*Update 01st/Oct/2007 - Included latest aircrack 0.9.1 (svn772) version (with new v5 alfa patch)
ALSO!! NEW Aircrack 1.0 DevBeta1 (Svn 772) (with new v5 alfa patch)


Ok I can't be bothered with a long explaination, but if you have the Alfa AWUS036H you'll know how good a card it is.

Although it is supported by default in BT2, there have been some excellent improvements for it made over the past few weeks. Also, aircrack-suite 0.9 has also a lot of improvements and works really well with the long range of the alfa.

We have finally found out that if you wish to run BT2 with the alfa in a Virtual Machine, you'll need VMWARE 6 or greater. There is a major problem using the alfa with VMWARE 5.

Therefore, to give back to the community, I've done some donkey work for you. I've compiled everything needed for you, and created a couple of module files that can very easily be added to the BT2 ISO.

The instructions are simple.

1) Download the zip file below and UNZIP it. You should see 3 files ending in .lzm

2) Use Ultraiso (or similar ISO program) to open the original bt2final.iso DO NOT USE A PREVIOUSLY MODIFIED ISO! GO BACK AND USE THE ORIGINAL!

3) Drag the 3 (4 for the 1.0 Dev version) module files into the BT/modules folder. (DON'T mistakenly put the zip file here....just the extracted files)

4) Save the NEW iso as something like bt2finalwithalfa.iso

5) Either burn to CD or run in a vmware machine! (>VMWARE 6)

I trust someone finds it useful.








There are now two download lists. One for the 0.9.1 verison, the other for the 1.0 Dev version. Scroll down to take your pick.




List for the 0.9.1 Version of Aircrack. Newest version always first one in this list.

*Update 01/Oct/2007
This includes the new v5 patch for the alfa, and the latest svn aircrack (0.9.1 svn772).
http://rapidshare.com/files/59606135/aircrack-ng_0.9.1_r772_with_alfa_patch.zip

*Update 29/Sep/2007
This includes the new v5 patch for the alfa, and the latest svn aircrack (0.9.1 svn736).
http://rapidshare.com/files/59052997/aircrack-ng_0.9.1_r736_with_alfa_patch.zip

*Update 26/Jun/2007
This includes the new v4 patch for the alfa, and the latest svn aircrack (0.9.1 svn499) if you want to use the last stable one, use aircrack module file from the 25/jun/07 zip.
http://rapidshare.com/files/39447558/pilotsnipes_BT2_alfapatchv4_and_airsuite0.9.1svn49 9.zip

25/Jun/2007
This includes the latest Alpha patch for BT2, and also the latest aircrack release (0.9.1 released today)
http://rapidshare.com/files/39340496/pilotsnipes_BT2_alfapatch_and_airsuite0.9.1.zip

1/Jun/2007
CLICK HERE for pilotsnipes_BT2_alfapatch_v4_and_airsuite0.9_svn45 2incsource.zip (http://rapidshare.com/files/34689926/pilotsnipes_BT2_alfapatch_v4_and_airsuite0.9_svn45 2incsource.zip)

11/April/2007
Not really recommended. Some people have said that this only works for them. Frankly I don't know why they'd want them but!
http://rapidshare.com/files/31441435/pilotsnipes_BT2_alfapatch_and_airsuite0.9.zip






List for the 1.0 DEV Version of Aircrack. Newest version always first one in this list.

*Update 01/Oct/2007
This includes the new v5 patch for the alfa, and the latest svn aircrack for the 1.0 DEV verison (1.0 DEV svn772).
http://rapidshare.com/files/59606484/aircrack-ng_1.0_dev_beta1_r772_with_alfa_patch.zip

*Update 29/Sep/2007
This includes the new v5 patch for the alfa, and the latest svn aircrack for the 1.0 DEV verison (1.0 DEV svn736).
http://rapidshare.com/files/59053410/aircrack-ng_1.0_dev_r736_with_alfa_patch.zip

thanks for your work!
The Aircrack-suite works fine, but the new driver looks buggy. As soon i try to change the mac my backtrack crashes...

ifconfig wlan0 down
rmmod r8187 && modprobe r8187
ifconfig wlan0 hw ether 00:11:22:33:44:55

after this it just looks like the "Return"-Key is pressed...the Console Window is growing down and the whole System is going instable.

Btw: I´ve tried under VM & Real Hardware

Anyone else got similar Problems??

I did!
Thank you!

Yes I think you are right - sometimes it crashes my machine too when I change the MAC.

I believe the guys over at aircrack-ng are working on a new version. When that is released I'll update my file.

Thanks for your help once again ;)

Will aircrack 0.9 work with BT2 final and the built in airoscript ? or does this need updating to ?

Thanks for your help once again ;)

Will aircrack 0.9 work with BT2 final and the built in airoscript ? or does this need updating to ?
Aircrack-ng v0.9 works with BT2. You might have to tweak the script to get it to work.

Just released the new improved v4 of the patch for the ALFA.

Also compiled svn452 of aircrack0.9.


Follow the same instructions as post 1, if you DO NOT have the alfa YOU CAN still use the first file only to update aircrack on your ISO image.

Latest version is always found in post 1.

Thanks for the new modules!

Somehow i cannot associate to the Accesspoints i could in the past (with older driver).....how do you fake-auth?

with the new aircrack-ng-module i cannot run kismet anymore....it stops during loading-process with a message like this "packetsource not...." this happen only to me??


best regards,

a (mostly) happy ALFA-User :)

with the new aircrack-ng-module i cannot run kismet anymore....it stops during loading-process with a message like this "packetsource not...." this happen only to me??

You need to edit your /etc/kismet/kismet.conf file to reflect the correct source.
source=type,interface,name[,channel]

Thanks for the new modules!

Somehow i cannot associate to the Accesspoints i could in the past (with older driver).....how do you fake-auth?



Ah interesting that you are having this problem as well!

See this thread from my post no.40 onwards:
http://tinyshell.be/aircrackng/forum/index.php?topic=1653.msg10257#msg10257

The easy way to fix it (which until tonight I believed was just my system) is to run the script

sh wlan0up

to bring the card up.

However this is not included with my module files above. So I've just gone and added a new extra module to the zip file.

PLEASE REDOWNLOAD the zip file, and this time extract the three files inside and place them in the iso as before.

When you launch BT2, start a terminal. In the /root directory (default when you open a terminal window) you will now see a folder called rtl8187_linux_26.1010.0622.2006

do the following commands:

cd rtl8187_linux_26.1010.0622.2006
sh wlan0up

Insert your card and all will be fixed.

Pilot,

I added the three files to my modules folder and when I type:

cd "that rtl8187 folder"
sh wlan0up

I get:

insmod: error inserting 'ieee80211_crypt-rtl.ko': -1 File exists
insmod: error inserting 'ieee80211-rtl.ko': -1 File exists
insmod: error inserting 'r8187.ko': -1 File exists

Then when I try the aireplay-ng -9 injection test, it tells me:

Interface rasub0:
ioctl(SIOCGIFINDEX) failed: No such device

Any ideas?

Thanks

Pilot,


Interface rasub0:
ioctl(SIOCGIFINDEX) failed: No such device

Any ideas?

Thanks

Not back til Monday...don't have time now, but why are you using rausb0 as your device - the alfa is wlan0 ??

(also don't plug it in until you've done that command, and then give it 40 secs before you try it again - seems to need about that before the system recognises it.)

Thanks to theprez98...to let Kismet startup again, just enter the following line to /etc/kismet/kismet.conf

source=r8187,wlan0,ALFA


.....


Pilot,

your workaround dont work for me either (under VMware 6)...

