Aircrack on the Fonera

The DD-WRT firmware for the Fonera does not support packet injection as it does not have the proper patched Mad-wifi driver. I’ve tried to make injection work with the DD-WRT firmware, but to no avail. As soon as injection begins, the router immediately freezes up.  If you want to know how to flash this firmware to your Fonera, follow the link below and visit the tutorials and guides.

As of now, the only firmware to support injection is Meltyblood’s Legend Pre 4.5. The firmware and instructions can be found here:
http://www.dd-wrt.com/phpBB2/viewtopic.php?p=89286

In the video, I am cracking a 128-bit WEP key utilizing fake authentication and packet replay attacks. All processes are running directly on the Fonera. The attacks are against a D-Link DGL-4300. The OS I’m using in the video is Backtrack 3 Beta in a virtual machine.

Visit the forums to discuss this guide.

A quick rundown of what was done:

• Mount network share for capture files (Fonera does not have enough memory to store capture files)
• Create wireless interface “ath1″ in monitor mode
• Start airodump to get quick snapshot
• Restart airodump with “–bssid” option to cut down on file size and “-w” to specify write location
• Start aireplay in fake authentication mode
• Once attack has completed, start aireplay in replay mode
• Collect 35,000 - 60,000 packets (for 128-bit WEP)
• Use aircrack-ptw to decrypt the key