Problem with Netgear WG111 v2 & Packets
Hello everyone. I'm new to this forum, and Ive been researching this forum as well as the Aircrack forums for an answer to this...but Ive come up empty handed. Hopefully you guys can help me shed some light on my problem.
NIC: Netgear USB WG111 v2
SOFTWARE: Using Backtrack 2 FINAL
LAPTOP: Compaq Presario V6110US
I'm having problems apparently with my WG111 not injecting properly. I run this test for injections.....
Start monitoring the deauth attack using wireshark and I run aireplay-ng -0 10 -a 00:11:22:33:44:55 wlan0
(and I cannot see the deauth unless i fire up KISMET ....odd huh?)
So...to try to remedy the situation .....I check my steps. And they are in order...
1. airmon-ng stop wlan0 (no channel and with a channel selected)
2. ifconfig wlan0 down
3. macchanger --mac=00:11:22:33:44:55 wlan0
4. ifconfig wlan0 up
5. iwconfig wlan0 mode monitor (no channel and with a channel selected)
6. airmon-ng start wlan0 (no channel and with a channel selected)
****When I say (no channel and with a channel selected), that means I tried this with a channel the fist time and when I failed I started over and tried with no channel on the second attempt****
7. I fire up kismet (no channel and with a channel selected)
8. Select my network AP ---Lock onto it. (Shift L)
9. I run aireplay-ng -0 10 -a 00:11:22:33:44:55 wlan0
10 Fire up wireshark ckeck update list of packets in real time on my wlan0 interface....and use the display filter wlan.fc.type_subtype == 12
11. Start monitoring the deauth attack using aireplay-ng -0 10 -a 00:11:22:33:44:55
Then THIS HAPPENS EVERY SINGLE TIME!!!!! ---------->>>>>>>>
I can see that SOMETIMES wireshark will pick up the deauths' and then ill switch the filter to view the packets normally in wireshark...Ill see beacons from my network and then the DEAUTHS come....but the vast majority of them are MALFORMED!!! :0 :-( I mean sometimes they are not malformed....but most of the time they are. Ill get a whole set of 10 deauths with no problems...but then I notice the aireplay-ng screen kinda "IDLE" and "stall" in between the 10 deauths sent. Odd Behavior indeed! Sometimes it will actually freeze. Now why would my card send good deauths 1-3 times out of 10 sets is my question?? And why can I not get wireshark to even see the deauths unless I have KISMET up and running?? Its almost like my card is not in monitor mode! Ive tried to check injections with KISMET not enabled and I get no deauths to show up at all...but when I turn it on and lock the channel...it shows them...just 80-90% of them are MALFORMED!! Am I not putting my card in the monitor mode the correct way or something?? Is there a correct way to put this USB card in monitor so it will inject?? I know this version of backtrack has the right drivers installed it says RTL8187 on boot up. And ive even tried the whole iwpriv wlan0 rawtx 1 command..and nothing. Please someone out there help me shed light on this. I cant get anything over a 900 count with ivs. I don't know if its my card tripping or me. Its so frustrating to know how to crack your own WEP and not have the means to do so. Also Id like to note that I can lock my channel with airmon-ng and with iwconfig and using KISMET and when I fire up airodump for my channel 6 only...I still get other channels showing up as well. And In the Kismet dialog boot up it seems to always seem to say that its enabled my wlan0 on channel 6.....even when no channel is specified. Thank you all for taking time to read this and for ANY input from people who have my WG111 v2 and are experiencing the same problem. I'm really leaning toward my card not being on the right channel...but Ive done everything I can think of to make sure it stays on my channel I want it to be on. One last bit of info.....on this iwconfig command I see lo listed as well as my wlan0. And if lo is not "up" i cant get kismet to run. Thanks again everyone.