BackTrack 5 Wireless Penetration Testing Beginner's Guide

上QQ阅读APP看书，第一时间看更新

Time for action – packet injection

We will be using the aireplay-ng tool which is available in BackTrack for this exercise.

Follow these instructions carefully:

In order to do an injection test, first start Wireshark and the filter expression (wlan.bssid == 00:21:91:d2:8e:25) && !(wlan.fc.type_subtype == 0x08). This will ensure that we only see non-beacon packets for our lab network.
Now run the following command aireplay-ng -9 -e Wireless Lab -a 00:21:91:d2:8e:25 mon0 on a terminal:
Go back to Wireshark and you should see a lot of packets on the screen now. Some of these packets have been sent by aireplay-ng which we launched, and others are from the access point Wireless Lab in response to the injected packets:

What just happened?

We just successfully injected packets into our test lab network using aireplay-ng. It is important to note that our card injected these arbitrary packets into the network without actually being connected to the access point Wireless Lab.

Have a go hero – installing BackTrack on Virtual Box

We will look at packet injection in greater detail in later chapters; however, feel free to explore other options of the aireplay-ng tool to inject packets. You can verify that injection succeeded by using Wireshark to monitor the air.