***ALFA unplugged***

rtl8187_linux_26.1010.0622.2006 # sh wlan0up
insmod: error inserting 'ieee80211_crypt-rtl.ko': -1 File exists
insmod: error inserting 'ieee80211_crypt_wep-rtl.ko': -1 File exists
insmod: error inserting 'ieee80211_crypt_tkip-rtl.ko': -1 File exists
insmod: error inserting 'ieee80211_crypt_ccmp-rtl.ko': -1 File exists
insmod: error inserting 'ieee80211-rtl.ko': -1 File exists
insmod: error inserting 'r8187.ko': -1 File exists
wlan0: ERROR while getting interface flags: No such device

***ALFA plugged in*** waiting for a while

bt rtl8187_linux_26.1010.0622.2006 # sh wlan0up
insmod: error inserting 'ieee80211_crypt-rtl.ko': -1 File exists
insmod: error inserting 'ieee80211_crypt_wep-rtl.ko': -1 File exists
insmod: error inserting 'ieee80211_crypt_tkip-rtl.ko': -1 File exists
insmod: error inserting 'ieee80211_crypt_ccmp-rtl.ko': -1 File exists
insmod: error inserting 'ieee80211-rtl.ko': -1 File exists
insmod: error inserting 'r8187.ko': -1 File exists

looks good so far....then i start up kismet and lock on channel 11

bt rtl8187_linux_26.1010.0622.2006 # aireplay-ng -9 wlan0
15:14:58 Trying broadcast probe requests...
15:14:58 No Answer...
15:14:58 Found 1 AP

15:14:58 Trying directed probe requests...
15:14:58 xx:xx:xx:xx:xx:xx - channel: 11 - 'linksys'
15:15:08 0/30: 0%


this happen with every AP so far....



best regards

With the ALFA unplugged, and running the script first time you should not be getting the lines "-1 File exists"

That means that other module files with the same name have ALREADY been loaded. This is why then the script can't load the new improved ones. As I say I can't look into this til Monday so perhaps you can experient.

Try to rmmod thos other modules first.

Are you using the original BT2 iso with to begin with?

hmm, im was using a lil modificated iso (aircrack-ptw files & vmware-tools-module)...
i will do next experiment with a virgin-iso :)

thanks

Hi All,

I've followed the instructions and all is working, I have even installed everything manually from the Aircrack site, however the txpower of the card will only set to a max of 5dBm (3mW).

I should be able to change this with below

iwconfig wlan0 txpower 6

I get the following error though

Error for wireless request "Set Tx Power" (8B26) :
SET failed on device wlan0 ; Invalid argument.

If I choose 5 or below it will adjust the power, does anyone know if this is correct, maybe it is being reported wrongly.

Also I now seem to be able to see less Wireless networks than before, so I guess the txpower is wrong.

Any help would be appreciated.

Also I don't know if this is correct but I solved the kismet problem with the following being added to the /etc/kismet/kismet.conf file

source=rt8180,wlan0,ALFA and not source=r8187,wlan0,ALFA

I guess it's wrong, but it works.

Does this patch work well for you? I cannot inject with it (i run airodump-ng -c 6 wlan0, aireplay-ng -9 wlan0) Injection works for me with rtl8187patch1025.lzm that I got from you before, but IV/s stays QUITE low (between 7 - 50 IV/s) during an arp replay attack. I run BT2 in vmware fusion on a MacbookPro. Thank you again for providing these files to us.

Just released the new improved v4 of the patch for the ALFA.

Also compiled svn452 of aircrack0.9.


Follow the same instructions as post 1, if you DO NOT have the alfa YOU CAN still use the first file only to update aircrack on your ISO image.

Latest version is always found in post 1.

I can't inject and get kismet to load with those modified drivers, but with the original. strange init? :/

Alfa AWUS036H where can I buy this card in the UK can't see any on ebay etc

I got minefrom here:

http://cgi.ebay.co.uk/500mW-USB-Wireless-G-B-Adapter-Card-RP-SMA-Antenna-Jack_W0QQitemZ290129175849QQihZ019QQcategoryZ45002 QQrdZ1QQcmdZViewItem

He's based is the us but has a Uk office that he also ships from mine came withi a couple of days

Hi there pilotsnipes, using the new patches you have provided, as one of the other people have mentioned, we are not picking up as many AP's as we used to with the older drivers. When i "iwconfig wlan0" it says the txpower is 5, thats fine i understand that part but there is obviously not as much power as the older drivers had, which said the card was at 25dbm which is still not the full power of the card, correct me if i am wrong but is 500mw = 27 dbm ? is there any way that we can get the card upto 27dbm with some mods to the script. Quite frustrating not being able to get the full power out of the beast. Any help would be much appreciated.

got the same problem as tegra. I understand you put loads of time in providing the community with free modifactions, but as for me it is not working. (same issues as tegra + kismet not loading anymore). hope it is not my stupidity, please excuse.

Ok guys I'll take a look into this...

I try it immediately

Sorry hits some bugs today. No point posting. It will work soon though :)

Pilot I noticed the same issue.

Anxiously waiting for your release :D

For those that don't use Linux, the BT2.0 on a USB with your modules has been a godsend.

Thanks again,

Mike

Ok guys the new release is here. And you all got lucky too! Aircrack 0.9.1 was released today so I've included that in the modules files too!

Double bonus!! - Download from 1st post in thread.


Anyway, just a couple of things:
1) This works perfectly for me (so primary objective complete ;-) )

2) I run VMWARE 6, and added these modules to the VIRGIN untouched BT2 original ISO.

3) When I get loaded up, I always go into shell, change to the rtl8187_linux_26.1010.0622.2006 directory and run "sh wlan0up"
(You WILL get a "no device found error message")

4)Then I plug in my Alfa. Give it 20secs and run "sh wlan0up" again. You WILL get "modules already loaded error" message - Ignore this.

I'm good to go at this stage.

God knows if I need to do it this way - but it 100% works for me.

Also for those of you not getting the injection testing to work.

1) Trust me it does.
2) Remember that you may have to have your card associated with the AP.
3) If you don't trust me :


(Feed back welcome)

Posted from the aircrack-ng WIKI:

Power Settings

The transmit power can be adjusted using:

iwconfig wlan0 txpower <value of 0 to 5>

With 0 being the lowest and 5 being the highest transmit power. It is important to understand that the values are relative power values, not absolute. Meaning that they do not refer to dBm or mW values.

To view the current setting enter:

iwlist wlan0 txpower

The system responds with the current setting:

wlan0 unknown transmit-power information.

Current Tx-Power=5 dBm (3 mW)

You MUST ignore the dBm and mW labels. The value of “5” above is the actual value in the 0 to 5 range. Unfortunately due to driver constraints, the “dBm (3mW)” are also displayed but must be ignored.




For problems with Kismet:

got the same problem as tegra. I understand you put loads of time in providing the community with free modifactions, but as for me it is not working. (same issues as tegra + kismet not loading anymore). hope it is not my stupidity, please excuse.

Please see post 9 in this thread:
http://forums.remote-exploit.org/showpost.php?p=29764&postcount=9 (credits to the Prez for this)

Thanking you again for the updates!

btw, do u need
"rtl8187_2.61v3source.lzm"

What does it do? DOes it copy a folder into /root/rt...............???

Update:
rtl8187_2.6.21v4.patch
http://trac.aircrack-ng.org/svn/trunk/patches/rtl8187_2.6.21v4.patch

The one which I just downloaded is v3 :P

btw, do u need
"rtl8187_2.61v3source.lzm"

What does it do? DOes it copy a folder into /root/rt...............???


Yes, I've found that sometimes the new module files don't load for the rtl8187 so by including the "source" directory, and running sh wlan0up before you plug in the alfa, it definitely loads the correct ones...

As I said, it works for me and that's the primary objective ;)

Update:
rtl8187_2.6.21v4.patch
hxxp://trac.aircrack-ng.org/svn/trunk/patches/rtl8187_2.6.21v4.patch

The one which I just downloaded is v3 :P

How does one convert the new v4 patch into modules to replace the rtl8187_2.61v3source.lzm and rtl8187_2.6.21v3.lzm ones in pilotsnipes zip file?

By the way thanks to all that have freely contributed to this project. Your work is appreciated.

Yes, I've found that sometimes the new module files don't load for the rtl8187 so by including the "source" directory, and running sh wlan0up before you plug in the alfa, it definitely loads the correct ones...

