Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: Bt3 & Iwp4965

  1. #1
    Member
    Join Date
    Jan 2010
    Posts
    83

    Default Bt3 & Iwp4965

    I have researched and researched this.. I see alot of people using the iwp4965 card and no injection support for it yet. I have even found a post where a guy made a patch for the injection (listed below). But have yet to see any talk about this being introduced in the next release of BT or being fixed in the current. Is anyone working on, going to work on, or plan to work on this? Thanks in advance!

    Code:
    diff --git a/origin/iwl4965-base.c b/origin/iwl4965-base.c
    index bb476b5..aa07522 100644
    --- a/origin/iwl4965-base.c
    +++ b/origin/iwl4965-base.c
    @@ -2679,7 +2679,8 @@ static void iwl4965_connection_init_rx_config(struct iwl4965_priv *priv)
     
     	case IEEE80211_IF_TYPE_STA:
     		priv->staging_rxon.dev_type = RXON_DEV_TYPE_ESS;
    -		priv->staging_rxon.filter_flags = RXON_FILTER_ACCEPT_GRP_MSK;
    +		priv->staging_rxon.filter_flags = RXON_FILTER_ACCEPT_GRP_MSK |
    +						  RXON_FILTER_CTL2HOST_MSK;
     		break;
     
     	case IEEE80211_IF_TYPE_IBSS:
    @@ -2984,11 +2985,6 @@ static int iwl4965_tx_skb(struct iwl4965_priv *priv,
     		goto drop_unlock;
     	}
     
    -	if (!priv->interface_id) {
    -		IWL_DEBUG_DROP("Dropping - !priv->interface_id\n");
    -		goto drop_unlock;
    -	}
    -
     	if ((ctl->tx_rate & 0xFF) == IWL_INVALID_RATE) {
     		IWL_ERROR("ERROR: No TX rate available.\n");
     		goto drop_unlock;
    @@ -3010,7 +3006,8 @@ static int iwl4965_tx_skb(struct iwl4965_priv *priv,
     
     	/* drop all data frame if we are not associated */
     	if (!iwl4965_is_associated(priv) && !priv->assoc_id &&
    -	    ((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA)) {
    +	    ((fc & IEEE80211_FCTL_FTYPE) == IEEE80211_FTYPE_DATA) &&
    +	     priv->interface_id) {
     		IWL_DEBUG_DROP("Dropping - !iwl4965_is_associated\n");
     		goto drop_unlock;
     	}
    @@ -3020,11 +3017,22 @@ static int iwl4965_tx_skb(struct iwl4965_priv *priv,
     	hdr_len = ieee80211_get_hdrlen(fc);
     
     	/* Find (or create) index into station table for destination station */
    -	sta_id = iwl4965_get_sta_id(priv, hdr);
    +	if (unlikely(!priv->interface_id)) {
    +		if (!ieee80211_is_probe_response(le16_to_cpu(hdr->frame_control)) &&
    +		    !is_multicast_ether_addr(hdr->addr1) &&
    +		    !is_broadcast_ether_addr(hdr->addr1))
    +			sta_id = iwl4965_add_station_flags(priv, hdr->addr1, 0, 0);
    +		else
    +			sta_id = priv->hw_setting.bcast_sta_id;
    +	}
    +	else
    +		sta_id = iwl4965_get_sta_id(priv, hdr);
     	if (sta_id == IWL_INVALID_STATION) {
    -		IWL_DEBUG_DROP("Dropping - INVALID STATION: " MAC_FMT "\n",
    -			       MAC_ARG(hdr->addr1));
    -		goto drop;
    +		if (priv->interface_id) {
    +			IWL_DEBUG_DROP("Dropping - INVALID STATION: " MAC_FMT "\n", MAC_ARG(hdr->addr1));
    +			goto drop;
    +		}
    +		sta_id = priv->hw_setting.bcast_sta_id;
     	}
     
     	IWL_DEBUG_RATE("station Id %d\n", sta_id);
    http://tinyshell.be/aircrackng/forum...c=2606.new#new
    http://www.intellinuxwireless.org/bu...ug.cgi?id=1537
    http://rpmfind.net/linux/RPM/opensus....1.x86_64.html
    http://rpmfind.net/linux/RPM/opensus...ates_Tree.html

  2. #2
    Member alacrityathome's Avatar
    Join Date
    Jan 2010
    Posts
    248

    Default

    chmod,

    I think the way it works @ BT is that if a working injection patch is available, BT will incorporate it into their release or efforts. But, BT will depend on others (aircrack-ng.org, madwifi.org, and others) to provide working injection patches.

