Wireless Security
Re: AirPcap : Basic questions Jul 08 2009 04:15AM
Fatah al Farihin (fathkay yahoo com)

so, that's mean just change the vid/pid inside the eeprom area. i never thought i would be as simple as that, or i am missing something like the driver check some signature/function/information inside eeprom other than refer vid/pid. could someone can get me the vid/pid through (lsusb) or i can refer to the driver http://www.cacetech.com/downloads.html ? furthermore, is there any chances of success in windows story ?

--- On Wed, 7/8/09, Jon Janego <jonjanego (at) gmail (dot) com [email concealed]> wrote:

> From: Jon Janego <jonjanego (at) gmail (dot) com [email concealed]>
> Subject: Re: AirPcap : Basic questions
> To: "Fatah al Farihin" <fathkay (at) yahoo (dot) com [email concealed]>, wifisec (at) securityfocus (dot) com [email concealed]
> Date: Wednesday, July 8, 2009, 2:55 AM
> I believe that it is indeed a
> zd1211rw based chipset.  i don't have a
> dump of it, though..
>
> my info is from Joshua Wright, who modified the zd1211rw
> drivers for
> the latest edition of the SANS617 Backtrack distro. 
> Here are his
> notes:
>
> 1. Modified zd1211rw driver to recognize the Airpcap
> Classic and
> Airpcap TX USB VID/PID
> values; modified ieee80211.ko driver to check for
> monitor-mode and
> properly accommodate
> packet injection
>
> you'll have to recompile the kernel to get the AirPCap to
> work, and
> even then I couldn't get injection operating correctly
> (although Josh
> did in his Backtrack Distro).
>
> On Tue, Jul 7, 2009 at 12:10 PM, Fatah al Farihin<fathkay (at) yahoo (dot) com [email concealed]>
> wrote:
> >
> > can you confirm me that airpcap device is based on
> (firmware) modified zd1211rw based chipset ? and which site
> can i refer to ? and anyone have a firmware (eeprom) dump of
> airpcap device ? thanks.
> >
> > --- On Thu, 3/26/09, Jon Janego <jonjanego (at) gmail (dot) com [email concealed]>
> wrote:
> >
> >> From: Jon Janego <jonjanego (at) gmail (dot) com [email concealed]>
> >> Subject: Re: AirPcap : Basic questions
> >> To: wifisec (at) securityfocus (dot) com [email concealed]
> >> Date: Thursday, March 26, 2009, 10:50 AM
> >> 1) It's one of the only wireless
> >> cards with a driver in Windows that
> >> supports monitor mode.
> >>
> >> It integrates well with Wireshark and Cain.
> >>
> >> Its driver can decrypt WEP traffic on the fly
> (with a known
> >> key)
> >>
> >> 2) If you're stuck using Windows, then AirPcap is
> your
> >> easiest option
> >> for monitor mode.  Otherwise, if using linux you
> are
> >> better off with
> >> an atheros or other card, since AirPcap isn't
> "officially"
> >> supported
> >> in linux by the manufacturer (although you can use
> modified
> >> zd1211rw
> >> drivers to get it working)
> >>
> >> Its a handy card for windows but its a little
> expensive...
> >> easier to
> >> just boot into linux and use something cheaper.
> >>
> >> JJ
> >>
> >> On Wed, Mar 25, 2009 at 8:59 PM, Security Basic
> >> <security.basic (at) gmail (dot) com [email concealed]>
> >> wrote:
> >> > Can someone help me with very basic questions
> about
> >> AirPcap
> >> >
> >> > # Whats so special about it?
> >> > # What can you do with AirPcap that you can't
> do
> >> otherwise
> >> >
> >> > thanks
> >> > --
> >> > ~SB
> >> > http://exploitsearch.com
> >> >
> >>
> >
> >
> >
> >
>

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus