Skip to main content

Packet Injection wifi Intel 4965 AGN

Finally there exists a way how to solve packet injection with driver for wifi card Intel WiFi Link 4965AGN – operating system Linux. The one modified is the original driver iwlwifi (included for example in distribution Backtrack Linux). Be aware that the packet injection is functional but still it is an experimental thing (develop version). Besides the complicated compilation and occasional unstability so far (September 2008) the aireplay-ng attack -9 (t.j test injection) does not work on 100%.

Tutorial for packet injection Intel Pro Wireless 4965AGN (iwl4965)
What do you need:
- kernel 2.6.25 or higher*,
- kernel sources,
- compat-wireless-2.6 packet,
- aircrack-ng (=””> RC1),
- basic development tools (make, gcc, …),
- injection patche for driver.
Be aware that the instruction is for generic Linux. Your distribution, mainly in case of advanced packet administration (Debian, Ubuntu, etc.), can include required packets in source (then you don’t have to compile it manually from source code).

Preparation of kernel
Make sure that your kernel configuration includes mentioned configuration. Especially watch out for those that are as modules built-in and those that can be added.

Networking -> Wireless :
[M] Improved wireless configuration API
[*] nl80211 new netlink interface support
[*] Wireless extensions
[M] Generic IEEE 802.11 Networking Stack (mac80211)
[M] Generic IEEE 802.11 Networking Stack (DEPRECATED)
[M] IEEE 802.11 WEP encryption (802.1x)
[M] IEEE 802.11i CCMP support
[M] IEEE 802.11i TKIP encryption
[M] Software MAC add-on to the IEEE 802.11 networking stack

It is also necessary to turn on “Automatic kernel module loading” under “Loadable module support”, otherwise you will end if “module dependency errors”. At this moment you can suppose that your kernel is prepared and is running.

Driver compilation
Development version of drivers exists as a part of compat-wireless project. We will need the up-to-date packet. You can get it here.
Download to your home folder (or where ever you want),then download patches for iwlwifi drivers, including fragmentation patch for mac80211. Last mentioned is available here (download 2.6.26-wl version). The first available is hang up at paste.bin.

cd ~
tar xjf compat-wireless-2.6.tar.bz2
cd compat-wireless-2008-*
wget http://pastebin.com/pastebin.php?dl=f7bc96631 -O iwl4965-injection.patch
wget http://patches.aircrack-ng.org/mac80211_2.6.26-wl_frag.patch
patch -p1 < iwl4965-injection.patch
patch -p1 < mac80211_2.6.26-wl_frag.patch
make
make install [jako root!]
make unload; rmmod ssb mac80211 cfg80211 [all as root!]
make load [as root!]
echo options iwl4965 swcrypto=1 >> /etc/modprobe.d/options [all as root!]

This will allow to start it and to use the treated driver module. In case of success in the system there is registered interface “wlan0″ and “wmaster0″, the first can be seen by iwconfig.


Injecting
From the way how mac80211 works it is obvious that you can’t inject at the original interface wlan0. This is the moment when you can use the tool airmon-ng. By this tool you will create the interface mon0 that is able to do packet injection. Command:

# airmon-ng start wlan0

If the word error appears “iw”, program not found, download and compile. Program “iw” is pendent to “libnl” pack (downloadable here). If it is successful you can try again to run airmon-ng. The output should look like this:

# airmon-ng start wlan0
Interface Chipset Driver
wlan0 Intel 4965 a/b/g/n iwl4965 - [phy0] (monitor mode enabled on mon0)

If you made it up to here your wireless card is probably ready for packet injection. Interface mon0 can be used for airodump-ng scan and aireplay-ng packet injection.

First reference and tutorial was published (in English) at tinyshell forum. The text is a translation from the record at aircrack-ng wiki. Detailed description can be found in the discussion here. The summary of steps for Ubuntu 8.04 (or here). The card ipw4965 is not at this moment available, so do the testing and your comments are welcomed at the discussion forum.
via airdump.net

Comments

Popular posts from this blog

Test New ALFA-AWUS036H v.2 (1.000mW) VS ALFA-AWUS036H v.1 (500mW)

- Recently emerged the New ALFA-AWUS036H v.2 (1.000mW), and these are the tests. TEST WITH NETSTUMBLER 1) usb da 100mW chipset railink 2) usb da 200mW chipset railink rt73 3) intel 2200 b/g con connettore esterno rp-sma 4) Alfa-AWUS036H 500mW 5) New Alfa-AWUS036H V2 da 1.000mW

Creating A Cheap Bluetooth Sniffer

Many papers and posts on internet forums have commented on the success of turning normal everyday bluetooth USB dongles ($10), into their more powerful counterparts that allow the capturing of packets from the airwaves. These more powerful USB dongles are usually sold at a much higher price ($10,000) together with the software to drive and control these devices. The problems associated with BlueTooth sniffing You cant simply just purchase the dongle with the alternate firmware. There is next to no real opensource packet capture program for the bluetooth protocol. Hardware & Limitations Chipsets: Whats the difference? The chipset of the Bluetooth USB Dongles are very important. Broadcom chipsets are cheap hardware and are deemed unsuitable devices for this paper. But unfortunalty nowadays, every manufacturer seems to prefer putting these chips in their products compared to the more reliable Cambridge Silicon Radio (CSR) chipset. If your lucky enough to find a dongle with a CSR chips...

ALFA-­AWUS036H & ALFA-­AWUS050NH INSTALLING/UPDATING DRIVERS RTL8187, r8187, RT2800usb on UBUNTU

NOTE: For surfing Internet with ALFA-AWUS050NH on Ubuntu Jaunty with rt2870sta driver, you must use the Kernel "2.6.28-11-generic #42-Ubuntu", without change or updates the drivers modules. NOTE: The tutorial is not related to Ubuntu karmic. Driver RTL8187/Stacks-­mac80211 (ref. ALFA-­AWUS036h) ­- These drivers, for surfing Internet, are more stable than r8187, and fully compatible with Network-Manager 0.7 installed by default on Ubuntu 9.04. Network-Manager 0.7 installed by default on Ubuntu 9.04. ­- Supports all encryption without problems. (OPEN, WEP and WPA/WPA2) ­- With Compat-Wireless, the "injection" working, but for support “Fragmentation attack” (opt. -5) you need to install one patch. - The RX sensitivity and packets injection is less, related to drivers r8187. Driver r8187/Stacks-ieee80211 (ref. ALFA-AWUS036h) - This driver is recommended for use with the Suite of Aircrack-ng, but not particularly suitable for Internet connections, as less stable and disc...