User Tools

Site Tools


injection_test

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
injection_test [2008/02/03 22:05] darkaudaxinjection_test [2013/04/25 11:17] (current) – [Airserv-ng Test] Minor Update jano
Line 24: Line 24:
  
 An additional feature is the ability to test connectivity to [[airserv-ng]].  Once the basic connectivity test is completed then it proceeds with the standard injection tests via the wireless card linked to airserv-ng. An additional feature is the ability to test connectivity to [[airserv-ng]].  Once the basic connectivity test is completed then it proceeds with the standard injection tests via the wireless card linked to airserv-ng.
 +
  
 ===== Usage ===== ===== Usage =====
  
-aireplay-ng -9 -e teddy -a 00:14:6C:7E:40:80 -i wlan0 ath0+aireplay-ng -9 -e teddy -a 00:de:ad:ca:fe:00 -i wlan1 wlan0
  
 Where: Where:
  
-  * -9 means injection test.  Long form is - -test.  (Double dash)+  * -9 means injection test.  Long form is -''''-test. 
   * -e teddy is the network name (SSID).  This is optional.   * -e teddy is the network name (SSID).  This is optional.
-  * -a 00:14:6C:7E:40:80 ath0 is MAC address of the access point (BSSID). This is optional. +  * -a 00:de:ad:ca:fe:00 ath0 is MAC address of the access point (BSSID). This is optional. 
-  * -i wlan0 is interface name of the second card if you want to determine which attacks your card supports.  This interfaces acts as an AP and receives packets.  This is optional. +  * -i wlan1 is interface name of the second card if you want to determine which attacks your card supports.  This interfaces acts as an AP and receives packets.  This is optional. 
-  * ath0 is the interface name or airserv-ng IP Address plus port number.  This interface is used to send packets.  For example - 127.0.0.1:666. (Mandatory)+  * wlan0 is the interface name or airserv-ng IP Address plus port number.  This interface is used to send packets.  For example - 127.0.0.1:666. (Mandatory)
  
-IMPORTANT:  You must set your card to the desired channel with [[airmon-ng]] prior to running any of the tests.+IMPORTANT:  You must set your card to monitor mode and to the desired channel with [[airmon-ng]] prior to running any of the tests.
  
 ===== Usage Examples ===== ===== Usage Examples =====
Line 97: Line 98:
  
   * It confirms that the card can inject and successfully communicate with the specified network.   * It confirms that the card can inject and successfully communicate with the specified network.
 +
  
  
 ==== Attack Tests ==== ==== Attack Tests ====
  
-This test requires two wireless cards.  The card specified by "-i" acts as the access point.+This test requires two wireless cards in monitor mode.  The card specified by "-i" acts as the access point.
  
 Run the following command: Run the following command:
  
-   aireplay-ng -9 -i ath0 wlan0+   aireplay-ng -9 -i wlan1 wlan0
  
 Where: Where:
  
   * -9 means injection test.   * -9 means injection test.
-  * -i ath0 is the interface to mimic the AP and receives packets.+  * -i wlan1 is the interface to mimic the AP and receives packets.
   * wlan0 is the injection interface.   * wlan0 is the injection interface.
  
 The system responds: The system responds:
  
-   11:06:05  wlan0 channel: 9, ath0 channel: 9+   11:06:05  wlan0 channel: 9, wlan1 channel: 9
    11:06:05  Trying broadcast probe requests...    11:06:05  Trying broadcast probe requests...
    11:06:05  Injection is working!    11:06:05  Injection is working!
Line 121: Line 123:
        
    11:06:05  Trying directed probe requests...    11:06:05  Trying directed probe requests...
-   11:06:05  00:14:6C:7E:40:80 - channel: 9 - 'teddy'+   11:06:05  00:de:ad:ca:fe:00 - channel: 9 - 'teddy'
    11:06:05  Ping (min/avg/max): 2.763ms/4.190ms/8.159ms    11:06:05  Ping (min/avg/max): 2.763ms/4.190ms/8.159ms
    11:06:07  26/30: 87%    11:06:07  26/30: 87%
Line 134: Line 136:
 Analysis of the response: Analysis of the response:
  
-  * **11:06:05  wlan0 channel: 9, ath0 channel: 9**: It is import to make sure both your cards are on the same channel otherwise the tests will not work correctly.+  * **11:06:05  wlan0 channel: 9, wlan1 channel: 9**: It is import to make sure both your cards are on the same channel otherwise the tests will not work correctly.
   * The first part of the output is identical to what has been presented earlier.   * The first part of the output is identical to what has been presented earlier.
   * The last part shows that wlan0 card is able to perform all attack types successfully.   * The last part shows that wlan0 card is able to perform all attack types successfully.
Line 141: Line 143:
 ==== Airserv-ng Test ==== ==== Airserv-ng Test ====
  
-Run the following command:+Run Airserv-ng: 
 + 
 +   airserv-ng -d wlan0 
 + 
 +The system responds: 
 + 
 +   Opening card wlan0 
 +   Setting chan 1 
 +   Opening sock port 666 
 +   Serving wlan0 chan 1 on port 666 
 + 
 +Then run the following command:
  
    aireplay-ng -9 127.0.0.1:666    aireplay-ng -9 127.0.0.1:666
Line 186: Line 199:
 ==== General ==== ==== General ====
  
-Make sure the card(s) are on the same channel as your AP.  You can use iwconfig to confirm which channel your card is currently on.+  * Make sure you use the correct interface name.  For mac80211 drivers, it is typically "mon0" For madwifi-ng, it is typically "ath0" As well, ensure you don't have multiple monitor interfaces created meaning "mon0", "mon1", etc. is bad and the extra interfaces need to be destroyed.
  
-Make sure your card is not channel hopping.+  * Make sure the card(s) are on the same channel as your AP and locked on this channel.  When putting your card into monitor mode, be sure to specify the channel via airmon-ng.  You can use iwconfig to confirm which channel your card is currently on.  The injection test will fail if your card and access point are on different channels.
  
 +  * Make sure your card is not channel hopping.  A very common mistake is to have airodump-ng running in channel hopping mode.  If you use airodump-ng, be sure to use the "-c <channel>" option.  Additionally, ensure all network managers and similar are killed off.
  
 ==== "Network is down" error message ==== ==== "Network is down" error message ====
injection_test.1202072716.txt.gz · Last modified: 2008/02/03 22:05 by darkaudax