Newbie alert!
How can you tell that you have loaded the new ones?

NEW UPDATE AGAIN! (Blame the guys at aircrack-ng.org they're far too efficient!)

New modules files are released for the v4 patch for the alpa, AND have included the latest aircrack 0.9.1 svn 499 as well. If for some reason you want to use the official 0.9.1 release of aircrack - just replace the module file with the aircrack module file from 25/jun/07. (No reason to do this though!)

Check out post 1.


What's new in v4?
From http://tinyshell.be/aircrackng/forum/index.php?topic=1653.msg11261#msg11261

yes, 21v4 replaces the previous 21v3 (which is in 0.9.1).

There is just one change, a fix for a sensitivity issue, which got introduced in 20v4 thru a backport from the newer (but broken) 1025 driver.
The result was, that packets/frames with a very weak signal were ignored by the firmware, because of a too high threshold value. This is fixed and the sensitivity is now back to the original value.


Many thanks AGAIN to Hirte who works tirelessly on these drivers.



How does one convert the new v4 patch into modules to replace the rtl8187_2.61v3source.lzm and rtl8187_2.6.21v3.lzm ones in pilotsnipes zip file?


You let pilotsnipes work his magic ;)


By the way thanks to all that have freely contributed to this project. Your work is appreciated.

No problem.

Newbie alert!
How can you tell that you have loaded the new ones?


I'm sure there's an official command you could use like lsmod, but if you follow the instructions you can't NOT load them!

1) USE VIRGIN BT2 ISO.
2) Add my modules files.
3) Load in VMWARE
4) Goto the shell, change to the rtl8187.....blah..blah directory (DON't attach alfa yet)
5)Run: sh wlan0up
6) Of you ONLY get an error message saying "can't find device" that means the modules loaded ok.
7)Continue to crack wep.

I haven't the same error message
my steps :
open a shell
unplug wifi
cd rtl8187..2006
make
sh wlan0up
plug wifi
cd rtl8187..2006
make
sh wlan0up
Is-it ok ?
I'm very not sure

Do NOT have your alfa plugged in when you boot up. After you run the command sh wlan0up the first time, THEN plug it in. See if that helps.

I have a virgin cd of backtrack v2 final.
I added 3 modules from version 25th june 2007.

My steps :
(unplug)
ls
cd rtl8187_linux_26.1010.0622.2006
make
sh wlan0up

wlan0 : ERROR while getting interface flags : No such device

(plug in)
(waiting 40 sec)
sh wlan0up

insmod: error inserting 'ieee80211_crypt-rtl.ko': -1 File exists
insmod: error inserting 'ieee80211_crypt_wep-rtl.ko': -1 File exists
insmod: error inserting 'ieee80211_crypt_tkip-rtl.ko': -1 File exists
insmod: error inserting 'ieee80211_crypt_ccmp-rtl.ko': -1 File exists
insmod: error inserting 'ieee80211-rtl.ko': -1 File exists
insmod: error inserting 'r8187.ko': -1 File exists

airmon-ng start wlan0
aireplay-ng -9 wlan0

iwconfig wlan0 channel 11 (there is 1 AP on this channel)
aireplay-ng -9 wlan0
...
injection is working
...
27/30 90%

I m not with Vmware. I booted backtrack from a cd. I'm on a latop centrino.

Sorry for my english

EDIT : I deleted my previous post

EDIT2 : I try again my steps and i have 0/30 0% with 1 AP. I don't understand it

EDIT4 : and now, it works... I don't inderstand (i have a .xor)

It's OK that you're not using VMWARE, as long as you started with a fresh BT2 ISO.

It is pointless trying the aireplay-ng -9 command UNLESS you alfa is on the same channel as your AP.

Ie. If your access point is on channel 11, you have to force your alfa to channel 11 by using

airmon-ng start wlan0 11

Then try

aireplay-ng -9 wlan0


A video is coming soon.

OK, Here's a video for you all to watch as to how I get my alfa working. And it also shows the injection test (personally I think is a bit of a waste of time) working.

http://rapidshare.com/files/39492288/pilotsnipesbt2modules.avi

Uses Divx5 if anyone has problems viewing it.

Thanks for the video.

I note differences with my screen. First, i haven't "wep.txt" when you use -ls.
Then, when i write "sh wlan" into the directory, i have this message :
sh: wlan: no such file or directory

I try with the 2 latest version (26th and 25th June).
Have I the good cd.iso ? I put les 3 extracted files into BT/modules.
I use ultraiso.
I'm sure i have the good virgin Bt2final.iso (good md5)

I do the mds for my 2 cd :
(stable : 25th June)
h ttp://img378.imageshack.us/img378/4035/nouveauimagejpegdo7.png

EDIT : i haven"t 30/30 but 25, 27 or 28

Ignore my wep.txt that was just something I had typed in earlier before I made the video.

Also it should be sh wlan0up not sh wlan (Watch the video again... it was me pressing [TAB] that makes it look like I pressed enter. All you need is sh wlan0up)

so it's ok !
Thank you very much !

You let pilotsnipes work his magic ;)



That was quick magic :)
Thanks again.

By the way, anyone know how to use wpa_supplicant with the alpha. The version that comes with the v.4 drivers is older than the BT installed one. I've tried using the wext and ipw drivers like in the readme but they all fail with long error messages. Can someone who has gotten it to work please point me in the right direction as the wpa_supplicant readme does not have any mention of our drivers for the Alfa and I haven't been able to connect to my WPA-PSK AP.
Thanks

*Update 26th/Jun/2007 - Included latest aircrack 0.9.1 (svn499) version & New v4 of Alfa patch

....

We have finally found out that if you wish to run BT2 with the alfa in a Virtual Machine, you'll need VMWARE 6 or greater. There is a major problem using the alfa with VMWARE 5.

Therefore, to give back to the community, I've done some donkey work for you. I've compiled everything needed for you, and created a couple of module files that can very easily be added to the BT2 ISO.

The instructions are simple.

1) Download the zip file below and UNZIP it. You should see 3 files ending in .lzm

...


<warning>
i'm a newbie!!!!
</warning>

hello,
i want update aircrack-ng on bt but i don't have vmware and i don't
want install bt, i just want use it like a live distro from cdrom.
for update aircrack-ng i have use this procedure:

# mount /mnt/sda1 my free linux filesystem
# mkdir -p /mnt/sda1/temp_bt my new bt live files
# mount -o ro /mnt/hdc_cdrom
# cp -r /mnt/hdc_cdrom/* /mnt/sda1/temp_bt/
# umount /mnt/hdc_cdrom
# mkdir -p /mnt/sda1/temp_usr my new usr.lzm files
# lzm2dir /mnt/sda1/temp_bt/BT/base/usr.lzm /mnt/sda1/temp_usr
# tar xzf aircrack-ng-0.9.1.tar.gz
# cd aircrack-ng-0.9.1
# vi Makefile

modify the line:
destdir =
with
destdir = /mnt/sda1/temp_usr/
so the install point at the uncopressed usr.lzm and not to the actual
live filesystem

# make
# make strip
# make install
# dir2lzm /mnt/sda1/temp_usr /mnt/sda1/temp_bt/BT/base/usr.lzm

now i can rebuild the iso

# cd /mnt/sda1/temp_bt/BT
# ./make_iso.sh /mnt/sda1/my_bt2.iso my final new iso image

after burn this image, it start and aircrack-ng programs seems to
me that works. could this procedure a good way to update aircrack-ng?
or is it wrong?
another question, under:
/usr/local/wicrawl/plugins/aircrack-wep-cracking/aircrack-ng-0.6.1
there is another copy of aircrack-ng, i don't touch it because i
think this copy is specifically design for wicrawl, have some one
more informations???
another question, under:
/pentest/wireless/aircrack-ng (pentest.lzm)
there is another copy of aircrack-ng, why? i have just copy the
uncompressed archive aircrack-ng-0.9.1.tar.gz without the binary
files, are the binary usefull under this directory?
thanks for yours time, i hope don't bother with these questions.

