Results 1 to 4 of 4

Thread: my airbase-ng essid displayed as random symbols in windows

  1. #1
    Just burned his ISO
    Join Date
    Oct 2009
    Posts
    7

    Question my airbase-ng essid displayed as random symbols in windows

    Hi all, this is my first post here at the RE forums. I've been learning a lot from you guys over the last few months. the RE forums have provided me a sollution for almost every problem I have had untill now, regarding (wireless) pentesting. Thank y'all so much for that :P

    But now, you guys, I've encountered this weird problem I can't find a sollution to, not on google and not over here.

    problem:
    When I run airbase-ng, all my other machines, running windows xp, display my airbase AP's essid as random symbols. Like mostly a lot of squares.
    (airodump-ng in bt4pf sees the essid right tho, but it flickers like 5 times per minute, to some tiny bars for a fraction of a second. never saw this in airodump)
    Code:
    airbase-ng -e "test" -v mon0
    to prove my setup works:
    Although the essid seems screwed somehow, the xp machines can connect just fine. I have a DHCP server set up providing the clients with an IP, I can even redirect them to my apache2 using DNS Poison, or provide them with internet from my eth0.

    my situation:
    I run BackTrack 4 prefinal, HD (and USB) install, with persistant changes, on an Acer Aspire One. I use the integrated adapter with an Atheros 5700EG chip. EDIT: AR5007EG
    The drivers I use are the ath5k drivers, that come with BT4pf.
    My aircrack-ng suite seems to be up to date, at version 1.0 rc3 r1552.
    apt-get doesn't give me updates. I uninstalled and reinstalled using make, make install on the newest version from aircrack-ng.org.
    I updated aircrack-ng, using fast-track.
    Anyway, I have the -C, -P and -I options, so I must be fairly (if not 100%) up to date.

    possible sollution:
    I found a thread here on RE, where someone had this problem too. The conclusion was updating aircrack-ng suite and some guy there said he fixed it using the -I 600 option in airbase-ng. This both obviously didn't fix it for me.
    hxxp://forums.remote-exploit.org/newbie-area/19465-airbase-ng.html

    sum and my conclusion:
    -my aircrack-ng suite is up to date, so that can't be it i guess
    -setting the beacon interval to 600ms using -I 600 doesn't work and seems a little high too, concidering the default value, when using 1 essid is 64 I think (or 0x64???)
    -I tried -I 10, 16, 24, 50, 64, 80, 100, 128, 200, 300, 500, 600, 800, 1000, 1200, 1500, 2000. Under 50 or something the AP didn't show up in windows at all anymore and further everything remained the same, with the weird characters and all.
    -like i said at the beginning: airodump sees the essid ok, but flickers like 5 times per minute for a fraction of a second to some tiny bars. i don't know if this sais anything, but it seems to me that this confirms the need of tuning using the -I function to set the beacon interval to a lot more/less ms.
    Although I kind of proved this isn't it by trying all these -I values, right?

    Anyway, this is all I have.
    I really hope someone can help me overcomming this very annoying obstacle.
    I don't know if this is a problem which is caused by/connected to my atheros interface, but if someone is using an atheros card successfully to host an airbase AP with descent essid broadcast, I'd love for you to post your situation.

    Any input you guys might have is more than welcome.
    Thank's very much in advance, y'all!

  2. #2
    Member
    Join Date
    Feb 2010
    Posts
    204

    Default

    same thing with my 8187, maybe a post on the aircrack forum with a response from the devs might help

  3. #3
    Member floyd's Avatar
    Join Date
    Mar 2009
    Posts
    231

    Default RE: http://forums.remote-exploit.org/wireless/27147-satanicap-karmetasploit-wkg-fakea

    I had a similar behaviour when I was testing with an XP machine of my bro, but most of the time it works. My Vista machine always shows the essids correctly as well. I don't have a clue why this happens. The beacons seem corrupted but not always.

    I'm using an atheros card. As I saw you have your own ticket from the aircrack guys: my airbase-ng essid displayed as random symbols in windows (atheros 5700eg) and #688 (Beacons seems corrupted with airbase-ng and mac80211 drivers) – Aircrack-ng . I can't help you, but I'm sure the aircrack guys will.

    Btw senior members are not the same as moderators (so I can't/won't remove any of your posts)
    Auswaertsspiel

  4. #4
    Just burned his ISO
    Join Date
    Oct 2009
    Posts
    7

    Default

    @ hm2075: I don't know what you mean by this "response from the devs", but I've done like you said. I made a thread over at the aircrack-ng forums, they created a ticked for me and asked me to upload a few capped beacons. so I will do as soon as I get home monday.

    @ floyd: Well, here the beacons seem corrupted all the time, on all 4 XP machines I have over here. weird huh? anywayz... I guess I'll put all my hopes on the aircrack-ng guys. I'll upload this cap file containing the beacons on there, and I'll just sit and wait for further instructions/solutions... I'm affraid that's all I can do.

    @ both: Thanks for your effort you guys. I'll let y'all know how it all works out.

    Best regards,
    saf

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •