Proxim 8470-WD - Madwifi_ng Need Expertise Thank You


Here is my setup:

Acer Turion64, ProTech One HD install, Atheros Wireless card 8470WD,

I have enabled the card in monitoring modus by typing:

AIRMON-NG START WIFI0 I'm using the built-in madwifi_ng driver, but I'm actually using an updated version of aircrack wich includes the basis injection test to confirm the hole stuff is working.

Added the line the following to the kismet.conf file:

source=madwifi_g,wifi0,AtherosG I have done the "initial" injection test by typing:

AIREPLAY-NG -9 ATH0 then I get some AP's, between one of them I see the line:

Injection is working!

So I assume the basic injection test is working??

NOW I have chosen to do a "Interactive packet replay" test as described clearly on

So I type:

AIREPLAY-NG -2 -B 00:14:6C:7E:40:80 -D FF:FF:FF:FF:FF:FF -T 1 ATH0 I assume the "FF" parameter is the wireless clients' MAC address connected to the AP? How many packets should it read to successfully replay the packets?

Its keeps counting packets over 4000 packets and keeps reading and I'm getting this:

Read 4230 packets

Instead of:

Read 4 packets...

Size: 68, FromDS: 0, ToDS: 1 (WEP)

BSSID = 00:14:6C:7E:40:80 Dest. MAC = FF:FF:FF:FF:FF:FF Source MAC = 00:0F:B5:34:30:30

0x0000: 0841 de00 0014 6c7e 4080 000f b534 3030 A....l~@....400 0x0010: ffff ffff ffff 4045 d16a c800 6f4f ddef .....@E.j..oO.. 0x0020: b488 ad7c 9f2a 64f6 ab04 d363 0efe 4162 ..|.*d....c..Ab 0x0030: 8ad9 2f74 16bb abcf 232e 97ee 5e45 754d ./t....#...^EuM 0x0040: 23e0 883e #..>

as described on aircrack

and eventually my goal:

Use this packet ? y

Can somebody help me out with this issue?

Thank you

------------------------------------------------------------------------ View this thread:

formatting link

Reply to
Loading thread data ...


"Access points will always repeat packets destined for the broadcast MAC address. This is a MAC address of FF:FF:FF:FF:FF:FF. ARP request packets have this characteristic."

It is unlikely that you should be using 00:14:6C:7E:40:80 as the -b xx:xx:xx:xx:xx:xx switch is supposed to indicate the MAC address of the AP you are interested in, not the quoted example.

Reply to
LR Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.