09-18-2019, 11:30 PM
(09-18-2019, 10:41 PM)ZerBea Wrote: Looks like the interface wasn't set complete to monitor mode and / or packet injection isn't working like expected.
You can test packet injection running:
$ hcxpcaptool -i wlan1 --do_rcascan
-do_rcascan : show radio channel assignment (scan for target access points)
this can be used to test that ioctl() calls and packet injection is working
also it can be used to get information about the target
and to determine that the target is in range
use this mode to collect data for the filter list
run this mode at least for 2 minutes
If packet injection isn't working like expected, hcxdumptool will tell you this after 2 minutes otherwise you get an information how many access points are in attack range
Your command line isn't good. We are using a bitmask. That means you must add the values:
--enable_status=<digit> : enable real-time display (waterfall)
some messages are shown only once at the first occurrence
bitmask:
1: EAPOL
2: PROBEREQUEST/PROBERESPONSE
4: AUTHENTICATON
8: ASSOCIATION/REASSOCIATION
16: BEACON
That means if your real time display should print EAPOL and AUTHENTICATIONS, the correct value is 5 (1+4)
--enable_status=5
If you would like to see EAPOL and PROBEREQUEST/PROBERESPONSE the correct value is 3 (1+2)
--enable_status=3
To print EAPOL and PROBEREQUEST/PROBERESPONSE and AUTHENTICATON use 7 (1+2+4)
--enable_status=7
Obviously, packet injection does not work.
What may be happening. I have an Edimax AC600