[FONT="Courier New"]<warning>
for update aircrack-ng i have use this procedure:

# mount /mnt/sda1 my free linux filesystem
# mkdir -p /mnt/sda1/temp_bt my new bt live files
....

me that works. could this procedure a good way to update aircrack-ng?
or is it wrong?



Wow. Well I'm sure that it might work. But it seems like a lot of work! No you don't need to use VMWARE, these modules are only for people who want to update the BT2 Iso to include new updates.

It would appear to me, that opening Ultraiso (or whatever iso program you have) dragging 3 files into the modules directory and saving - is a hell of a lot quicker!!


/usr/local/wicrawl/plugins/aircrack-wep-cracking/aircrack-ng-0.6.1
/pentest/wireless/aircrack-ng (pentest.lzm)


If you follow my directions, BT2 ignores those extra OLD copies on the cd and uses the new versions.

After using your files i can't start airodump-ng all other prgs are updated and working great.

I get this message:
Notice:Channel range already given

When i type the same commands to the original version iso is working.

Any ideas?

It would appear to me, that opening Ultraiso (or whatever iso program you have) dragging 3 files into the modules directory and saving - is a hell of a lot quicker!!

yes, of course :)

If you follow my directions, BT2 ignores those extra OLD copies on the cd and uses the new versions.

ok, thanks. i save a lot of space in my next bt image ;)

I found the vmware version of aircrack found on the aircrack website to be perfect with the 8187,

load up vmware, let the system boot, start the airoscript and thats it, just remember for injection to work you need to change your mac to one that is associated with the AP

snipes,
I will test your drivers today or tomorrow,
thanks for your efforts!

everything works fine so far...i just have the problem to change the mac.

If i use the macchanger-script:
macchanger 00:11:22:33:44:55 wlan0
i get a line-overflow and im forced to shutdown...

by iwconfig:
ifconfig wlan0 hw ether 00:11:22:33:44:55
dont work either...

anyone of you guys can successfully change the mac with this new patches??

Please share the knowledge :)

thanks

Hey bud had the same prob
So to macchange you have to destroy the "ath" device, bring wifi0 down
and change mac address and then re-create the "ath" device.

1. wlanconfig ath0 destroy
2. ifconfig wifi0 down
3. macchanger --mac=xx:xx:xx:xx:xx:xx wifi0
4. wlanconfig ath create wlandev wifi0 wlanmode station
5. ifconfig ath0 up
Good Luck!:)

Not sure what you mean by destroying the ath. I have never seen ath as an interface while using my alfa, just wlan0.

To change my mac, I just:

ifconfig wlan0 down
macchanger -m MAC wlan0
ifconfig wlan0 up

And I'm good to go! :)

Not sure what you mean by destroying the ath. I have never seen ath as an interface while using my alfa, just wlan0.

To change my mac, I just:

ifconfig wlan0 down
macchanger -m MAC wlan0
ifconfig wlan0 up

And I'm good to go! :)


to change my mac all i do is this
macchanger -r wlan0, which is ramdom :)

Not sure what you mean by destroying the ath. I have never seen ath as an interface while using my alfa, just wlan0.

I believe this comment only refers to those people that are using madwifi-ng drivers with an Atheros (ath#) card. Not sure how that fits in this thread, but just as well...

to change my mac all i do is this
macchanger -r wlan0, which is ramdom :)

But then you have to remember that random MAC when using any tools or programs :) Go with the 00:11:22:33:44:55, much easier! :D

Nice work, thank you. I tried your most new driver and aircrack, but i can't inject or associate to my router. With old driver it works, what did i wrong?

I am having the exact same problem as the guy above me. Please help us out. I am using the June 25th modules.

I'm going to install the new Aircrack and Drivers manually, maybe it helps...

When I finished, I will tell you the solution.

EDIT: It's the same problem, no injection possible.

<Sigh>

1) For starters, the latest version is June 26th

2) How do you determine that your injection is failing?


If you use an original BT2 ISO, if you use the modules from the 26th, if you use vmware 6 you will have an identical system to the rest of us and the alfa definatitely injects for us....

Same here (using VMWare). Although receive sensitivity is excellent with the latest drivers, they go through the motions of injecting, but nothing is actually transmitted. I've also tried manually installing the latest stuff + patches - no change.

The new aircrack-ng VMWare image works, but for some reason the receive sensitivity is much lower.

Edit: a manual install with Debian unstable works very well. Yay.

Pilotsnipes, since you have everything working perfectly could you compress you virtual machine folder into a rar and upload it for all of us? I have a ftp so I pmed you a username so if you could upload your vmware folder that would be awesome.? Many thanks if you could do this. Then all of us could easily have this working. I just used magic iso to load the 3 latest modules and did a live boot in vmware and the injection test failed...

Hey pilot, good job. One thing: can you add a module to update kismet to the latest version? Thank you.

I just used magic iso to load the 3 latest modules and did a live boot in vmware and the injection test failed...

Guys, I was having this same problem and this is what I found.

If you boot from the live CD (like I do) do the following and tell me if it works:

1. With the computer off, plug in the ALFA
2. Turn on the comp and boot from the BT2.0 live CD
3. After logging in, at the bash prompt type:
cd rtl8187_linux_26.1010.0622.2006
sh wlan0down
sh wlan0up
ifconfig wlan0 down
ifconfig wlan0 up
iwconfig wlan0 mode monitor channel 6
aireplay-ng -9 wlan0

You should be injecting now. I found that if you DONT specify the "channel 6" when putting it in monitor mode it won't work.

Let us know if that works for you,

Mike

Guys, I was having this same problem and this is what I found.

If you boot from the live CD (like I do) do the following and tell me if it works:

1. With the computer off, plug in the ALFA
2. Turn on the comp and boot from the BT2.0 live CD
3. After logging in, at the bash prompt type:
cd rtl8187_linux_26.1010.0622.2006
sh wlan0down
sh wlan0up
ifconfig wlan0 down
ifconfig wlan0 up
iwconfig wlan0 mode monitor channel 6
aireplay-ng -9 wlan0

You should be injecting now. I found that if you DONT specify the "channel 6" when putting it in monitor mode it won't work.

Let us know if that works for you,

Mike


edit: tested airmon with chan 6 than injection work.. (at aireplay --test)
but it also works if i set my card to any other channel but i have to specify one..

but this wont help me.. anyone get this card working to get an ARP packet from an ap? tried hours with and without airoscript with chopchop fragmentation and normal arp attacks.. never got a packet from both of my routers... :()... with clients without clients.. nothing works.. my arp attack kicks the client but it wont reconnect.. dont know whats wrong here.. ****in driver?!

any ideas..?! if i do a ping with a cable connected client the arp begins to start .. otherway it wont work .. anyone has the same problems with the alfa?

sorted any noobs like me got ne probs just ask

Hi

can someone please make a .lzm for the new version 5 injection patch driver for the alfa usb?

thanks

Hi everyone :) after reading good things about the alfa i decided to buy one myself (got it this morning) firstly i'd like to thank Pilotsnipes for making these easy modules for us you rock. Managed to get my alfa set up really quickly its only taken me a few minutes to get it all up and running following snipes video again thanks snipes seeing it makes it so much easier to follow than just a list of commands especially for a noob like myself. ok so i am up and running was getting a shocking amount of data and arps right away compaired to my built in card got rather excited was hitting 300pps (nice) then unfortunitely it slowed right down after a few secs to 36pps. my heart sank lol heres whats happening im proberbly just overlooking something minor.

setup up the card following snipes video.

then im running these commands

airodump-ng -c 1 -w filename --bssid wlan0 (everything runs fine)

then in a new window

iwconfig wifi0 channel 9
aireplay-ng -1 0 -e -a -h wlan0 (everything works fine)

then after success im running this command


aireplay-ng -3 -b -h wlan0 (starts off great really fast data going up real fast like 300pps same with arps etc all good)

however then as soon as it starts adjusting the amount of packets a second data slows right down to a trickle and i get this error :

write failed: Resource temporarily unavailable23 packets... (36 pps)

then it stops totally and goes back to a command promt. forcing me to renter the command

aireplay-ng -3 -b -h wlan0

then same thing happens again loads of pps and arps at first then when it changes the amount of packets per second it slows down. then the error again. then back to the command promt.

