Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: How to increase max packet injection rate?

  1. #1
    Just burned his ISO
    Join Date
    Feb 2010
    Posts
    11

    Default How to increase max packet injection rate?

    Hello all,

    Alright, first off I have a Dell Inspiron 1520 Laptop, with a Dell WLAN 1390 Mini Card, which is a broadcom chipset, using the bcm43xx drivers included in BT3 beta. So, with aireplay-ng, I can successfully inject ARP packets and increase the IVs. However, if left without the -x option, it begins to inject packets at 499-500 packets per second, then gives me an error about memory buffer overflow or something (I will double check the exact message when I next boot into backtrack). When I use the -x option to limit the pps to about 150, it works great, and I can inject until I have enough IVs consistently until I have enough, but is there any way I can increase the rate at which my card will let me inject? Also I know this is a problem with my card, because I have tried it at home, as well as my friend letting me borrow his AP to try it on. Thanks!

  2. #2

    Default

    Sorry to break this news to you, but the Broadcom chipset and driver can't handle any quicker. Be happy, because my Broadcom overflows if I inject any faster than 14 packets per second, so if you can set it at 150, lucky you.

    Quote Originally Posted by toymachineman19 View Post
    Hello all,

    Alright, first off I have a Dell Inspiron 1520 Laptop, with a Dell WLAN 1390 Mini Card, which is a broadcom chipset, using the bcm43xx drivers included in BT3 beta. So, with aireplay-ng, I can successfully inject ARP packets and increase the IVs. However, if left without the -x option, it begins to inject packets at 499-500 packets per second, then gives me an error about memory buffer overflow or something (I will double check the exact message when I next boot into backtrack). When I use the -x option to limit the pps to about 150, it works great, and I can inject until I have enough IVs consistently until I have enough, but is there any way I can increase the rate at which my card will let me inject? Also I know this is a problem with my card, because I have tried it at home, as well as my friend letting me borrow his AP to try it on. Thanks!

  3. #3
    Just burned his ISO
    Join Date
    Feb 2010
    Posts
    11

    Default

    Alright, thanks, somehow I was able to get 300 pps just a few minutes ago, I'm not sure how though. Thanks for the answer though, I just read some documentation and it said that injection was slower on broadcom, so I guess I am pretty lucky i can get 150 on average.

  4. #4
    Senior Member
    Join Date
    Apr 2007
    Posts
    3,385

    Default

    I have the Broadcom 4311 and it injects constantly at a rate of 500pps. All packets injected are valid. Its the best card I have for pps...its even better than any other card I have. The down side to this is that it locks up every 5 seconds and I have to repeat the command line to "re-inject"..and thats such a pain in the as....other than that, no problems with it at all.
    [CENTER][FONT=Book Antiqua][SIZE=5][B][COLOR=blue][FONT=Courier New][COLOR=red]--=[/COLOR][/FONT]Xploitz[FONT=Courier New][COLOR=red]=--[/COLOR][/FONT][/COLOR][/B][/SIZE][/FONT][FONT=Courier New][COLOR=Black][SIZE=6][B] ®[/B][/SIZE][/COLOR][/FONT][/CENTER]
    [CENTER][SIZE=4][B]Remote-Exploit.orgs Master Tutorialist.[/B][/SIZE][SIZE=6][B]™
    [/B][/SIZE]
    [URL="http://forums.remote-exploit.org/showthread.php?t=9063"][B]VIDEO: Volume #1 "E-Z No Client WEP Cracking Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=7872"][B]VIDEO: Volume #2 "E-Z No Client Korek Chopchop Attack Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=8230"][B]VIDEO: Volume #3 "E-Z WPA/WPA2 Cracking Tutorial"[/B][/URL]

    [URL="http://forums.remote-exploit.org/showthread.php?t=8041"][B]VIDEO: Volume #4 "E-Z Cracking WPA/WPA2 With Airolib-ng Databases"[/B][/URL]
    [/CENTER]

  5. #5
    Senior Member imported_spankdidly's Avatar
    Join Date
    Feb 2006
    Posts
    1,031

    Default

    Quote Originally Posted by -=Xploitz=- View Post
    I have the Broadcom 4311 and it injects constantly at a rate of 500pps. All packets injected are valid. Its the best card I have for pps...its even better than any other card I have. The down side to this is that it locks up every 5 seconds and I have to repeat the command line to "re-inject"..and that such a pain in the as....other than that, no problems with it at all.
    Just remember Folks, Sploitz practices voodoo as well. That's how he got the broadcom to work so well.
    I felt like bending the bars back, and ripping out the window frames and eating them. yes, eating them! Leaping, leaping, leaping! Colonics for everyone! All right! You dumb*sses. I'm a mental patient. I'm *supposed* to act out!

