Latest News

Fixing WEP Cracking in Backtrack 4 R2 | Asus 1215N

Monday, May 23, 2011 , Posted by Nick Driver at 11:21 PM



This is a work in progress without a definitive solution currently. Any input would be greatly appreciated in the comments.


Basic Info:
Model: ASUS 1215N
Chipset: AR-9285
Current Drivers: ath9k
Confirmed Injection? Yes, though there doesn't seem to be a definitive tutorial on it yet.

Let's see... Maybe one of these options will work. According to backtrack-linux.org I found this tutorial: http://forum.aircrack-ng.org/index.php?topic=5755.0

It led me to this download file: http://www.janoweb.net/drivers-patch.html#axzz1NEZjJj1j (I downloaded the maverick driver, but I did have issues loading this web page with the default Firefox installation from Backtrack - it liked to freeze up on me and crash Firefox)

Then I unzipped the file I downloaded to /root/downloads/

root@bt:~# cd downloads/
root@bt:~/downloads# tar -xf compat-wireless-aircrack-lucid-maverick.patched/
root@bt:~/downloads# cd compat-wireles-aircrack-lucid-maveric.patched/
root@bt:~/downloads/compat-wireless-aircrack-lucid-maverick.patched/# sudo make

(wait a long time while I write this blog post)

# sudo make install
# sudo make unload
# sudo modprobe rtl8187


After this, in theory, everything is supposed to work. However, running ifconfig now shows that no wlan0 exists. ifconfig wlan0 up says no such interface. Running /etc/init.d/networking restart followed by the ifconfig wlan0 up yields the same results. After this, it was midnight and I had to work the next day so I shut down and went to bed. I haven't tested it since. If anyone happens to read this and have a solution, your input would be greatly appreciated in the comments.

Steps to try next:

# sudo rmmod r8187 rtl8187 mac80211
# sudo mkdir /usr/src/drivers
# cd /usr/src/drivers
# sudo wget http://dl.aircrack-ng.org/drivers/rtl8187_linux_26.1010.zip
# sudo unzip rtl8187_linux_26.1010.zip
# cd rtl8187_linux_26.1010.0622.2006/
# sudo wget http://patches.aircrack-ng.org/rtl8187_2.6.35-monitor_only.patch
# sudo tar xzf drv.tar.gz
# sudo tar xzf stack.tar.gz
# sudo patch -Np1 -i rtl8187_2.6.35-monitor_only.patch
# sudo make
# sudo make install
# sudo make unload #THIS MIGHT NOT BE NECESSARY
# sudo modprobe rt2800usb


...It looks like I may not have read everything before trying different options. It seems like the Asus 1215N uses the ath9k driver, which may require the following (via backtrack-linux):


# rmmod ath9k
# modprobe ath9k
# /etc/init.d/networking start


Something I found seems to suggest that I should install the compat-wireless drivers to get everything to work.  To do that, I need to follow the directions on the aircrack-ng wiki. This looks promising.

Update 5/27/2011: I got curious and booted into BT4R2 this afternoon. When I first booted up and ran ifconfig I was only getting the local loopback device. No eth0. No wlan0. ifconfig wlan0 up brought back my wlan0 device and showed the correct MAC address. When I loaded up the access point list, it showed all the AP's in the area. However, attempting to connect to either of the two closest APs failed when it could not obtain an IP address. When that failed, I ran the commands above (rmmod ath9k && modprove ath9k && /etc/init.d/networking start) and attempted to connect again. Once again it failed to obtain an IP address. This may have something to do with the fact that the AP's are at about 30% signal strength, but I haven't had any problems connecting to them in Windows. It looks like whatever I did in the first few sections of this blog post seems to have rendered my WiFi card useless. I'll try again when I get home and have a more reliable AP to work with, but until then I'm installing BT4R2 in a Virtual Machine. If it doesn't work at home, I'll have to reinstall BT4R2 on that partition (which means making another bootable USB, which I really don't want to do) and try again with the default drivers. I wish there was some way from within a persistent installation of BT4R2 that you could revert to the factory default settings, but I couldn't seem to find anything.

Update 5/31/2011: Last night I tried cracking the original WEP that I had started out with, using the new ath9k drivers. I followed the directions at the aircrack-ng wiki, but didn't come up with anything useful. Each time I ran through the directions and ended with modprobe ath9k, I ended up with a dead WiFi card. I would then uninstall the driver via the following commands

# cd compat-wireless-$(date -I)
# make uninstall
# make wlunload
# modprobe ath9k
# reboot




After the reboot finished, the card would be back to working as normal. I eventually got fed up with it and decided to wipe out my BT4R2 installation and install the latest version of Ubuntu (11.04 Natty Narwhal). I figured maybe it had to do with something in BT4R2 being out of date. Unfortunately, when I installed aircrack-ng on Ubuntu and tested it out, I realized I was running into the same problem and no ARP requests were being sent. Back to square one. Surely someone has to have a solution to this problem.

...Still working on it. To be continued.

Currently have 5 comments:

  1. Michael says:

    Keep it up I'm watching this post. I want to put Backtrack 4 on my 1215n as well.

  1. The Dr1ver says:

    I'll definitely keep the post updated as soon as I get a chance to try the last methods (using ath9k and using the aircrack-ng wiki to install the compat-wireless drivers), but I'm at the beach this weekend and don't have any WEP to test it on (everyone in range has unsecured routers). I'll test it when I get back and update the post.

  1. Jesús says:

    Hello, Im from Spain, sorry if you dont understand me, Im working in the same project than you, the first problem that we found is to identify the chipset of the WiFi Card, you say that the wifi card have a AR-9285, but here (*1) we can see that this machine uses a AzureWave WiFi Card, model AW-NE785H with chipset AR5B95, I supose that is the same AR-9285 and AR5B95. I need to confirm me what is the true wifi adapter (if they're not the same), here (*2) call about this, I tried a lot of manuals about AR5B95 and Wep cracking, but nothing works. My specific problem is that I can`t put the Wifi Card in Monitor Mode, so I can't capture. I use Backtrack 4 R2, I hope to hear from you soon, good job.

    (*1) http://forum.eeeuser.com/viewtopic.php?id=88793
    (*2) http://www.backtrack-linux.org/forums/beginners-forum/33008-asus-1215n-confirmed-monitoring-injecting.html

  1. The Dr1ver says:

    Jesus -

    How are you going about putting the wifi card in monitor mode? I don't seem to have any problem putting my card into monitoring mode. It collects the packets, but it only collects a few each time there is an ARP request. The injection is where it's falling short for me.

    To put into monitoring mode I do:

    ifconfig wlan0 down
    iwconfig wlan0 monitor
    ifconfig wlan0 up

    However, this causes there to be a new interface (mon0) that I need to use to monitor instead of the default wlan0... Either way, monitor mode works (although it is with a different interface), but injection does not.

    I see your point with the different model number listed in *1 above. However, before I changed my drivers I do remember that Backtrack was using the ath9k driver, not ath5k. I'm not sure which chipset it's using as I haven't taken my netbook apart yet, but I was going off the mention in the *2 link you listed above. Let me know if you find anything out and I'll do the same.

  1. Sun says:

    first guy forget about BT4

    BT5 is out and is working perfectly with the 1366*768 of the native screen of my 1215n

    then once you do that we will try to see what we can do on the new BT...
    BT 5....

Leave a Reply

Post a Comment