Anyone had this problem or know how to fix it? am i overlooking something? any help would be much appreciated. :)

Has anyone tried these drivers on a hard drive install? There is no bt/modules dir on a hd install. Do I just use lzm2dir to unpack the drivers in /, or is there some other way to do it? I don't want to overwrite something and then have to reinstall.

Or... I also noticed a source lzm as well. Should I make and install that instead?

hi, i've been unable to run the updated iso. also unable to find solution on forum.

i downloaded bt2final.iso, checksum matches an all that. used ultraiso to open bt2final,after adding the files i found i couldnt re-iso it, trial version. so i went got free iso burner o sompin, made the 2 files into an iso, then used alchohol to burn it as image. doesnt work. im guessing its because im using different software. :confused:

could u tell me the programs u used. preferably free programs :D.

bt2 awesome, really need these updates for the alfa.

on a hardrive install you must lzm2dir on /, put i think you can do a make uninstall after......just in case.......

Can i use wpa_supplicant with these updates drivers?

Hello,
I tried to include those module into a clean BT2 but when I boot on the iso image, it says "Image checksum error" and doesn't boot. What did I do wrong ?

thanks

Hello,
I tried to include those module into a clean BT2 but when I boot on the iso image, it says "Image checksum error" and doesn't boot. What did I do wrong ?

thanks

The error is self-explanatory is it not?

Sure it is. But how can I fix this ? create a new checksum ?

i cannot do fake auth. i am using the 3 modules from 26th of june patch (aircrack 0.9.1 svn499 and v4 alfa patch)

i do this.

bootup from livecd ISO in vmware, with alfa attached to vmware.
run macchanger -m 00:11:22:33:44:55 wlan0
ifconfig wlan0 up
iwlist scan
airmon-ng start wlan0 7
airodump-ng wlan0
stop airodump
airodump-ng -c 7 --bssid 00:19:5b:95:20:a8 -w testoutput*.cap wlan0
in another; aireplay-ng -1 0 -e hometarget --a 00:19:5b:95:20:a8 -h 00:11:22:33:44:55 wlan0

result is:
Sending authentication request.
Sending authentication request.
a few times and then:
Attack was unsucessful.

what should i do?

i cannot do fake auth. i am using the 3 modules from 26th of june patch (aircrack 0.9.1 svn499 and v4 alfa patch)

i do this.

bootup from livecd ISO in vmware, with alfa attached to vmware.
run macchanger -m 00:11:22:33:44:55 wlan0
ifconfig wlan0 up
iwlist scan
airmon-ng start wlan0 7
airodump-ng wlan0
stop airodump
airodump-ng -c 7 --bssid 00:19:5b:95:20:a8 -w testoutput*.cap wlan0
in another; aireplay-ng -1 0 -e hometarget --a 00:19:5b:95:20:a8 -h 00:11:22:33:44:55 wlan0

result is:
Sending authentication request.
Sending authentication request.
a few times and then:
Attack was unsucessful.

what should i do?

try

aireplay-ng -1 60000 -o 1 -q 10 -e hometarget --a 00:19:5b:95:20:a8 -h 00:11:22:33:44:55 wlan0

have you try lower the rate of your card to 1M
?

and in your airodump-ng line -w capture not -w capture-01.cap

Have you tried the version 5 patch that has been out for a while.

43 mins is far too soon to be making a post that just says "help me"
Please wait at least 24 hrs unless you have tried a suggested solution and have feedback related to that.

"Bumping" like that is a practice frowned upon in forums.

So the post has been deleted.

43 mins is far too soon to be making a post that just says "help me"
Please wait at least 24 hrs unless you have tried a suggested solution and have feedback related to that.

"Bumping" like that is a practice frowned upon in forums.

So the post has been deleted.
I'm sorry but I think you mixed my problem with another one. I posted mine yesterday and not 43 mins ago. Further more, I dont want to "bump" but when the only answer to my problem is
The error is self-explanatory is it not?
it doesn't really help to solve to problem.

I think this might help for my problem:
http://backtrack.offensive-security.com/index.php?title=Howto:Mod_Linux

tried aireplay-ng -1 6000 -o 1 -q 10 -e hometarget -a 00:19:5b:95:20:a8 -h 00:11:22:33:44:55 wlan0

and using iwconfig wlan0 mode monitor channel 7 rate 1M

does not work either.

i have found the version 5 patch here: trac.aircrack-ng.org/changeset/557

is it possible to put this into a lzm module for livecd use? i will get around to doing a vmware hd install so i patch it to v5.

is it possible to put this into a lzm module for livecd use? i will get around to doing a vmware hd install so i patch it to v5.


This may help...

http://backtrack.offensive-security.com/index.php?title=Howto:Mod_Linux
Didn't you read the post above yours justin2net??? :confused:

I think this might help for my problem:
http://backtrack.offensive-security.com/index.php?title=Howto:Mod_Linux

yes i did. trac.aircrack-ng.org/changeset/557 no lzm module to add.

aircrack-ng.org/doku.php?id=r8187 i will follow these instruction to install the patch, correct?

You don't know how to make a .lzm module??? Might want to goole it up then..
Yes..that appears to be the correct patch and yes..please follow those instructions WORD FOR WORD! ;)

Two things to look up:
checkinstall
tgz2lzm

You now have everything you need.

It is incredibly simple to make a module, I make them all the time, I have said many times in the forum that I like modules.

As it happens I have the patch as a lzm, but what would you learn from that.

As it happens I have the patch as a lzm, but what would you learn from that.


Your such the taunter b_p...:D

Your such the taunter b_p...:D

Yes, I could post it, Yes I could write a tutorial on how to do it, but what would be learnt by that ? what additional knowledge would be lost in not researching this.

Everything required to do this is on two pages, 1 on the wiki, and the other on the aircrack site. Both of them explain their half of the process, in easy steps. They just need putting together in a very obvious way.
The whole process takes 3mins max

these commands;
patch -Np1 -i "filename of patch"
then checkinstall to turn it into a slackware package, then use tgz2lzm correct?

make
checkinstall
tgz2lzm input.tgz output.lzm

any updates to the ALFA patch since July?

Yeah I'll do one in a few days time.

Just been away for an extended break. :)

OK OK I give in, I have had so many PM's bugging me to post it.

I have no idea if it will work for you, just the same as some people can only use certain versions, But this works for me.

I have included in the zip file
sqlite-3.4.0.lzm
Aircrack-ng_1.0_dev_r735.lzm (the latest version, at the time of this post)
rtl8187-v5.lzm

So there you go, if it works for you then cool, if not sorry, I have no idea why only some versions work for some people, but this one works for me.

You can get it here (http://rapidshare.com/files/58765701/Aircrack-ng_1.0_dev_r735_AND_sqlite-3.4.0_AND_rtl8187-v5-PATCH.zip).

So now you can stop buggin me.

I have no idea why only some versions work for some people, but this one works for me.

2 possible reasons. The first reason I give is probably the correct assumption..

1. OPERATOR ERROR.


--or--2. Different versions of the alpha released possibly?????:confused:

Ah Balding Parrot - I've just come back to the forums to see you've done almost exactly the same as me!!

Just about to release 2 updates.

1) Update to aircrack 0.9, to version 0.9.1 Release 736 and
2) New Release of Aircrack 1.0 Dev Release 736

Each release has the new alfa patch ("v5") applied.

Please note the 1.0 Dev release uses balding_parrot's sqlite module (http://forums.remote-exploit.org/showthread.php?t=7460) - much crudos to him, I couldn't have been bothered compiling that! Cheers mate.

As always to be found in the first post.

I only did it because I got fed up of getting an average of 20 PM's a week asking me to post the v5 patch.

