Senao packet injection works but aireplay don't
I'm in a bit of a bind...It's been a week since I burned my iso for bt3b and I have come across one headache after another.
I have managed to work my way through them by searching through this forum mostly, so well done everyone for sharing information so freely. Us noobs really appreciate it.
OK, enough buttering up.
Here's the deal. I have a Senao sl-2511 cd plus ext wifi card. O-Ooh. Yep!
I cannot crack my wep key no matter how hard I try.
I follow xploitz most excellent tutorial for cracking wep, but no joy.
My senao injects fine, but I never get any ARP's or ACK's
At first I couldn't connect to the net, but you guys here showed me how to do the
to remove the wrong drivers and
That's all cool, then I'll
ifconfig wlan0 down
iwconfig wlan0 mode managed
ifconfig wlan0 up
And I get internet. Sweet.
Then I installed to my harddrive, dual boot XP/backtrack
I then updated the kernel just yesterday. I patched the hostap drivers as suggested on the aircrack-ng.org site, and boom, i can inject with my senao where previously i couldn't. I also blacklisted the orinoco drivers as suggested elsewhere.
I'm telling you all this so that you can see that the card works, injection works, airodump sees the AP, and I can associate with it.
I just can't seem to receive any ARPs of ACKs and I'm convinced that this is the only thing standing in my way for cracking my WEP.
To start with I fire up my card with
airmon-ng start wlan0
and it comes back with wlan0 hostap monitor mode enabled
airodump-ng -c 6 -w dumpfile wlan0
OK, so far so good. IV's increase very very slowly, about 2 per minute.
aireplay-ng -1 0 -a <AP MAC> -h <MY WNIC MAC> -e <NETWORK NAME> wlan0
I associate with the AP straight away
aireplay-ng -3 -b <AP MAC> -h <MY WNIC MAC> -e <NETWORK NAME> wlan0
and i get one of two things happen.
first time i do it, i get 0 arps 0 acks and it never changes
if i ^Z out of it and try again it says
device /rtc (or something) busy
and then says to start airodump to capture replies and then nothing else.
In xploitz tutorial, i see the arps and acks shoot through the roof, but mine go nowhere. What could be the problem???
You may be interested to know that wireshark shows malformed packets right after a deauth packet.
the aireplay -4 attack shows that after sending a packet, it receives a deauath packet if i'm not associated (though that's normal isn't it)
aireplay -9 wlan0 shows injection works very well, mostly around 70%
I am using 1.7.4 senao firmware and 0.9.4 aircrack downloaded yesterday
and that's about it.
Please help. Am i really stupid? Probably, but I try hard.
I suggest you use BackTrack 2.0 final. I have the same card as you and it works flawlessly in BT2, just like you see in those videos. It may be a lot of work, but I'd install BT2, upgrade the aircrack-ng suite, download the latest airoscript.sh and install aircrack-ptw for very fast WEP cracking.
None of us have had much luck getting this card to inject / detect arps in BT3b. Your time is probably much better spent reverting back to BT2 and upgrading the crap out of it.