search

philsmd / vap11g

Use and configure your vap11g device with this open source tool
GNU General Public License v3.0
31 stars 11 forks source link

Not working here #1

Closed daniel-lucio closed 11 years ago

daniel-lucio commented 11 years ago

./vap11g.py -i eth0 -d -v -s OKay -c 0 --wpa2 -k mycorrectpass -t [i] Interface name to use: eth0 [i] Your local ethernet MAC address is 00:e0:b8:c5:4c:1e for interface eth0 [i] The data: 0000: ff ff ff ff ff ff 00 e0 b8 c5 4c 1e 88 88 00 00 ..........L..... 0016: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0032: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0048: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [i] The response: 0000: 00 e0 b8 c5 4c 1e 00 17 13 10 da fc 88 88 00 00 ....L........... 0016: 00 00 00 00 00 00 38 00 00 01 00 00 04 e0 54 00 ......8.......T. 0032: 01 10 00 00 00 00 00 8e b4 b9 8e ed b0 c9 ef ec ................ 0048: c4 c9 eb ea ce c5 eb 00 00 00 00 00 00 00 08 12 ................ 0064: 00 00 80 00 00 00 00 00 00 00 10 04 00 00 00 04 ................ [i] Got response from device on interface 'eth0' with mac 00:17:13:10:1310:1512 [i] The data: 0000: 00 17 13 10 13 10 15 12 00 e0 b8 c5 4c 1e 88 88 ............L... 0016: 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0032: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0048: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0064: 00 00 .. [-] Error: socket timed out. EXIT

philsmd commented 11 years ago

I now tried to copy and paste the command and program my device and it worked for me. strange

Maybe the only thing(s) you are missing is that you (may) need to be root to access the interface (i.e. run it as sudo) and that you may try to put the interface up e.g. sudo ifconfig eth0 192.168.0.2 up

Furthermore, you seem to intermix wpa2 w/ wep (e.g. --wpa2 vs -t) but the -t option should be silently ignored. From the help/README: -t use 128bit WEP, strong mode

This option doesn't hurt since I didn't get the "socket timed out' error, but instead I was able to change my vpa11g's config via the exactly same above command.

Please test further and try to modify some args, but it should depend on the communication w/ the raw interface

UPDATE: looking closer at your above output, this seems to be not a valid MAC address "00:17:13:10:1310:1512", does this output always look like that? It should look like '00:17:13:10:13:10'. Can you test some more times and check if this MAC always get parsed wrongly? This may be a bug if so... Should this be the correct MAC address? Can you double-check that? Can you find the "correct" MAC and tell me if it is indeed '00:17:13:10:13:10' !!!! This is why the device does not respond, since we have a wrong ADDRESS! Thx

philsmd commented 11 years ago

It seems that the mac is instead '00:17:13:10:da:fc'. thiis seems to be indeed a bug since it now mistakenly tries to convert 'da' to 1310 and 'fc' to 1512

philsmd commented 11 years ago

The problem could be solved now. please update your git clone or clone it again. The pull request (already merged) is here: https://github.com/philsmd/vap11g/pull/2

Please test and confirm if fixed. Thx for reporting

daniel-lucio commented 11 years ago

thank you

./vap11g.py -i eth0 -d -v -s OKay -c 0 --wpa2 -k mycorrectpass [i] Interface name to use: eth0 [i] Your local ethernet MAC address is 00:e0:b8:c5:4c:1e for interface eth0 [i] The data: 0000: ff ff ff ff ff ff 00 e0 b8 c5 4c 1e 88 88 00 00 ..........L..... 0016: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0032: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0048: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [i] The response: 0000: 00 e0 b8 c5 4c 1e 00 17 13 10 bd ec 88 88 00 00 ....L........... 0016: 00 00 00 00 00 00 38 00 00 01 00 00 04 e0 54 00 ......8.......T. 0032: 01 10 00 00 00 00 00 e9 a4 a9 e9 8a a0 d9 88 8b ................ 0048: d4 d9 8c 8d de d5 8c 00 00 00 00 00 00 00 08 12 ................ 0064: 00 00 80 00 00 00 00 00 00 00 10 04 00 00 00 04 ................ [i] Got response from device on interface 'eth0' with MAC 00:17:13:10:bd:ec [i] The data: 0000: 00 17 13 10 bd ec 00 e0 b8 c5 4c 1e 88 88 00 01 ..........L..... 0016: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0032: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0048: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [i] The data: 0000: 00 17 13 10 bd ec 00 e0 b8 c5 4c 1e 88 88 01 01 ..........L..... 0016: 01 00 00 00 00 00 07 00 39 31 30 37 3a 0d 0a 00 ........9107:... 0032: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0048: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [i] The data: 0000: 00 17 13 10 bd ec 00 e0 b8 c5 4c 1e 88 88 02 01 ..........L..... 0016: 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0032: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0048: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [i] The data: 0000: 00 17 13 10 bd ec 00 e0 b8 c5 4c 1e 88 88 01 01 ..........L..... 0016: 01 00 00 00 00 00 07 00 39 31 30 30 3a 0d 0a 00 ........9100:... 0032: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0048: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [i] The response: 0000: 00 e0 b8 c5 4c 1e 00 17 13 10 bd ec 88 88 01 01 ....L........... 0016: 00 00 00 00 00 00 02 00 00 00 00 00 00 00 00 00 ................ 0032: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0048: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [i] The data: 0000: 00 17 13 10 bd ec 00 e0 b8 c5 4c 1e 88 88 02 01 ..........L..... 0016: 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0032: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0048: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [i] The response: 0000: 00 e0 b8 c5 4c 1e 00 17 13 10 bd ec 88 88 02 01 ....L........... 0016: 01 00 00 00 01 00 32 00 00 00 30 30 30 31 20 42 ......2...0001 B 0032: 4f 58 5f 4e 41 4d 45 3a 56 41 50 31 31 47 0a 30 OX_NAME:VAP11G.0 0048: 30 30 32 20 4d 41 43 5f 41 44 44 52 3a 30 30 31 002 MAC_ADDR:001 0064: 37 31 33 31 30 42 44 45 43 0a 71310BDEC. [i] Box data: 0001 BOX_NAME:VAP11G 0002 MAC_ADDR:00171310BDEC [i] The response: 0000: 00 e0 b8 c5 4c 1e 00 17 13 10 bd ec 88 88 02 01 ....L........... 0016: 02 00 00 00 00 00 c5 02 00 00 37 30 30 30 20 53 ..........7000 S 0032: 53 49 44 3a 42 45 4c 4c 35 39 31 0a 37 30 30 31 SID:BELL591.7001 0048: 20 44 4f 4d 41 49 4e 3a 31 36 0a 37 30 30 32 20 DOMAIN:16.7002 0064: 43 48 41 4e 4e 45 4c 3a 0a 37 30 30 33 20 53 45 CHANNEL:.7003 SE 0080: 43 4d 4f 44 45 3a 31 0a 37 30 30 34 20 4b 45 59 CMODE:1.7004 KEY 0096: 5f 4c 45 4e 3a 31 33 0a 37 30 30 35 20 44 45 46 _LEN:13.7005 DEF 0112: 41 55 4c 54 4b 45 59 3a 30 0a 37 30 30 36 20 4b AULTKEY:0.7006 K 0128: 45 59 30 3a 31 30 39 39 37 31 31 33 35 36 30 33 EY0:109971135603 0144: 36 32 38 35 39 33 35 35 33 38 36 33 35 39 0a 37 62859355386359.7 0160: 30 30 37 20 4b 45 59 31 3a 30 30 30 30 30 30 30 007 KEY1:0000000 0176: 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 0000000000000000 0192: 30 30 30 0a 37 30 30 38 20 4b 45 59 32 3a 30 30 000.7008 KEY2:00 0208: 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 0000000000000000 0224: 30 30 30 30 30 30 30 30 0a 37 30 30 39 20 4b 45 00000000.7009 KE 0240: 59 33 3a 30 30 30 30 30 30 30 30 30 30 30 30 30 Y3:0000000000000 0256: 30 30 30 30 30 30 30 30 30 30 30 30 30 0a 37 30 0000000000000.70 0272: 31 32 20 41 55 54 48 45 4e 3a 33 0a 37 30 31 33 12 AUTHEN:3.7013 0288: 20 4d 4f 44 45 3a 30 0a 37 30 31 34 20 4c 49 4e MODE:0.7014 LIN 0304: 4b 49 4e 46 4f 3a 53 53 49 44 3a 42 45 4c 4c 35 KINFO:SSID:BELL5 0320: 39 31 0b 53 54 41 54 45 3a 53 63 61 6e 6e 69 6e 91.STATE:Scannin 0336: 67 0b 43 48 41 4e 4e 45 4c 3a 0b 53 45 43 55 52 g.CHANNEL:.SECUR 0352: 49 54 59 3a 31 0b 54 58 3a 30 0b 52 58 3a 30 0b ITY:1.TX:0.RX:0. 0368: 51 55 41 4c 49 54 59 3a 50 6f 6f 72 28 30 25 29 QUALITY:Poor(0%) 0384: 0b 53 54 52 45 4e 47 54 48 3a 50 6f 6f 72 28 30 .STRENGTH:Poor(0 0400: 25 29 0b 0a 37 30 31 37 20 57 50 41 3a 57 50 41 %)..7017 WPA:WPA 0416: 32 0a 37 30 31 38 20 50 53 4b 41 4c 53 45 54 3a 2.7018 PSKALSET: 0432: 31 0a 37 30 31 39 20 50 53 4b 4b 45 59 3a 0a 37 1.7019 PSKKEY:.7 0448: 30 32 30 20 50 53 4b 41 4c 3a 54 4b 49 50 3b 0a 020 PSKAL:TKIP;. 0464: 37 30 32 31 20 53 55 52 56 45 59 3a 42 61 6e 61 7021 SURVEY:Bana 0480: 6e 61 0c 65 38 38 64 32 38 35 62 39 37 32 33 2c na.e88d285b9723, 0496: 31 2c 47 2c 33 2c 36 30 0b 49 63 74 69 6e 75 73 1,G,3,60.Ictinus 0512: 0c 65 61 38 64 32 38 35 62 39 37 32 34 2c 31 2c .ea8d285b9724,1, 0528: 47 2c 33 2c 36 30 0b 77 72 65 6e 0c 30 30 32 33 G,3,60.wren.0023 0544: 36 39 65 34 66 66 31 65 2c 36 2c 47 2c 33 2c 31 69e4ff1e,6,G,3,1 0560: 30 0b 46 65 6e 69 78 53 6f 6c 75 74 69 6f 6e 73 0.FenixSolutions 0576: 0c 32 30 61 61 34 62 37 33 38 34 39 30 2c 33 2c .20aa4b738490,3, 0592: 47 2c 33 2c 32 30 0b 41 73 74 72 61 71 6f 6d 32 G,3,20.Astraqom2 0608: 30 0c 30 30 31 35 36 64 61 64 63 62 38 39 2c 31 0.00156dadcb89,1 0624: 2c 47 2c 33 2c 36 30 0b 57 4d 43 0c 30 30 32 34 ,G,3,60.WMC.0024 0640: 30 31 33 36 33 63 30 32 2c 38 2c 47 2c 33 2c 31 01363c02,8,G,3,1 0656: 30 0b 41 53 49 6e 65 74 0c 30 30 31 63 62 33 61 0.ASInet.001cb3a 0672: 65 66 31 63 36 2c 31 31 2c 47 2c 33 2c 31 30 0b ef1c6,11,G,3,10. 0688: 43 42 46 47 2d 4e 65 74 0c 30 30 30 32 36 66 63 CBFG-Net.00026fc 0704: 37 63 35 35 30 2c 31 31 2c 47 2c 33 2c 31 30 0b 7c550,11,G,3,10. 0720: 0a 37 30 32 32 20 42 41 4e 44 3a 30 0a .7022 BAND:0. [i] The data: 0000: 00 17 13 10 bd ec 00 e0 b8 c5 4c 1e 88 88 02 01 ..........L..... 0016: 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0032: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0048: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [i] Current settings: 7000 SSID:BELL591 7001 DOMAIN:16 7002 CHANNEL: 7003 SECMODE:1 7004 KEY_LEN:13 7005 DEFAULTKEY:0 7006 KEY0:10997113560362859355386359 7007 KEY1:00000000000000000000000000 7008 KEY2:00000000000000000000000000 7009 KEY3:00000000000000000000000000 7012 AUTHEN:3 7013 MODE:0 7014 LINKINFO:SSID:BELL591 STATE:Scanning CHANNEL: SECURITY:1 TX:0 RX:0 QUALITY:Poor(0%) STRENGTH:Poor(0%)