Yes I know your pain.

Sorry to the all the PM's I got that I never replied to. I just don't have the time for everyone.

No offence I hope. Thanks bp for your help too....


Actually bp, would you change the topic of this thread to:

Aircrack 0.9.1 or 1.0 Dev for Alfa AWUS036H (already patched).

I can't do it myself. Thank you.

Great pilotsnipes ! I will try this new version.

Oh for goodness sake!

I finally release a new version and 1 day later and 36 revisions later we have a new version of aircrack.

Here is both versions:

0.9.1 R772 and
1.0 Beta1 R772

Stop working so fast misterx !!! (Just kidding!)

As always to be found in the first post.

Hey guys I'm having a problem with my laptop and the Alfa.

Please note that the Alfa and my burn of BT2 work perfectly on my brothers laptop. :) and thanks for your file/tutorial compilation.

When I boot the cd and get into KDE, I open terminal and cd to rtl* folder. In your video you do 'sh wlan' but that doesn't work for me, it just returns 'no such file or directory'. I assume this is just something custom in your vmware copy because it does it on both laptops, no big deal though. My problem is that after I do sh wlan0up the first time then plug in my alfa and wait (i've tried many various wait times) and do sh wlan0up again, I ALWAYS get this error at the end:

wlan0: ERROR while getting interface flags: No such device

at the bottom of all the 'insmod: error inserting... -1 file exists' errors

My laptop is a HP Dv9000 and since the CD and Alfa unit are the exact same, it has to be the difference in hardware between the laptops, yeah? Can you think of anything I can try to get this working on my laptop so I don't have a 70 dollar unit lying around collecting dust?

Actually in the video I did a "sh wlan" then pressed tab for auto-complete (mistakenly), it would have been clearer if I had not done that. You do not use a command of only "sh wlan"

All you need to do is:

sh wlan0up
plug in alfa
Wait 15 secs
sh wlan0up

You WILL see "'insmod: error inserting... -1 file exists' That's ok. Ignore.

You Should NOT see "wlan0: ERROR while getting interface flags: No such device"

If you do, somethings not right, and of the top of mu head I don't know why.

After those commands, what happens when you type:

lsusb

Here is my session, I did it this time from VMWare so I could take a screenshot, I usually just boot the Live CD.

Edit: Removed the URL-- :)

(had to put a space, it wouldn't let me paste a real picture yet cause I don't have 15 posts)


I tried the lsusb thing as you can see but it didn't return anything. :confused: I don't know what's going on, it works perfectly on my brothers laptop.

It looks like your USB ports on your laptop aren't working.

Picture 1 See the Blue USB symbol, that must be showing. This means 2 things.
1) You've added a usb controller to your vmware machine,
2) If it blinks green The VMware machine is talking to the usb device.

If it's not there. Then check windows hasn't stolen control. You can force vmware to take the usb device back by following picture 2.

Seeing as it's also not working when you boot from the cd, it looks there's something wrong with the usb port itself.

Thanks for the tip, my USB device list comes up empty, even when its plugged in

windows can see it just fine though and I can connect to a network with it, etc.

If I go into the hardware settings for the virtual machine it doesnt have USB listed either

Edit: Ah nevermind, I'm a retard, have to stop the machine before I can add USB devices to the list... let me try it again.

I usually just boot the Live CD so this isn't the problem but maybe I can force it with VMWare to work

You need to add a USB adapter to the VM.

Just edit the VM settings adding a USB adapter and restart the VM

I have a problem with the update patches.
After booting my alfacd with the updates, I cannot authenticate with my AP when using aireplay-ng.
I also have problems just connecting to my AP when without the update this all works fine.
Should I skip the patch update for alfa and just only update aircrack-ng?
I wonder if similar problems occured with other people and how they find a solution.
I just put the lzm in the folder as explained, nothing more and just burned the iso...

AHA!!!! Pilot you saved my life, its working with VMWare now!!! :D :D :D

Any reason this wouldn't work when booting directly from the LiveCD? Maybe special USB drivers in windows or something?

Thanks again :) You too Parrot

Short update on my problems:

WITHOUT update patches:
- Can authenticate with my AP using aireplay-ng.
- Can NOT inject with aircrack-ng because old version 0.7x.

WITH update patches:
- Can NOT authenticate with my AP using aireplay-ng.
It just tries 5-6 times then just give the usual message that im not close enough to my AP (which im sitting next to) and also i tried changing the number of packets (-o switch), but nothing worked.
Also the --deauth wont work.
- Started injection without authenticating, that works, but hangs after 5000 packets, it says will try next, but it just hangs.

Also funny thing is that it assigns ipv6 address to alfa - have to dhcpcd to get normal ip.

So without the updates, cant inject because no update patch for both alfa and aircrack, but can authenticate.
With the updates, cannot authenticate.

Please, im getting frustrated about this problem - would like to find solution.

Thanks all !

I have just doubled checked that my newest modules do work on my system. Perfectly.

Can I ask are you in a VMWARE machine, or have you installed to HD or are you running from boot cd?

I just took bt2.iso - put the lzms in the module folder and ran from livecd.
the funny thing is the ipv6 assignment, but i just boot without dhcp and assign ip manually.
strange thing is that the authenticate with my AP doesnt work.
I am now trying with 1-dev - will post later results.
if in meantime you might know what could be wrong, please post !
it's giving me a headach this problem :(

Ok make sure you do this.

In this order.

Don't skip or modify anything thinking it won't matter. (!)

1) Run the boot cd (make sure alfa is UNPLUGGED)
2) Login
3) Open terminal window
4) Change to the rt8187xxxxxxxxxxxx directory
5) run: sh wlan0up
6) Plug in the alfa
7) Wait 20secs
8) Run: sh wlan0up
9) Start the device with: airmon-ng start wlan0
10) try to athenticate with: aireplay-ng

Don't skip or modify anything thinking it won't matter. (!)

1) Run the boot cd (make sure alfa is UNPLUGGED)
done - no problems
2) Login
done - no problems
3) Open terminal window
4) Change to the rt8187xxxxxxxxxxxx directory
called rtl8187_linux_26.1010.0622.2006
5) run: sh wlan0up
wlan0: ERROR while getting interface flags: no such device
Had to plugin the alfa before running this command
After plugin alfa and run this command:
insmod: error inserting 'ieee80211_crypt-rtl.ko': -1 File exists
insmod: error inserting 'ieee80211_crypt-web-rtl.ko': -1 File exists
insmod: error inserting 'ieee80211_crypt-tkip-rtl.ko': -1 File exists
insmod: error inserting 'ieee80211_crypt-ccmp-rtl.ko': -1 File exist
insmod: error inserting 'ieee80211-rtl.ko': -1 File exist
insmod: error inserting 'r8187.ko': -1 File exist


But after this the wlan0 device is up and i skip step 6-8
6) Plug in the alfa
7) Wait 20secs
8) Run: sh wlan0up
9) Start the device with: airmon-ng start wlan0
wlan0 RTL8187 r8187 (monitor mode enabled)
10) try to athenticate with: aireplay-ng
aireplay-ng -9 wlan0
Trying broadcast probe requests...
No Answer...
Found 1 AP
...
Injection is working!

aireplay-ng -1 0 -a <mac AP> -h <mac wlan0> wlan0

Association successful :-)

Thanks for advice though have no idea yet why it worked now, but it works :-)

Still you ignored my steps.

You should NOT plug in the alfa before you start the sh wlan0up command.

You should accept the error message.

Then plug it in, wait 20 secs, and run sh wlan0up again.

Don't change this routine.

I don't know why this makes it work (well I do a little) but it IS RELIABLE.

It was also mentioned about 3 times in this thread previously.....

(I'm glad it works now for you)

This drivers suxx !!!!!!!!!!!!!!!!!!!!!

(List for the 1.0 DEV Version of Aircrack. Newest version always first one in this list.
*Update 01/Oct/2007
This includes the new v5 patch for the alfa, and the latest svn aircrack for the 1.0 DEV verison (1.0 DEV svn736)).

