Results 1 to 1 of 1

Thread: Packet injection on 5 GHz non-DFS channels strange behaviour

  1. #1
    Join Date
    2015-Aug
    Posts
    2

    Unhappy Packet injection on 5 GHz non-DFS channels strange behaviour

    Hello everyone, I've recently bought a AVM FRITZ WLAN N v2 [RT5572] which is dual-band and I was interested in performing some tests on the 5 GHz spectrum.
    The wifi uses the rt2800usb which supports packet injection (or it should).

    • I downloaded a fresh Kali iso 2016.2 64 bit iso and powered it up on a VMWare Fusion VM.
    • I connected the wifi which is recognised by Kali and rt2800usb is loaded.
    • I put the card in monitor mode (killing everything that was interfering)
    • The card goes into monitor mode for both 2.4 GHz and 5 GHz channels and I can see traffic on all channels
    • I tried the injection test with aireplay-ng and it works on the 2.4 GHz but on the 5 GHz it says it doesn't see APs
    • I tried Python + scapy to see if I could generate (for example) deauth packets using this script https://github.com/catalyst256/MyJun...capy-deauth.py and I used wireshark on the attacker and victim machine to see what was going on, here the results:
      • On the 2.4 GHz, on the attacker machine, I see 2 packets being generated and the victim receives 1 packet
      • On the 5 GHz, on non-DFS channels (e.g. 44), on the attacker machine, I see 2 packets being generated and the victim receives 1 packet
      • On the 5 GHz, on DFS channels (e.g. 56), on the attacker machine, I see 1 packet being generated and the victim receives 0 packet


    What do you think is going on here?
    Might aireplay have a bug?
    Is there a difference between DFS and non-DFS channels on the 5 GHz spectrum that justify this behavior?
    I'm quite confused

    Update:
    I tried to perform some more tests by changing the region of my card.
    I selected a region that has non-DFS channels set as DFS channels and the result is that I cannot send deauth packets.
    I guess this has something to do with the driver, when the regulatory database specifies that a certain channel is DFS, it "blocks" packet injection.
    Last edited by misterade; 2016-11-30 at 12:14.

Similar Threads

  1. PAcket Injection TLWN822N v4 Packet Injection ?
    By ksjk2165 in forum General Archive
    Replies: 0
    Last Post: 2021-03-14, 22:28
  2. Alfa Awus036H, strange behaviour and dropped connection
    By martyr in forum General Archive
    Replies: 6
    Last Post: 2015-05-18, 21:03

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •