ASC IV injection with Netgear MA401

[disturbed4686]

Can someone please tell me how to get my MA401 to work with aireplay to stimulate IV's? I couldn't get it to go into monitor mode, but kimset and airodump both seem to be working fine. when i find a packet with aireplay that should work, it doesnt increase IV's at all.

I followed the flash tutorial here because it seemed that I wouldnt need to do a void11 attack, which I didnt want to do because it would disconnect my roomates.

I am using the most current version of ASC and my Netgear 401 card (prism2 chipset I beleive) and I got everything else to work except for the most important part, the IV creation.

Also, I found a word document of the toms networking WEP cracking tutorial somewhere, but I lost it. Does anyone have a link where I could re-downlad that?

Thanks in advance
Brian

 

[folken]

Here is the toms wep cracking guide:
Part 1
Part 2
Part 3
I dont recall seeing a Doc version of it but I'm sure those pages could easily be copy/pasted into a doc.

I've attempted wep cracking using this guid (on my ap of course) several times but I've always only had 1 prism network card so it never turned out so hot. I really think two laptops that each have a prism based card is the only way to get IV's and crack a wep key with any sort of speed. As soon as I get another prism based card I'm going to give it another go.

Also, I dont think you can run airplay and airodump at the same time on the same laptop.

 

[disturbed4686]

The MA401 is a prism 2 card, and yes you can run airpdump and aireplay on the same computer, because it is possible to crack WEP on only 1 laptop.

 

[disturbed4686]

so how come i can't get the IV count to go up? What am i doing wrong?

 

[c4onastick]

The MA401 is a prism 2 card, and yes you can run airpdump and aireplay on the same computer, because it is possible to crack WEP on only 1 laptop.

Most of the cracks done with one card were done with a WG511 (PrismGT). I'm not entirely sure that the Prism 2's can inject and sniff at the same time. I'm having the same problem with my Atheros card though, WG511T. I can capture fine, using Airodump, but replay using Aireplay doesn't seem to work either. Are you using ARP requests? Or random packets like shown on the crimemachine tutorial.

 

[disturbed4686]

i used the crimemachine flash tutorial. and I get packets that match the criteria, but the IV's don't go up

 

[c4onastick]

This problem we're having is two fold then, a) you need to capture and replay a packet that contains a IV, b) we may have driver/configuration problems that do not allow us to replay packets. I'm having a busy week but I just had an idea, try running aireplay and ethereal. You should be able to see the individual packets being sent by aireplay on ethereal, that way you can be certain that your card is injecting packets. If you can see them there, then you simply aren't replaying a packet with an IV, so you just need to try another one. Give that a shot, let me know if it works. Otherwise I'll try it next week and let you know. Also look for some new madwifi (atheros) drivers, I know they have some problems with them in BackTrack. But I do believe they have gotten them to inject now. (oops that's advice for me, you don't use madwifi drivers)

 

[disturbed4686]

the only problem with that is that i am using auditor security collection, which is a livecd, so i wouldnt be able to downlaod the drivers every time i load it up, since i wont have an internet connection. I'll try running ethereal with aireplay. Also, what would the packets look like if I'm successfully(sp?) injecting them? Would they just show up, and nothing would show up if it wasn't working?

 

[c4onastick]

You should see a huge influx of your selected packet. This is just a theory, but it should capture the packets that you're injecting. You should also be able to use ethereal's filtering functions to determine what types of packets work/don't work, which should give you a feel of what packets to replay with aireplay. For the drivers, you could try BackTrack, based on SLAX, which can be easily modified and customized to include your new drivers.