LOOK max Tx-Power is 5 dbm !!!!!
h ttp://img255.imageshack.us/img255/2099/newpatchzi3.jpg

When good driver patch for AWUS036H Alfa ??? :'(

http://www.aircrack-ng.org/doku.php?id=r8187

Read: Usage Tips


When good driver patch for AWUS036H Alfa ??? :'(


When the grammar improves.....

This drivers suxx !!!!!!!!!!!!!!!!!!!!!

(List for the 1.0 DEV Version of Aircrack. Newest version always first one in this list.
*Update 01/Oct/2007
This includes the new v5 patch for the alfa, and the latest svn aircrack for the 1.0 DEV verison (1.0 DEV svn736)).

LOOK max Tx-Power is 5 dbm !!!!!
h ttp://img255.imageshack.us/img255/2099/newpatchzi3.jpg

When good driver patch for AWUS036H Alfa ??? :'(

There is nothing wrong with the patch, the only things that "suxx" are your search techniques, the lack of reading you have done and the way you "ask" questions.

I wish I had your composure b_p! Especially when someone insults your hard work that you provided to them out of the goodness of your heart.

yes seems you are the favourite victim of such idiots wich don't take time to SEARCH, READ and that never think that ERROR MAY COME FROM THEIR SIDE............

Really i wish i had your patience....

It's pilotsnipes hard work, I only provided a module to stop the 20 PM's a week asking for it, as he had not done the new one yet. So I guess the insult was more at him than me. ;)

I know, I seem to target of the week, sometimes my patience astonishes me. :eek: :o :D

It's pilotsnipes hard work, I only provided a module to stop the 20 PM's a week asking for it, as he had not done the new one yet. So I guess the insult was more at him than me. ;)

I know, I seem to target of the week, sometimes my patience astonishes me.

I thought he was referring to your module. Now that I re-read his post..it ticks me off even more that he was insulting piolitsnipe's driver. You know how difficult and time consuming it has to be to custom fit a driver to get it to monitor and inject??>>>>>>>>>>>>>>>> LOTS!!:mad:

I guess that the real people that did the hard work, are your "favourite" people, as it is them that at least created that patch, and maybe the driver. Applying it and creating a module is the really easy part, but that really doesn't excuse that attitude or the inability to follow the very comprehensive instructions and information in this thread.

I guess that the real people that did the hard work, are your "favourite" people,


Huh?? What do you mean by "your favorite" people?? :confused:

And I agree 100%...that definitely doesn't excuse the attitude he caught.

The Aircrack people.

The Aircrack people.


I thought thats what you meant you dirty dog you!!! :D

Favorite people ...Thats hilarious!! :rolleyes: :D

I thought thats what you meant you dirty dog you!!! :D

Favorite people ...Thats hilarious!! :rolleyes: :D

I thought you would appreciate that.

Anyway, that xseth has got 3 days on the naughty step for his ignorant attitude.

I'm new here and just want to say, Thanks for all this hard work guys :)

Fixed. Ta.

First I am very new at this and really don't know what I am doing. I have a HP laptop that has a built in WiFi card that is awful so I purchased the ALFA USB WIFI Dongle and it is fantastic. However, I cannot get it to work with Back Track.

I have done everything I can think of. I have created the CD with the drivers in the module folder. I change to the directory, typed the commands and nothing happened.

In other words what do I do now? I opened the USB Devices and I can see the RTL8187_Wireless_Lan_Adapter under EMCI Host Controller (1) but how can I change to use it.

I looked up what to do and typed in

iwconfig and the results were

lo no wireless extensions
eth0 no wireless extensions
eth1 - appears to be the built in card as it has a Nickname of "Prisum I" and it only is 802.11b
wlan0 appears to be the USB card as it shows 802.11b/g

I tired ifconfig wlan0 up with no results.

Okay, when you stop laughing, remember this is my first attempt at anything dealing with linux so I maybe way off track. But it is very difficult, when you don't know the commands and what they do.

First I am very new at this and really don't know what I am doing. I have a HP laptop that has a built in WiFi card that is awful so I purchased the ALFA USB WIFI Dongle and it is fantastic. However, I cannot get it to work with Back Track.

I have done everything I can think of. I have created the CD with the drivers in the module folder. I change to the directory, typed the commands and nothing happened.

In other words what do I do now? I opened the USB Devices and I can see the RTL8187_Wireless_Lan_Adapter under EMCI Host Controller (1) but how can I change to use it.

I looked up what to do and typed in

iwconfig and the results were

lo no wireless extensions
eth0 no wireless extensions
eth1 - appears to be the built in card as it has a Nickname of "Prisum I" and it only is 802.11b
wlan0 appears to be the USB card as it shows 802.11b/g

I tired ifconfig wlan0 up with no results.

Okay, when you stop laughing, remember this is my first attempt at anything dealing with linux so I maybe way off track. But it is very difficult, when you don't know the commands and what they do.

Well after ifconfig wlan0 upu what else have you done and did the afore mentioned command complete? If it did then have you tried connecting with the easy to use wlan assistant?

what ablout WUSB54G?:cool:

Why I can't load it in aircrack-ng 1.1?

what ablout WUSB54G?:cool:

Why I can't load it in aircrack-ng 1.1?

It has nothing to do with this card at all, so this is not the right place to post that question.
Keep your posts in the right place for them.

Hi,

first of all thanks for your hard work!
One question: How can I be sure that your driver is used instead of the one that is already in bt2?

Hello guys,

Just got the card and its super power, incredible really, my results got more than 10 times the power i previously had when a regular wifi pen.
Im gonna test some drivers for this.

Having problems configuring Kismet with ALFA 500mw.

I have in kismet.conf :
version=2005.06.R1
suiduser=postgres
source=r8187,wlan0,ALFA

Can anyone help me what im suppose to do next?

Im also having issues, i test injection and it works, i try to weside it doesnt work:

bt kismet-2007-10-R1 # wesside-ng -i wlan0
[19:05:50] Using mac 00:11:22:33:44:55
[19:05:50] WARNING: Appending in wep.cap
[19:05:50] Looking for a victim...
[19:05:51] Found SSID(MM) BSS=(00:13:10:8A:DB:03) chan=11
[19:05:51] Authenticated
[19:05:51] Associated (ID=1)
[19:05:56] \
[19:05:56] Dying...
bt kismet-2007-10-R1 #

bt kismet-2007-10-R1 # aireplay-ng -1 0 -a 00:13:10:8A:DB:03 -h 00:11:22:33:44:55 wlan0
19:03:41 Waiting for beacon frame (BSSID: 00:13:10:8A:DB:03)

19:03:41 Sending Authentication Request [ACK]
19:03:41 Authentication successful
19:03:41 Sending Association Request [ACK]
19:03:41 Association successful :-)

What bothers me is the ACK part, cause i cant get ARP Requests.
My router has macadress filtering its a SMC one.

Im lost on what to do.
Thanks for reading this

first of all this is wrong : source=r8187,wlan0,ALFA

you should put rt8180 instead of r8187 (rt8180 covers all Realtek 8180 based cards)

Hello guys,

Just got the card and its super power, incredible really, my results got more than 10 times the power i previously had when a regular wifi pen.
Im gonna test some drivers for this.

Hi all,

Been fiddling with this card today on BT2 (HD install) and wondered if this might help someone. Not sure if its just a fluke but I did the following and it seems to be running fine...

1) Used BP's method to update sqlite to latest version (3.5.4)
2) Followed directions on Aircrack-ng page for patching drivers (ww.aircrack-ng.org/doku.php?id=r8187). This didn't seem to work as the wlan0 interface completely disappeared under iwconfig and airmon-ng commands!
3) Went ahead and updated to latest svn branch revision of aircrack-ng dev anyway (aircrack-ng 1.0 beta1 r865) and crossed my fingers! (see backtrack.offensive-security.com/index.php/Howto:aircrack_ptw)
4) Changed Kismet source back to 'source=rt8180,wlan0,ALFA' in /usr/local/etc/kismet.conf

Hey presto!