    BT then concentrates on their speciality......providing the most available wireless pcmcia, pci, usb dongle injection capable units in the Linux o/s along side the most available penetration software possible.

    So.................if 4965 injection is available, I would bet it will be included in the final BT3.

    Alacrity

  3. #3
    Just burned his ISO
    Join Date
    Jan 2008
    Posts
    3

    Default

    Just thought I'd through my $0.02 in here.
    I have an Intel 4965agn and I have been able to get it into monitor mode with surprisingly little effort. Basically after boot I open konsole and execute the following:
    iwconfig wlan0 mode monitor
    ifconfig wlan0 up
    airodump-ng wlan0 #this works great
    airreplay-ng -1 0 -a 001122334455 -h 001122334455 wlan0 #things go CRAZY

    and by crazy I mean i get a constant stream of garbage on my prompt and it locks up my keyboard. If I ctrl-c i get nothing. If I close the window and open a new Konsole window the stream of garbage continues. Obviously injection is not working...BOO!!!

  4. #4
    Junior Member
    Join Date
    Dec 2007
    Posts
    30

    Default

    has anyone tried the patch yet? I've been waiting for this forever!!

  5. #5
    Junior Member
    Join Date
    Dec 2007
    Posts
    30

    Default

    where did you find that at by the way?

  6. #6
    Just burned his ISO
    Join Date
    Mar 2008
    Posts
    2

    Exclamation answer

    I have an Intel 4965agn too. i would like how to use the injection. The authentification mode (-1) don't work, and I have this :

    Code:
    Interface	   Chipset		 Driver
    wlan0				   iwl4965 - [phy0]/usr/local/sbin/airmon-ng: line 338: /sys/class/ieee80211/phy0/add_iface: Permission denied
    mon0: ERROR while getting interface flags: No such device				(monitor mode enabled on mon0)
    Who can help me ?

  7. #7
    Member
    Join Date
    Jan 2010
    Posts
    83

    Default

    I have added a resource link to the 4695 code patch.

  8. #8
    Just burned his ISO
    Join Date
    Mar 2008
    Posts
    2

    Default

    Quote Originally Posted by chmod View Post
    I have added a resource link to the 4695 code patch.
    Where can I dowload your patch modified?

  9. #9
    Just burned his ISO
    Join Date
    Jan 2008
    Posts
    5

    Default

    I found another thread that seems to be getting close to getting packet injection working.
    Code:
    tinyshell.be/aircrackng/forum/index.php?topic=2898.45

  10. #10
    Just burned his ISO
    Join Date
    Mar 2008
    Posts
    10

    Default

    Quote Originally Posted by bl4st0ix View Post
    I have an Intel 4965agn too. i would like how to use the injection. The authentification mode (-1) don't work, and I have this :

    Code:
    Interface	   Chipset		 Driver
    wlan0				   iwl4965 - [phy0]/usr/local/sbin/airmon-ng: line 338: /sys/class/ieee80211/phy0/add_iface: Permission denied
    mon0: ERROR while getting interface flags: No such device				(monitor mode enabled on mon0)
    Who can help me ?
    I am getting the exact same error, running BT3b via USB.

    I tried installing the latest Intel mac80211 drivers and the latest iwlwifi-1.2.25 drivers, but each and every time I've done it I've destroyed my Vista HDD MBR.

    When I boot into BT3 now, I have no drivers loaded for my wireless card as default and can't work out why. When I manually load the iwlwifi-1.2.25 drivers and try to connect to my network the computer freezes and needs a hard reset.

    Damn problematic card this one!

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •