|
Re: Aircrack-ng & Macchanger (fremantle/maemo 5)
WPA/WAP2 capture works via airbase-ng: http://www.youtube.com/watch?v=3Zoxx2hnIK0
Hirte and Cafe Latte attack don't work however. |
Re: Aircrack-ng & Macchanger (fremantle/maemo 5)
But still only channel 6, so useless :(
|
Re: Aircrack-ng & Macchanger (fremantle/maemo 5)
Quote:
|
Re: Aircrack-ng & Macchanger (fremantle/maemo 5)
Hey gang,
Did I do something wrong here? It appears I can only collect management and control frames. I'm not seeing data frames at all. I used both aircrack-ng and tcpdump (at different times). Interface is obviously in monitor mode as I can see multiple probe requests/responses and beacon frames. But when I force data over the connections I see, I'm not seeing the data frames at all. The network I used was my own, open and visible by both aircrack-ng and tcpdump. Anyone else experience this? Am I crazy?? Thanks! Geezer |
Re: Aircrack-ng & Macchanger (fremantle/maemo 5)
Hi Guys aircrack works only with 6 channell? And the other command airodump-ng, aireplay-ng and aircrack work?
I want to understand. can I use the same procedure that work with Ubuntu to crack Wep or Wpa ???? In this video http://www.youtube.com/watch?v=3Zoxx2hnIK0 he use the command airmode-ng..... |
Re: Aircrack-ng & Macchanger (fremantle/maemo 5)
Haven't finished experimenting, but it seems the wl12xx driver does perform injection to some extent. I hackishly installed airpwn (and dependencies: lorcon, libnet, libpcap, libpcre) on my n900 and though spoofing didn't work, I fired up aireplay-ng -9 just after and bingo: high rates of injection success. airodump-ng also worked way better and on other channel besides the 6. Seems that airpwn succeeded in tickling the driver into an appropriate mode for injection.
|
Re: Aircrack-ng & Macchanger (fremantle/maemo 5)
wow, thats great! i don't get success to compile airpwn, i've compilet lorcon, installed deps, etc. can you post any binaris? have you made in SDK? or in a debian chroot?
|
Re: Aircrack-ng & Macchanger (fremantle/maemo 5)
http://rapidshare.com/files/327701899/airpwn.bz2.html
The following is a hack, use at your own risk. Above files are the debs I created, most of them by their original source tarballs - not debian packages as there were always dependency issues when trying to compile. (libnet, libpcap, lorcon, pcre) Install them on the n900. Warnings will be generated because they were compiled against a different libc or something -> ignore, they will install nonetheless. The ugly part: - ln -s /opt/lib/libpcre.so.0 /usr/lib/ - ln -s /opt/lib/libnet.so.1 /usr/lib/ And finally, supreme ugliness (faking the 2.4 python lib): - ln -s /usr/lib/libpython2.5.so.1.0 /usr/lib/libpython2.4.so.1.0 airpwn is installed in /sbin/airpwn. It should run now. Fire it up, ctrl-c to shut it down. Then run aireplay-ng -9 wlan0. Injection should work. airodump-ng works like a charm now as well. Oh, but I did not tell you: I used my custom compiled aircrack suite (0.9.3) - don't know if this has an influence. http://rapidshare.com/files/32770797...ck-ng.bz2.html (should work out of the box) As you see a lot more to explore when time is available... |
Re: Aircrack-ng & Macchanger (fremantle/maemo 5)
Thanks for taking the time to post this freakyflint.
It did not work for me however. I tried both your aircrack-ng and the one from extra-devel. I get 0/30 trying "aireplay-ng -9 wlan0" and I can't see anything other than channel 6. Anything else you did other than airpwn? By the way when using your debs airpwn was install in /opt/sbin/ not /usr/sbin. |
Re: Aircrack-ng & Macchanger (fremantle/maemo 5)
1 Attachment(s)
Sorry can't really provide more for the moment. All I have is proof that somehow injection is possible by 1) associating with a network, 2) running airpwn then 3) injecting with aireplay-ng. One would have to explore some more to know what's happening (not me at this time).
|
Re: Aircrack-ng & Macchanger (fremantle/maemo 5)
Quote:
Code:
ifconfig wlan0 down |
Re: Aircrack-ng & Macchanger (fremantle/maemo 5)
Has anyone been actually successful in cracking a WEP key on the N900 yet?
|
Re: Aircrack-ng & Macchanger (fremantle/maemo 5)
Quote:
|
Re: Aircrack-ng & Macchanger (fremantle/maemo 5)
for me didn't work airpwn or anything else writed on the post, for me work:
ifconfig wlan0 down rmmod wl12xx modprobe wl12xx iwconfig wlan0 mode monitor airodump.... |
Re: Aircrack-ng & Macchanger (fremantle/maemo 5)
OK, just discovered this:
- turn the power-saving settings off in the settings for your internet connection. (Settings -> Internet connections). - connect to said network - go into monitor mode manually - test injection (aireplay -9 wlan0), should work Works every time for me, though airodump is leaving me puzzled... |
Re: Aircrack-ng & Macchanger (fremantle/maemo 5)
Quote:
|
Re: Aircrack-ng & Macchanger (fremantle/maemo 5)
Hi everyone,
I just updated the packages so they are optified and only links are present in rootfs. I also uploaded source to svn on garage ++ Greg |
Re: Aircrack-ng & Macchanger (fremantle/maemo 5)
thank you guys - you have just re-enforced my faith in the IT brother hood and the great possibilities of linux/unix in the pocket.
As a IT professional - I can't wait to have a tool that small and powerful enough for me to be able to monitor/ test/check/improve and protect my networks and be "in touch" with the world all with the same device. |
Re: Aircrack-ng & Macchanger (fremantle/maemo 5)
Quote:
|
Re: Aircrack-ng & Macchanger (fremantle/maemo 5)
How is it going?
Great job your doing enabling aircrack on the n900. I'm looking forward to crack wep even from my cellphone:P |
Re: Aircrack-ng & Macchanger (fremantle/maemo 5)
Hello, as someone can help me because I want to know where I can find the IW command line to lunch airmon-ng.
Sory for my english |
Re: Aircrack-ng & Macchanger (fremantle/maemo 5)
Is aircrack one of the better wep cracking tools?
edit: yepp, the best :) this thread is really interesting. i hope it will continue. |
Re: Aircrack-ng & Macchanger (fremantle/maemo 5)
I would like to log all the wifis around me when walking through the city. I'm doing it with airodump-ng. It works just fine but without gps.
How can I get gps working with airodump-ng? Do I need gpsd? Where can I get it for the N900? Regards, MiNe |
Re: Aircrack-ng & Macchanger (fremantle/maemo 5)
Quote:
|
Re: Aircrack-ng & Macchanger (fremantle/maemo 5)
Hi all,
i just received my n900 early last week. love it to bits and there isnt anything i cant do with it (beter than my pc), however am having abit of a trouble with aircraft. i downloaded it from devel, and i wana test it out if i could use it. am not a programer and honestly not very good in maemo. would some one please explain in an easy format how i can use it. with simple step by step instructions. thanks guys appreciate it |
Re: Aircrack-ng & Macchanger (fremantle/maemo 5)
I was playing around with this the other day and I got aireplay to say injection was working after turning off the power saving but it still didn't work even with the router sitting a foot away.
|
Re: Aircrack-ng & Macchanger (fremantle/maemo 5)
Quote:
|
Re: Aircrack-ng & Macchanger (fremantle/maemo 5)
Quote:
http://www.kismetwireless.net/Forum/...2281051.621273 Kismet binary for n900 http://ul.to/2q0zcp Alternatively, you can always apt-get install kismet in easy-debian. Shaq |
Re: Aircrack-ng & Macchanger (fremantle/maemo 5)
Does changing your MAC invalidate the warranty?
