BackTrack2 Wireless

I’ve worked with a lot of people who had trouble with setting up wifi on BackTrack2 and decided it would be worth a post on how I manage it.

I prefer to do this task from the command line, since it allow more control, plus it shows you exactly what happens in the background of some of these GUI apps. I use 5 main commands for this: ifconfig, iwlist, egrep, iwconfig, and dhcpcd.

Before we can do anything, we need to make sure our ethernet card is turned on. To check this, simply run ifconfig with no options. If the only interface you see is the lo (local or loopback), then you are going to need to bring up (turn on) your interface with: ifconfig <interface> up for me, <interface> is eth0, but your machine may differ

Now that the device is up and running, let’s find out what networks we can connect to. (You may skip this step if you already know what you are connecting to.) For this, I will use iwlist and egrep. iwlist is used for listing all access points (APs) in range and egrep is grep’s big brother with more regex support. We use them in combination to produce output that is more useful (for our purposes) than if we simply used iwlist. We run iwlist as: iwlist <interface> scanning and then pipe it to egrep to parse out the ESSID (name of the AP) and the key (if it is encrypted). The final command looks something like this:

iwlist <interface> scanning | egrep “ESSID|key”

This will show us the ESSID and if it requires authentication or not.

Now that we have the information we need, let’s put it to good use. Ifconfig’s counterpart, iwconfig is for managing the wireless portion of your connection. The first thing we want to do is look at iwconfig and make sure the card is in the correct mode: managed. Type iwconfig and find your interface. If the mode is not managed, you will need to run:

iwconfig <interface> mode managed

Since this is for BackTrack2, we the card may have been put into passive mode by kismet or another wireless packet sniffer. Once we have the card correctly set, we need to tell it what we want to connect to. This requires the ESSID and the password if the network is encrypted. We run iwconfig as follows:

iwconfig <interface> essid <essid from before>

and for those of you with passwords

iwconfig <interface> essid <essid from before> key <hex password here>

After we do all this, we want to run iwconfig one more time to make sure that the Access Point was associated (we check this by seeing a MAC address rather than ‘Invalid’.)

Finally, after we have gotten all our wireless hooked up, we need to request an IP address. We use the following command

dhcpcd -nd <interface>

This has the dhcp client daemon request a new (-n) IP address (as well as other information) from the router for <interface>. The -d flag tells dhcpcd to be verbose. We will see our own MAC address printed and upon success we will see the IP address assigned to our machine.

About samurai

I like computers... A lot. So I tend to spend a lot of time doing varied things with them. Often you'll find me playing with Python or PHP, fighting with operating systems, ranting about some off-the-wall concept, or preparing for zombies.
This entry was posted in SamuraiNet Archive and tagged , , , , . Bookmark the permalink.

2 Responses to BackTrack2 Wireless

  1. Stuart Jones says:

    Man, I hate working with wireless networks on linux. I spent like, an hour getting the ndiswrapper working with my new linux install. Damn Broadcom wifi cards not making linux drivers…

  2. Jon Butler says:

    Nice post samurai!

    @Stuart Jones – I assume you checked out the new b43 drivers? They even support injection! What a jump! From no support to packet injection, it supports quite a few of the broadcom chipsets. You can find yours with:

    lspci -nn | grep Broadcom

    Should be the last 4 digits in the square brackets.

Leave a Reply

Your email address will not be published. Required fields are marked *