Completely wrong approach and other methods will probably extract more juice from it but it works well enough for me. It associates, injects, catches and relays packets and does frag attacks ;) It appears to have retained something from the patch as it only shows up to 5db, which is really the relative txpower setting 1-5.

Haven't tried changing mac yet and Kismet is a bit touch-and-go but it (mostly) works with 'kismet start wlan0' and if it starts misbehaving I just restart or just use Airodump-ng!

Great card! Haven't tried it on 3 beta yet......

Wesside!

the txpower settings 1-5 is not directly relative to the db power, its 1-5 settings where 1 = minimum and 5 = max

Oops.

Thanks merlin051, you are right. I was just going off the iwcofig output and misread it.

Card wont respond to iwconfig txpower command to change txpower but I guess I am stuck at 5 (which is fine) till I figure how to configure it properly !

Wicked card!

Cheers.

ps Pilotsnipes, Thanks for the detailed howtos. Will they work for latest svn branch aircrack-ng 1.0 beta1 r865? I was a bit scared to try them on a different version!

Keep up the good work guys.

Cheers.

Hi all... this is my 1st post in the forum so apologies if its in the wrong place or sumfin... I'm a noob with forums too.

I'm having a problem, well, may problems trying to crack my 128 WEP router...but this is the most recent problem...

I seem to have successfully got as far as as running Aircrack but have hit a wall.

I'm running a raw BT2 Final CD, patched with "Update 01st/Oct/2007 - Included latest aircrack 0.9.1 (svn772) version (with new v5 alfa patch)"

...and this is the full list of commands I've run once logged in and after xconf/startx...I booted without the Alfa connected

cd rtl8187_linux_26.1010.0622.2006/

make

sh wlan0up
(Error about device not being plugged in)

PLUG IN ALFA

sh wlan0up
(receive error about file exists)

ifconfig wlan0 down

macchanger -m 00:11:22:33:44:55 wlan0

ifconfig wlan0 up

airmon-ng start wlan0 <it does go into monitor with no probs>

airodump-ng wlan0 and control-C when desired AP is found

airodump-ng -c 9 -w jason --bssid 00:XX:22:XX:44:XX wlan0 (Leave window open)

aireplay-ng -1 0 -e MYROUTER -a 00:XX:22:XX:44:XX -h 00:11:22:33:44:55 wlan0 (This associates OK)

aireplay-ng -3 -b 00:XX:22:XX:44:XX -h 00:11:22:33:44:55 wlan0

aircrack-ng -n 128 --bssid 00:XX:22:XX:44:XX jason-01.cap (or jason.cap, or any derivative I can think of...nothing works, this is my brick wall)

The problem is that I am looking at 623000 Data and 303 #/s in airodump

In aireplay it shows 1380000 Read, 675000 ARP requests, 696000 sent packets and 254 PPS

...then i thought I'd run Aircrack on the .cap file that Aireplay said it was saving the ARP requests in...so I run this command...

aireplay-ng -n 128 --bssid 00:XX:22:XX:44:XX replay_arp-0223-033338.cap

but it ALWAYS comes back saying...

Opening replay_arp-0223-033338.cap
Read 8 packets (only 8 every time!)
Not enuff IV's available...you need at least 250000 etc etc

It always only says 8 packets read, no matter how all the rest of the numbers are rolling, and they do roll fast.

All the above info was pasted together from "merlin051" and the Xploitz E-Z WEP video...plus 3 weeks of research, the purchase of a D-link GWL-G122 B1 2.02 (works like a total dream with nothing more than airoscript.sh)...a Senao NL2511CD EXT2 1.8.0 (no joy what-so-ever), an Alfa AWUS036S (no joy either)

Would somebody please come back with a "Yeah, you missed this simple command" type thing and bring back my happiness?

When cracking WEP with my D-Link airoscript always has it constantly DeAuth-ing...but the Xploits video shows none of this...why different cards are run in different ways I've no idea...I'm a total noob to linux and Backtrack so am really just pulling bits of commands from here and there and hoping something miraculously happens!!

By the way...on all my WEP 'hacks' my read packets have to be up around 3000-6000 before any ARP's are got...why doesn't it just start shooting up at the start like all the vids I see?

My alfa is USB'd to about 4 metres away from my router

If the D-link just had an external antenna connector, its totally the poster-child for WEP cracking

Cheers for any help...

The file you want is jason-**.cap where ** changes each time you run airodump.
Look in your root directory and you will find out what it is called.
You can also run it as aircrack-ng *.cap and it will open and use all of the cap files.

Only had a quick look and that was the first thing that jumped out at me.

Cheers balding_parrot

Thats what I thought the command was...my problem was that I'd been running aircrack in the wrong directory, and therefore hadn't selected the correct file...lolol !

Correct commands, wrong dir...tit !

I'm flying with my Alfa AWUS036H on both the modified BT2, and way better still with BT3b, the new aircrack does the job in about a third of the time...nice one you wizards you.

I'll post exactly what I've done shortly so other noobs have totally idiot-proof instructions...or PM me in the meantime if nothing appears...

I also figured why my ARP's weren't rising...coz I wasn't generating anything on my other (client) machine, i.e. web browsing...BTW noobs...with my procedure below there does indeed need to be some kind of client PC attached to the AP...wired or wifi makes no difference...but it must be surfing the net in some way when you start the attack...WHICH LEADS ME TO MY NEXT AND PROBLY FINAL HURDLE...(famous last words!)

CAN SOMEBODY HELP WITH THIS....?? (Not shouting, drawing emphasis!)

My final(!) problem is this...If I leave my house to test the full range of my AWUS036H then how can I get ARP's if I am not around to do some surfing on my attached client PC...coz at the mo my ARP's only start rolling when I do something on my client, a simple page refresh starts the ARP's.

With my D-link GWL-G122 I can run airoscript.sh (BTW, I haven't figured out how to use airo with my alfa's...any help?...it just wont run, or does not see any alfa attached, i.e. I dont get the 'choose adapter' first screen, just goes straight into the first load of 1 to 9 options????)...anyway, with airoscript (and D-Link) I do not need a client attached...just the router to be on, and airoscript gets the job done in minutes, all automatically... but with my alfa's and the set of commands in my previous post I absolutely must have an attached client and it must be doing something on the web...just a one page refresh is enuff to get the ARP's going...but I must physically do this on the client or no ARP's at all...maybe a few literally

So can anybody (parrot?) tell me the modified commands to get the wep cracked without a client to rely on?...all i want is one laptop, the target router and thats it...oh, I do have 2 laptops so if I need to use one of those as a fake client what are the commands?...I'd rather only use the 1 laptop (thats all I need with the d-link) but I do have 2 if needbe.

Thanks for anybody's and everybody's help in advance ;)

Oh, one last thing...my hat's off to all you programmers out there who sat down, figured out, and finally wrote all this... magicians the lot of ya !

Glad to have helped.

Try -=Xploitz=- tutorials on clientless and clitent WEP attacks in the tutorials and guides section, the answers to your questions are there.

I've burned the new BT3 with the .9 AND the 1.0 versions of aircrack + ALFA patches and I'm getting this error when I "sh wlan0up":

insmod: error inserting 'ieee80211_crypt-rtl.ko': -1 Invalid module format
insmod: error inserting 'ieee80211_crypt_wep-rtl.ko': -1 Invalid module format
insmod: error inserting 'ieee80211_crypt_tkip-rtl.ko': -1 Invalid module format
insmod: error inserting 'ieee80211_crypt_ccmp-rtl.ko': -1 Invalid module format
insmod: error inserting 'ieee80211-rtl.ko': -1 Invalid module format
insmod: error inserting 'r8187.ko': -1 Invalid module format

I used to use BT2 with these 3 modules from pilotsnipes and my ALFA AWUS036H was working fine.

Anyone know what's wrong?

Thanks

I'm sure I saw this question on a different thread with the same error output... Maybe they are old drivers. no longer supported.. wrong kernel?