|
Re: Aircrack-ng & Macchanger (fremantle/maemo 5)
Hi Dear
# airmon-ng start wlan0 # airodump-ng -w 0 wlan 0 scan network but no ivs or data:( what to do? |
Re: Aircrack-ng & Macchanger (fremantle/maemo 5)
All,
After speaking to engineers at companies who are far smarter than myself, it is their belief that the firmware in the wl1251 chipset is preventing the collection of data packets while in monitor mode. I have personally tried damn near all the suggestions here in this thread. Nothing, and I mean nothing, works to collect data packets. The ONLY data packets I CAN collect are my own when connected to a network which defeats the purpose of Kismet and Aircrack. So, I am becoming more and more convinced that until someone produces a hacked firmware binary, we will NOT be collecting data packets while in monitor mode. However, I would really love to see someone more capable than myself prove me wrong! Good luck, fellas! Geezer |
Re: Aircrack-ng & Macchanger (fremantle/maemo 5)
All,
Here's a follow-up to my previous post. Here is an excerpt from a thread I found while digging around: "As we discussed on IRC, it is really needed. We must always provide a BSSID when changing channels in preparation for an association. For this reason (and others) the wl1271 with the current firmware does not support promiscuous mode or frame injections. I'll ask TI next time we meet them, if there is any possibility to remove the need for the BSSID at this point, so things will be greatly simplified. There is a very slight chance that this could be possible for wl1271, but for wl1251 I think there's no hope to change it anymore. So in any case, we will need to support this on the stack if we want to have wl1251 to work correctly. :( " Source: http://patchwork.kernel.org/patch/54245/ Geezer |
Re: Aircrack-ng & Macchanger (fremantle/maemo 5)
I've talked to the tree maintainer for wl1251 and it's likely not to be an issue with tertiary firmware - I spoke with Kalle less than a week ago.
HTC uses the same chipset in their WM and Android phones, there are many wl1251 initial loader fimware binary blobs floating around. I've used the OpenMoko section and to no avail. I believe it to be solely and only a mac80211 stack issue that needs to be "customized" for the WL12xx as a workaround. |
Re: Aircrack-ng & Macchanger (fremantle/maemo 5)
Thanks, hawaii!
That was my read on the various threads as well. However, do you or anyone you speak with, know the priority of this capability on Kalle's TODO list? I'm sure there are more pressing issues than our needs and wants! ;) |
Re: Aircrack-ng & Macchanger (fremantle/maemo 5)
He has quite a bit, was unable to give me a timeframe - but it is fairly low on the priority list. Like, real low.
I also don't expect to see a "community" fix for this issue, just due to the nature of the problem. I've talked to a few other dev's who did work on the HTC driver and I'm now torn between information of whether it's tertiary firmware issues, or driver/stack issues. We'll see more when Kalle updates, when I know, you'll know and I hope when somebody else knows, we'll know too. I'll post anything I'm updated on, on Twitter. |
Re: Aircrack-ng & Macchanger (fremantle/maemo 5)
hawaii whats the twitter to follow?
|
Re: Aircrack-ng & Macchanger (fremantle/maemo 5)
|
Re: Aircrack-ng & Macchanger (fremantle/maemo 5)
I'm sorry te be such a noob, but its not clear to me:
-if the latest version is pretty safe -if this allows you to get into protected WLAN-spots(if it can hack the passwords) Hoping for respond, sorry if this is realy stupid. Regards, Thijs |
Re: Aircrack-ng & Macchanger (fremantle/maemo 5)
Haha! That's funny. I already follow you and tweeted with you, Simon! This is Terry, or t_dunlap on Twitter! Small world.
I had lunch yesterday with guy that said some of his teammates had to implement some special firmware on an HTC device for a client. According to his peeps, there isn't a software solution. Only firmware. I'll keep my fingers crossed that Kalle can do some magic! I hope you're diggin' your new N900!! |
Re: Aircrack-ng & Macchanger (fremantle/maemo 5)
:D Well hello there.
From the experimenting I've done, I think you whoever you spoke with, is right. I'm not so sure we'll see a fix for this until the tertiary firmware is completed busted open. Makes me a sad panda. |
| All times are GMT. The time now is 21:44. |
vBulletin® Version 3.8.8