  6. #6
    Senior Member
    Join Date
    Apr 2007
    Posts
    3,385

    Default

    Quote Originally Posted by spankdidly View Post
    Just remember Folks, Sploitz practices voodoo as well. That's how he got the broadcom to work so well.
    voodoo!!

    Heres my proof.

    500pps!!!!

    Notice the top it says

    write failed: Cannot allocate memory
    wi_write() Illegal seek

    Thats the broadcoms ONLY flaw.

    [CENTER][FONT=Book Antiqua][SIZE=5][B][COLOR=blue][FONT=Courier New][COLOR=red]--=[/COLOR][/FONT]Xploitz[FONT=Courier New][COLOR=red]=--[/COLOR][/FONT][/COLOR][/B][/SIZE][/FONT][FONT=Courier New][COLOR=Black][SIZE=6][B] ®[/B][/SIZE][/COLOR][/FONT][/CENTER]
    [CENTER][SIZE=4][B]Remote-Exploit.orgs Master Tutorialist.[/B][/SIZE][SIZE=6][B]™
    [/B][/SIZE]
    [URL="http://forums.remote-exploit.org/showthread.php?t=9063"][B]VIDEO: Volume #1 "E-Z No Client WEP Cracking Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=7872"][B]VIDEO: Volume #2 "E-Z No Client Korek Chopchop Attack Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=8230"][B]VIDEO: Volume #3 "E-Z WPA/WPA2 Cracking Tutorial"[/B][/URL]

    [URL="http://forums.remote-exploit.org/showthread.php?t=8041"][B]VIDEO: Volume #4 "E-Z Cracking WPA/WPA2 With Airolib-ng Databases"[/B][/URL]
    [/CENTER]

  7. #7

    Default

    Actually, it's got a coupla other faults, i.e. the power in airodump doesn't get reported, and shows -1 or 0..., and some.

    Quote Originally Posted by -=Xploitz=- View Post
    voodoo!!

    Thats the broadcoms ONLY flaw.

  8. #8
    Senior Member
    Join Date
    Apr 2007
    Posts
    3,385

    Default

    Quote Originally Posted by abitaz View Post
    Actually, it's got a coupla other faults, i.e. the power in airodump doesn't get reported, and shows -1 or 0..., and some.
    Theres a fix for that as well.


    Code:
    http://downloads.openwrt.org/sources/broadcom-wl-4.80.53.0.tar.bz2


    You might need to make a module out of latest kernel, so I would probably go this route:

    Code:
    # get a copy of the tree
    git clone git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-2.6.git
    cd wireless-2.6
    # checkout all the other stuff
    git checkout -b everything
    # copy your existing kernel config
    cp /boot/configxxxxxxxxx .config
    make menuconfig
    # make sure the bcm driver is configured as a module
    make
    sudo make install


    Thanks goes to Berkut for pointing this out to me a few months ago. See this thread for more details.
    [CENTER][FONT=Book Antiqua][SIZE=5][B][COLOR=blue][FONT=Courier New][COLOR=red]--=[/COLOR][/FONT]Xploitz[FONT=Courier New][COLOR=red]=--[/COLOR][/FONT][/COLOR][/B][/SIZE][/FONT][FONT=Courier New][COLOR=Black][SIZE=6][B] ®[/B][/SIZE][/COLOR][/FONT][/CENTER]
    [CENTER][SIZE=4][B]Remote-Exploit.orgs Master Tutorialist.[/B][/SIZE][SIZE=6][B]™
    [/B][/SIZE]
    [URL="http://forums.remote-exploit.org/showthread.php?t=9063"][B]VIDEO: Volume #1 "E-Z No Client WEP Cracking Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=7872"][B]VIDEO: Volume #2 "E-Z No Client Korek Chopchop Attack Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=8230"][B]VIDEO: Volume #3 "E-Z WPA/WPA2 Cracking Tutorial"[/B][/URL]

    [URL="http://forums.remote-exploit.org/showthread.php?t=8041"][B]VIDEO: Volume #4 "E-Z Cracking WPA/WPA2 With Airolib-ng Databases"[/B][/URL]
    [/CENTER]

  9. #9
    Just burned his ISO
    Join Date
    Feb 2010
    Posts
    11

    Default

    Hey Xploitz, I guess I didn't explain it all, I can do 500 pps for around 5 sec before it gives me the
    write failed: Cannot allocate memory
    wi_write() Illegal seek

    also, so I mean I guess it still works.

  10. #10
    Junior Member
    Join Date
    Mar 2007
    Posts
    47

    Default

    Well, I can send 500 pps, but airodump shows the AP only recieving 50-60 per second tops. Does that mean I have the potential to get 500 if I craft my packets differently or something? Or possibly get closer to the AP....idk

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •