You are not logged in.

#1 2008-02-28 10:34:37

gaboss
Member
From: Italy
Registered: 2006-07-11
Posts: 10

How to crack wep using an ipw2200

Hi all,
I'm trying to follow this guide (http://www.aircrack-ng.org/doku.php?id=ipw2200_generic) to make some experiment to crack a Wep Wifi.
I have ipw2200 base card:

lspci -vv
..............
        02:02.0 Network controller: Intel Corporation PRO/Wireless 2200BG Network Connection (rev 05)
        Subsystem: Intel Corporation Unknown device 2701
        Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx-
        Status: Cap+ 66MHz- UDF- FastB2B+ ParErr- DEVSEL=medium >TAbort- <TAbort- <MAbort- >SERR- <PERR- INTx-
        Latency: 64 (750ns min, 6000ns max), Cache Line Size: 32 bytes
        Interrupt: pin A routed to IRQ 17
        Region 0: Memory at feaf9000 (32-bit, non-prefetchable) [size=4K]
        Capabilities: [dc] Power Management version 2
                Flags: PMEClk- DSI+ D1- D2- AuxCurrent=0mA PME(D0+,D1-,D2-,D3hot+,D3cold+)
                Status: D0 PME-Enable- DSel=0 DScale=1 PME-

I have installed this AUR package (http://aur.archlinux.org/packages.php?ID=14082) for injection and all seem to be ok.

Following the guide I have found that I have to make these commands:

modprobe ipw2200-inject rtap_iface=1 (the module installed with the package before)
ifconfig eth1 up
ifconfig rtap0 up

But when I try to make "ifconfig rtap0 up" I obtain this error:

SIOCSIFFLAGS: Invalid argument

Here some information:

uname -a
Linux tatooine 2.6.24-ARCH #1 SMP PREEMPT Sun Feb 10 15:21:33 UTC 2008 i686 Intel(R) Pentium(R) M processor 2.00GHz GenuineIntel GNU/Linux
pacman -Qs kernel26
local/kernel26 2.6.24.1-2 (base)
    The Linux Kernel and modules
ifconfig -a
eth0      Link encap:Ethernet  HWaddr 00:xx:F2:xx:A5:xx
          inet addr:10.24.58.37  Bcast:10.24.58.255  Mask:255.255.255.0
          inet6 addr: fe80::215:f2ff:fed6:a577/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:103455 errors:0 dropped:0 overruns:0 frame:0
          TX packets:76214 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:108659779 (103.6 Mb)  TX bytes:9959691 (9.4 Mb)
          Interrupt:18

eth1      Link encap:Ethernet  HWaddr 00:xx:CE:xx:C9:xx
          inet6 addr: fe80::213:ceff:fec9:c948/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:724 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2415 errors:0 dropped:0 overruns:0 carrier:1
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
          Interrupt:17 Base address:0x6000 Memory:feaf9000-feaf9fff
.......
rtap0     Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

Why this happens?
Thanks to all.

Last edited by gaboss (2008-02-28 11:13:53)

Offline

#2 2008-02-28 10:56:45

Allan
Pacman
From: Brisbane, AU
Registered: 2007-06-09
Posts: 11,365
Website

Re: How to crack wep using an ipw2200

I'm assuming this is for legal use... right.   See http://bbs.archlinux.org/viewtopic.php?pid=327257

And use edit rather than posting several times in quick succession.

Last edited by Allan (2008-02-28 11:11:12)

Offline

#3 2008-02-28 11:20:28

gaboss
Member
From: Italy
Registered: 2006-07-11
Posts: 10

Re: How to crack wep using an ipw2200

Sorry ... you have right !! I have edited the first post.
So you suggest to me to downgrade to kernel 2.6.23 because on kernel 2.6.24 it doesn't work!
There isn't an other solution ?!?!?

Offline

#4 2008-03-04 16:33:33

ekerazha
Member
Registered: 2007-02-27
Posts: 290

Re: How to crack wep using an ipw2200

I've included a patch here http://aur.archlinux.org/packages.php?ID=14082

The patch for ipw2200 is this: http://aur.archlinux.org/packages/ipw22 … _fix.patch

Try if it does the job...

Last edited by ekerazha (2008-03-04 16:43:03)

Offline

#5 2008-03-05 16:26:49

gaboss
Member
From: Italy
Registered: 2006-07-11
Posts: 10

Re: How to crack wep using an ipw2200

I have tried this new package

local/ipw2200-inject 1.2.2.2.6.24.3-1
    An open source 802.11a/bg driver for the ipw2200 and ipw2915 with injection patch.

Now I succeed to make

ifconfig rtap0 up

with no problem

eth0      Link encap:Ethernet  HWaddr 00:15:F2:D6:xx:xx
          inet addr:10.24.58.37  Bcast:10.24.58.255  Mask:255.255.255.0
          inet6 addr: fe80::215:f2ff:fed6:a577/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:13495 errors:0 dropped:0 overruns:0 frame:0
          TX packets:6969 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:3852145 (3.6 Mb)  TX bytes:1026524 (1002.4 Kb)
          Interrupt:18

eth1      Link encap:Ethernet  HWaddr 00:13:CE:C9:xx:xx
          inet6 addr: fe80::213:ceff:fec9:c948/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:3606 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2399 errors:0 dropped:0 overruns:0 carrier:1
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
          Interrupt:17 Base address:0x6000 Memory:feaf9000-feaf9fff
........
rtap0     Link encap:UNSPEC  HWaddr 00-13-CE-C9-C9-48-00-00-00-00-00-00-00-00-00-00
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:3401 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:377438 (368.5 Kb)  TX bytes:0 (0.0 b)

When I try a simple injection test as explained here http://www.aircrack-ng.org/doku.php?id=injection_test, I obtain this output:

[pc]# aireplay-ng -9 rtap0
17:09:59  Trying broadcast probe requests...
17:10:00  No Answer...
17:10:00  Found 1 AP

17:10:00  Trying directed probe requests...
17:10:00  00:C0:49:56:xx:xx - channel: 6 - 'wifiCasa'
17:10:09  0/30: 0%

So, it seem to not work correctly although in /var/log/everything.log I found:

Mar  5 17:09:59 pc device rtap0 entered promiscuous mode
Mar  5 17:10:09 pc device rtap0 left promiscuous mode

I will do more test on my wifi and I will report more information ad soon as possible.

Offline

#6 2008-03-05 17:34:54

ekerazha
Member
Registered: 2007-02-27
Posts: 290

Re: How to crack wep using an ipw2200

rtap0 is used to listen, not to inject

Offline

#7 2008-03-05 17:38:35

gaboss
Member
From: Italy
Registered: 2006-07-11
Posts: 10

Re: How to crack wep using an ipw2200

Yes, I have think this, but if I try with eth1 I obtain this error:

[pc ~]# aireplay-ng -9 eth1
18:38:07  Trying broadcast probe requests...
read failed: Bad file descriptor

So i have tried with rtap0.

Offline

#8 2008-03-05 17:43:29

ekerazha
Member
Registered: 2007-02-27
Posts: 290

Re: How to crack wep using an ipw2200

Maybe that test is made for interfaces which can inject-and-listen. Try with a "real" attack attempt.

Offline

#9 2008-03-05 17:52:03

gaboss
Member
From: Italy
Registered: 2006-07-11
Posts: 10

Re: How to crack wep using an ipw2200

Yes, correct.
I will make more test and I will report the result.

Thanks smile

Offline

Board footer

Powered by FluxBB