Results 1 to 8 of 8

Thread: aireplay-ng channel issue

  1. #1
    Very good friend of the forum hhmatt's Avatar
    Join Date
    Jan 2010
    Posts
    660

    Default aireplay-ng channel issue

    When I try to run a fake authentication using aireplay-ng it seems that it won't pick up the channel that the AP is on.
    It gives me an error saying that the AP isn't on this channel. (In a more technical way of course.)
    The AP is on channel 11.
    The first time I tried it started on channel 1, Second time it was channel 5, then everytime after that it kept on trying channel 6. I'm positive I have inputted the correct mac address and essid. So I restarted up with BT2 to ensure it wasn't my card and it worked correctly the first try. I can't exactly update aircrack since its run off the cd. (I think it can be updated but if I restart its gone again) I have tried looking for a way to input the channel manually but I can't seem to find it.

    Is this a hardware driver or a aircrack issue I'm unsure?!?

    I ran this off of a inspiron 5100 but the wireless card is an atheros chipset ar5bmb-43 pulled out of a toshiba satellite.

    I have to test this card more in bt2 to ensure it can properly inject and keep and make a good connection before I add it to the HCL. But so far so good. I'm really surprised that this card has been overlooked and people still try to run those damn broadcom chipsets. This card is in several toshiba's and at $11.00 usd on ebay including shipping its way better than fussing around with a broadcom or several other chipsets.

  2. #2
    Jenkem Addict imported_wyze's Avatar
    Join Date
    Jul 2007
    Posts
    1,543

    Default

    Quote Originally Posted by hhmatt81 View Post
    When I try to run a fake authentication using aireplay-ng it seems that it won't pick up the channel that the AP is on.
    It gives me an error saying that the AP isn't on this channel. (In a more technical way of course.)
    The AP is on channel 11.
    The first time I tried it started on channel 1, Second time it was channel 5, then everytime after that it kept on trying channel 6. I'm positive I have inputted the correct mac address and essid. So I restarted up with BT2 to ensure it wasn't my card and it worked correctly the first try. I can't exactly update aircrack since its run off the cd. (I think it can be updated but if I restart its gone again) I have tried looking for a way to input the channel manually but I can't seem to find it.

    Is this a hardware driver or a aircrack issue I'm unsure?!?

    I ran this off of a inspiron 5100 but the wireless card is an atheros chipset ar5bmb-43 pulled out of a toshiba satellite.

    I have to test this card more in bt2 to ensure it can properly inject and keep and make a good connection before I add it to the HCL. But so far so good. I'm really surprised that this card has been overlooked and people still try to run those damn broadcom chipsets. This card is in several toshiba's and at $11.00 usd on ebay including shipping its way better than fussing around with a broadcom or several other chipsets.
    How far are you from the AP?
    dd if=/dev/swc666 of=/dev/wyze

  3. #3
    Very good friend of the forum hhmatt's Avatar
    Join Date
    Jan 2010
    Posts
    660

    Default

    about a foot and a half, should I move it back?

  4. #4
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default

    I have that problem sometimes. Two things you can do.

    1. bt~#iwconfig ath0 channel 6 (or whatever)

    That usually works but if it doesn't try locking airodump on the channel before you use aireplay.

    2.bt~#airodump-ng -c 6 -w capture ath0

  5. #5
    Very good friend of the forum hhmatt's Avatar
    Join Date
    Jan 2010
    Posts
    660

    Default

    Ahhh... thanks that makes sense, I'll test it out in a few.

  6. #6

    Default

    i had same prob, I was channel hopping, so I done it similar to pureh@te

    airodump-ng -c 6 -w capture --bssid (mac) ath0

  7. #7
    Very good friend of the forum hhmatt's Avatar
    Join Date
    Jan 2010
    Posts
    660

    Default

    Yea I've been watching it carefully and it looks like airodump is the culprit here.

    If you dont set airodump to a specific channel prior to the fake authentication it uses the channel that airodump is on (While its channel hopping) when you hit enter. I actually forgot to test this not running airodump.
    I'm going to check aircrack's information to see if they realize this is happening or maybe it has already been fixed? Does anyone know if the lastest version still does this? I haven't been able to get around to doing the HD install yet to update some of these programs and other misc things.

  8. #8
    Very good friend of the forum drgr33n's Avatar
    Join Date
    Jan 2010
    Location
    Dark side of the moon ...
    Posts
    699

    Default

    Its the atheros drivers, I've had this issue for a while. If ath0 has been locked to a channel then ath1 cannot lock to a different one If you kill ath0 and then start ath1 in monitor mode it should channel hop until you lock it to a channel. The subversion doesn't do this but is very unstable I find so I just kill ath0.

    Code:
    wlanconfig ath0 destroy;wlanconfig ath1 create wlandev wifi0 wlanmode monitor
    Then for channel hopping

    Code:
    airodump-ng ath1
    Or to lock airodump to a channel

    Code:
    airodump-ng -c * ath1
    And when you want to go back to managed mode

    Code:
    wlanconfig ath1 destroy;wlanconfig ath0 create wlandev wifi0 wlanmode managed
    Hope this helps

    EDIT

    Heres a little python script to help you out.

    Code:
    # Atheros starter by drgr33n
    
    import os, sys
    def usage ():
      print """
    
    Usage:
    --start --stop --help
    
            """
    
    if sys.argv[1].startswith('--'):
        var = sys.argv[1][2:]
        if var == "start":
          print "Setting Monitor mode...!"
          os.system("wlanconfig ath0 destroy;wlanconfig ath1 create wlandev wifi0 wlanmode monitor")
          print "done"
        if var == "stop":
          print "Setting Managed mode...!"
          os.system("wlanconfig ath1 destroy;wlanconfig ath0 create wlandev wifi0 wlanmode managed")
          print "done"
        if var == "help":
          usage()
    else:
      usage()
      
    # EOF
    Just copy and paste to a txt file and save as start_atheros.py and save it in a convenient place. To run type:

    Code:
    python start_ateros --help

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •