Airbase-ng clients unreachable from backtrack...

[Rampage]

Hello everyone, first of all, sorry if this is not the correct section of the forum to ask for this, i was unsure where to post, if here or in the newbie section.

As said in the thread title i'm having a weird issue with airbase-ng.

I'm doing a bunch of experiments in my lab and i set up my backtrack 5 R2 VM for trying out some fakeAP and karma attacks.

Everything seems to be fine
- i set up airbase-ng to serve as an AP, listening for all probes so that it can "hook" up clients.
- brought up at0 interface and assigned it an ip address.
- configured dhcp accordingly to serve ips on at0 interface
- configured iptables accordingly and other surrounding tools (sslstrip, dnsspoof etc etc)

ok, fine then i bring my laptop with windows and try to search for networks, as expected i get connected to the fakeAP, as it replied to the probe my laptop was expecting, and i can also browse the web and use other services (i set up iptables so that i could reach the internet).

so everything seems fine, but when i try, from my backtrack machine, to ping my laptop, i don't get any reply, if i try to do a simple nmap scan i get the error:

Starting Nmap 5.61TEST4 ( http://nmap.org ) at 2012-04-28 19:58 EDT
route_dst_netlink: can't find interface "at0"

and if i try to get a reverse shell using SET and the java applet attack, i get the connection but the session is immediately dropped automatically.

for sure something is wrong here, but i can't figure it out myself, it looks like hosts on at0 interfaces are for some odd reasons unreachable.

any suggestion is really appreciated.

thanks in advice.

[VulpiArgenti]

The nmap/at0 issue seems to be related to newer versions of nmap. If you downgrade to nmap=5.51-bt8 it will probably work. Autoscan, netifera, p0f, metasploit scanners and nessus all work perfectly on at0.

[Rampage]

VulpiArgenti, thanks for replying.
i'm gonna try, still i don't understand why all metasploit sessions get immediatelly dropped, no matter which payload i use, they just get dropped, and i cant ping the machine.

i also tried doing simple tasks like

Code:

smbclient -L \\ipaddress -N

it just times out.

ofc the machine is a windows laptop

[VulpiArgenti]

I can't ping the victims either, but I don't have any issues with maintaining sessions (not a helpful comment I know - just pointing out it can be done!)

[Rampage]

I can't ping the victims either, but I don't have any issues with maintaining sessions (not a helpful comment I know - just pointing out it can be done!)

don't worry about that, at least now i know that if everything is going wrokg, it's my fault and not airbase's.

i'll check again and do some more testing.

thanks again for the help