What am I doing wrong?

[jbondsr]

Hi guys.
I wanted to try out the aircrack thing, so I am trying to use Bactrack 2.0 to crack the WEP for my Linksys WRT54G router. The wireless card I am using is a Buffalo WLI3-CB-G54L.

The problem seems to be that I can't authenticate or deauthenticate on the network. I am physically sitting right next to the router and MAC filtering is off.

Is it impossible to do on an wirless card that has a bmc4318 chipset?

Here's some info from what I've been doing so far in backtrack:

The version of Aireplay-ng and Airodump-ng I'm usins is 0.7 r214

This is what I get using iwconfig:

IEEE 802.11b/g ESSIDff/any Nickname:"Broadcom 4318"
Mode:Monitor Frequency=2.484 GHz Access Point: Invalid
Bit Rate=1 Mb/s Tx-Power=18 dBm
RTS thrff Fragment thrff
Encryption keyff
Link Quality=0/100 Signal level=-256 dBm Noise level=-256 dBm
Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0
Tx excessive retries:0 Invalid misc:0 Missed beacon:0

When I use Aireplay:
bt ~ # aireplay-ng -e digi01 -a 00:A0:B0:xx:xx:xx-h 00:A0:B0:5x:xx:xx --fakeauth 10 eth1
The interface MAC (00:16:01:xx:xx:xx) doesn't match the specified MAC (-h).
ifconfig eth1 hw ether 00:A0:B0:5F:54:9C
18:47:18 Sending Authentication Request
18:47:20 Sending Authentication Request
18:47:22 Sending Authentication Request
18:47:24 Sending Authentication Request
18:47:26 Sending Authentication Request
18:47:28 Sending Authentication Request
18:47:30 Sending Authentication Request

Attack was unsuccessful. Possible reasons:


I also tried using a MAC address already connected, for fakeauth, and still get the same thing. I also trie deauth:

Just get a "sending deauthentication" request over and over.

I also tried creating fake packets and the like, but to no avail. What should I try next?

(I forgot to mention that I tried doing a ptw attack on a file i had made after collecting around 42,000 ivs from regular traffic, and the attack still failed)

[purehate]

Did you bother to check the Backtrack Wiki or some of the Posts here that are stickied To nsee if your ncard is on the list. Probably not. So might I suggest you figure out if your card is even supported and whether it can inject and then if your still having problems come back. And by the way do you think those error messages are for nothing did you track down and trouble shoot each one? probably not.

[theprez98]

Is it impossible to do on an wirless card that has a bmc4318 chipset?

Not impossible. However, support for Broadcom cards is sketchy at best. See http://bcm43xx.berlios.de/?go=devices and http://backtrack.offensive-security....e=HCL:Wireless.

[Johmel]

i have the 43xx on my hp l2000 got it to work like [/I]a charm