10-25-2017, 08:40 AM
Thanks for the handholding, ZerBea and freeroute!
So I followed the instructions here and was able to run wlandump-ng on wlan0. I think I'm getting close to making it work but right now it seems it doesn't hop to diff channels (it pretty much is stuck on channel 4, which I specified w/ '-c 4'). My understanding has been that wlandump-ng will automatically hop to another channel after 60s. Isn't that the case?
interface................................: wlan0
internal pcap errors/maximal pcap errors.: 0/0
interface channel/hop timer..............: 04/60
private-mac (oui/nic)....................: 1000006f7656
deauthentication/disassociation count....: 100/10
current/maximum ringbuffer entries.......: 9/512
proberequests/proberesponses.............: 61/31
associationrequests/reassociationrequests: 0/0
transmitted m1/received appropriate m2...: 0/0
received regular m1/m2/m3/m4.............: 0/0/0/0
mac_ap hs xe essid (countdown until next deauthentication/disassociation)
-------------------------------------------------------------------------------
000fe29538e1 00 00 @city (41/10)
000fe29538e4 00 00 !MoDuWiFi (37/10)
000fe29538e0 00 00 ChinaNet (44/10)
000fe29538e5 00 00 aWiFi (36/10)
00226c06a978 00 00 Crea2015_A978 (83/10)
cc81da38f1a8 00 00 @PHICOMM_A0 (100/10)
808917f1e454 00 00 5F (99/10)
So I followed the instructions here and was able to run wlandump-ng on wlan0. I think I'm getting close to making it work but right now it seems it doesn't hop to diff channels (it pretty much is stuck on channel 4, which I specified w/ '-c 4'). My understanding has been that wlandump-ng will automatically hop to another channel after 60s. Isn't that the case?
interface................................: wlan0
internal pcap errors/maximal pcap errors.: 0/0
interface channel/hop timer..............: 04/60
private-mac (oui/nic)....................: 1000006f7656
deauthentication/disassociation count....: 100/10
current/maximum ringbuffer entries.......: 9/512
proberequests/proberesponses.............: 61/31
associationrequests/reassociationrequests: 0/0
transmitted m1/received appropriate m2...: 0/0
received regular m1/m2/m3/m4.............: 0/0/0/0
mac_ap hs xe essid (countdown until next deauthentication/disassociation)
-------------------------------------------------------------------------------
000fe29538e1 00 00 @city (41/10)
000fe29538e4 00 00 !MoDuWiFi (37/10)
000fe29538e0 00 00 ChinaNet (44/10)
000fe29538e5 00 00 aWiFi (36/10)
00226c06a978 00 00 Crea2015_A978 (83/10)
cc81da38f1a8 00 00 @PHICOMM_A0 (100/10)
808917f1e454 00 00 5F (99/10)
(10-25-2017, 08:04 AM)ZerBea Wrote: windmaple: There are some major problems in your configuration:
1. do not use aircrack-ng tools or scripts in combination with hcxtools.
airmon-ng creates a virtual interface (monx) and leaves wlan0 managed!
2. do not use wlandump-ng/wlanresponse on virtual devices like monx
"I placed the wifi card into monitor mode but somehow wlandump doesn't like wlan0"
wlandump-ng/wlanresponse likes wlan0, but they don't like virtual devices!
3. as freeroute wrote, you must identify all services that takes access to your capture device and stop them (at least this 2):
sudo systemctl stop NetworkManager.service
sudo systemctl stop wpa_supplicant.service
4. as freeroute wrote, you must put the interface into monitor mode (where $WLANDEV is your device name)
sudo ip link set $WLANDEV down
sudo iw dev $WLANDEV set type monitor
sudo ip link set $WLANDEV up
sudo iw dev $WLANDEV info
5. if you got pcap read errors like this:
internal pcap errors.....................................: 12
there are more services that prevent wlandump-ng/wlanresponse to access the device - you must identify and stop them.
6. if you finished capturing do not forget to put the device back into managed mode
sudo ip link set $WLANDEV down
sudo iw dev $WLANDEV set type managed
sudo ip link set $WLANDEV up
sudo iw dev $WLANDEV info
7. and start the services - otherwise you will have no connectivity!
sudo systemctl start NetworkManager.service
sudo systemctl start wpa_supplicant.service
I prefer ip in combination with iw which is much more powerful than ifconfig (archlinux dropped support for deprecated ifconfig “net-tools” sometime back).
Read about the difference between both tools here:
https://www.tecmint.com/ifconfig-vs-ip-c...iguration/
https://p5r.uk/blog/2010/ifconfig-ip-comparison.html