7017 WPA:WPA2 7018 PSKALSET:1 7019 PSKKEY: 7020 PSKAL:TKIP;

[i] The data: 0000: 00 17 13 10 bd ec 00 e0 b8 c5 4c 1e 88 88 01 01 ..........L..... 0016: 01 00 00 00 00 00 88 00 37 30 30 30 20 3a 4f 4b ........7000 :OK 0032: 61 79 0a 37 30 30 31 20 3a 31 36 0a 37 30 30 32 ay.7001 :16.7002 0048: 20 3a 30 0a 37 30 30 33 20 3a 33 0a 37 30 30 34 :0.7003 :3.7004 0064: 20 3a 33 32 0a 37 30 30 35 20 3a 30 0a 37 30 30 :32.7005 :0.700 0080: 36 20 3a 0a 37 30 30 37 20 3a 0a 37 30 30 38 20 6 :.7007 :.7008 0096: 3a 0a 37 30 30 39 20 3a 0a 37 30 31 32 20 3a 30 :.7009 :.7012 :0 0112: 0a 37 30 31 33 20 3a 30 0a 37 30 31 38 20 3a 31 .7013 :0.7018 :1 0128: 0a 37 30 31 39 20 3a 6d 69 67 75 65 6c 6c 75 63 .7019 :miguelluc 0144: 69 6f 61 79 61 6c 61 0a 37 30 32 32 20 3a 30 0a ioayala.7022 :0. [i] The data: 0000: 00 17 13 10 bd ec 00 e0 b8 c5 4c 1e 88 88 02 01 ..........L..... 0016: 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0032: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0048: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [i] The data: 0000: 00 17 13 10 bd ec 00 e0 b8 c5 4c 1e 88 88 00 01 ..........L..... 0016: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0032: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0048: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [i] The response: 0000: 00 e0 b8 c5 4c 1e 00 17 13 10 bd ec 88 88 01 01 ....L........... 0016: 00 00 00 00 00 00 02 00 00 00 00 00 00 00 00 00 ................ 0032: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0048: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [+] Device did accept the configuration and will reboot now [i] The device's led will become blue when the ssid was found, this does NOT imply that the connection was indeed successful. You should test that with: sudo dhclient3 eth0 ping www.google.com # example while disabling all other interfaces (e.g. wlan0) [i] Please re-execute the script to see the (new) wireless configuration [i] The data: 0000: 00 17 13 10 bd ec 00 e0 b8 c5 4c 1e 88 88 01 01 ..........L..... 0016: 01 00 00 00 00 00 07 00 39 30 30 32 3a 0d 0a 00 ........9002:... 0032: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0048: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [i] The data: 0000: 00 17 13 10 bd ec 00 e0 b8 c5 4c 1e 88 88 02 01 ..........L..... 0016: 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0032: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0048: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................

philsmd commented 11 years ago

Glad to help. Thx again for reporting

BTW: you should double check what you are posting to the public. verbose mode is nice for debugging, but it reveals to much for the public in my opinion. It seems that you list here all your neighbors Access points + the configurations of the device including some (maybe sensitive) passwords like "miguellucioayala" and the AP "BELL591". Don't know if this is important to you, but you should have at least filtered it, maybe next time you post verbose outputs. BTW. the output was not filtered in first place since this is how the device stores the passwords (in plain text etc) and of course since verbose mode should be only used for debugging and by developers. But it was indeed quite useful to find this MAC address bug. Thx again