig' produced:

    lo no wireless extensions.

    eth0 no wireless extensions.

    wmaster0 no wireless extensions.

    wlan0 IEEE 802.11abgn ESSID:""
    Mode:Managed Frequency:2.412 GHz Access Point: Not-Associated
    Tx-Power=0 dBm
    Retry min limit:7 RTS thrff Fragment thr=2352 B
    Encryption keyff
    Power Managementff
    Link Quality:0 Signal level:0 Noise level:0
    Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0
    Tx excessive retries:0 Invalid misc:0 Missed beacon:0
    Any thoughts why it might not have produced the "injection working" result as it did with you?

  9. #9
    Member alacrityathome's Avatar
    Join Date
    Jan 2010
    Posts
    248

    Default

    skyfx,

    was your iwconfig done after you were in monitor mode? if so, you were still in managed mode.

    how far away from your AP are you? if too far, then there is no AP with which to inject....so "Found 0 APs" would occur.

    if you did an airodump-ng mon0....do you see APs?

    as one last try, reboot, don't turn on wicd or networking, run iwconfig, run airmon-ng start wlan0, run iwconfig, run aireplay-ng mon0 --test.

    do a copy and post one last time of those commands and their results.

    otherwise, you have me stumped.....maybe the experts on the forum can help.

    A

  10. #10
    Just burned his ISO
    Join Date
    Jul 2009
    Posts
    19

    Default

    A, thx for the tips :). My answers are in bold:

    Quote Originally Posted by alacrityathome View Post
    skyfx,

    was your iwconfig done after you were in monitor mode? if so, you were still in managed mode.

    No, I ran all my cmds in the same order you did above (i.e., iwconfig first).

    how far away from your AP are you? if too far, then there is no AP with which to inject....so "Found 0 APs" would occur.

    My router is right next to me, so it shouldn't be a distance issue.

    if you did an airodump-ng mon0....do you see APs?

    Yes, I see my router no problem.

    as one last try, reboot, don't turn on wicd or networking, run iwconfig, run airmon-ng start wlan0, run iwconfig, run aireplay-ng mon0 --test.

    I will post the results momentarily :).

    do a copy and post one last time of those commands and their results.

    otherwise, you have me stumped.....maybe the experts on the forum can help.

    A
    Here is the output from running the cmds as A suggested:

    root@bt:~# iwconfig
    lo no wireless extensions.

    eth0 no wireless extensions.

    wmaster0 no wireless extensions.

    wlan0 IEEE 802.11abgn ESSID:""
    Mode:Managed Frequency:2.412 GHz Access Point: Not-Associated
    Tx-Power=0 dBm
    Retry min limit:7 RTS thr:off Fragment thr=2352 B
    Encryption key:off
    Power Management:off
    Link Quality:0 Signal level:0 Noise level:0
    Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0
    Tx excessive retries:0 Invalid misc:0 Missed beacon:0

    root@bt:~# airmon-ng start wlan0


    Interface Chipset Driver

    wlan0 Intel 4965/5xxx iwlagn - [phy0]
    (monitor mode enabled on mon0)

    root@bt:~# iwconfig
    lo no wireless extensions.

    eth0 no wireless extensions.

    wmaster0 no wireless extensions.

    wlan0 IEEE 802.11abgn ESSID:""
    Mode:Managed Frequency:2.412 GHz Access Point: Not-Associated
    Tx-Power=14 dBm
    Retry min limit:7 RTS thr:off Fragment thr=2352 B
    Encryption key:off
    Power Management:off
    Link Quality:0 Signal level:0 Noise level:0
    Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0
    Tx excessive retries:0 Invalid misc:0 Missed beacon:0

    mon0 IEEE 802.11abgn Mode:Monitor Frequency:2.412 GHz Tx-Power=14 dBm
    Retry min limit:7 RTS thr:off Fragment thr=2352 B
    Encryption key:off
    Power Management:off
    Link Quality:0 Signal level:0 Noise level:0
    Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0
    Tx excessive retries:0 Invalid misc:0 Missed beacon:0

    root@bt:~# aireplay-ng mon0 --test
    19:06:25 Trying broadcast probe requests...
    19:06:27 No Answer...
    19:06:27 Found 0 APs
    Thoughts :confused:

Page 1 of 3 123 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •