Page 1 of 6 123 ... LastLast
Results 1 to 10 of 54

Thread: Simple check for proper injection

  1. #1
    Member
    Join Date
    Jan 2006
    Posts
    66

    Default Simple check for proper injection

    This thread was created as a companion to the Quick Guide to Breaking WEP because it exceeded the character limit. Still, useful.

    Checking for injection

    If you are unsure if your card is injecting properly there is a simple test you can do. First you will need to bring your card into monitor mode (iwconfig DEV mode monitor where DEV is your wifi device. There may be additional steps involved in preparing your system for injection. Some cards do not support monitor mode, either.)

    Then start wireshark (it's in the sniffers menu, or type "wireshark" into a console. It's worth noting that until recently his tool was called ethereal.) Click the button to show the capture options (second from the left, little wrench icon) and select your wifi device from the drop down menu. Check the box to update the list of packets in realtime and then start the capture. If you want to display only the deauth frames you are about to broadcast, enter the following into the display filter of wireshark (NOTE: Display filters and Capture filters are not the same thing. The display filter input box is labled "Filter:" and is located just below the options button.)

    Display filter for deauth packets in wireshark

    wlan.fc.type_subtype == 12

    Next, in a fresh konsole or xterm window, type: aireplay -0 10 -a 01:02:03:04:05:06 DEVICE . This command will broadcast 10 deauth frames to a nonexistant AP. If all goes well the deauth packets should show up in the wireshark capture frame.


    As usual, I'm open to corrections and additions, PM me if you have any.

    Links

    Ethereal Wireless Filter List

    Original WEP Cracking Tutorial
    ---
    Useful HowTo Threads <-- Why do people think I'm joking when I link this?

  2. #2
    Junior Member
    Join Date
    Jan 2006
    Posts
    26

    Default

    Nice job. That is usefull for those who have problem with aireplay and are unsure of what the can do to investigate further.

  3. #3
    Just burned his ISO
    Join Date
    Apr 2006
    Posts
    2

    Default

    thanx for this!

  4. #4
    Just burned his ISO
    Join Date
    May 2006
    Posts
    5

    Default

    after I enter

    aireplay -0 -10 -a 00:00:00:00:00 ath0

    I get

    please specify a BSSID (-a).

    Any clue what I must be doing wrong?

  5. #5
    Just burned his ISO
    Join Date
    Feb 2006
    Posts
    5

    Default

    Quote Originally Posted by Tossil
    after I enter

    aireplay -0 -10 -a 00:00:00:00:00 ath0

    I get

    please specify a BSSID (-a).

    Any clue what I must be doing wrong?
    Enter it. Google essid, ssid, bssid.

  6. #6
    Just burned his ISO
    Join Date
    Mar 2006
    Posts
    6

    Default

    Quote Originally Posted by Tossil
    after I enter

    aireplay -0 -10 -a 00:00:00:00:00 ath0

    I get

    please specify a BSSID (-a).

    Any clue what I must be doing wrong?
    try aireplay -0 -10 -a 00:11:22:33:44:55 ath0

  7. #7
    Just burned his ISO
    Join Date
    May 2006
    Posts
    5

    Default

    Quote Originally Posted by darthn
    Enter it. Google essid, ssid, bssid.
    Darthn, as you can see in my post I did enter a BSSID (OO:OO:OO:OO:OO:OO) as was said above. The error came after entering exactly what was said.

  8. #8
    Member
    Join Date
    Jan 2006
    Posts
    66

    Default

    The MAC address must be six (6) hex characters long. As in 11:22:33:44:55:66.
    ---
    Useful HowTo Threads <-- Why do people think I'm joking when I link this?

  9. #9
    Just burned his ISO
    Join Date
    Mar 2006
    Posts
    6

    Default

    the reason I posted the 00:11:22:33:44:55 was that I also had problems just using 0's but 00:11:22:33:44:55 worked fine

  10. #10
    Just burned his ISO
    Join Date
    May 2006
    Posts
    5

    Default

    "Next, in a fresh konsole or xterm window, type: aireplay -0 10 -a 00:00:00:00:00:00 DEVICE . This command will broadcast 10 deauth frames to a nonexistant AP. If all goes well the deauth packets should show up in the ethereal capture frame."

    As stated above, entering 00:00:00:00:00:00 gave me that error. So I entered 00:11:22:33:44:55 and did not get the error I had gotten before.

    After doing that, nothing came up in Ethereal, so I assume my wireless card is not injecting anything. Oh fun.... At least I know one thing thats giving me problems now. Thanks for the help.

Page 1 of 6 123 ... LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •