Hi marcou3000.
There can be different reasons:
1) To much power consumption of an USB high gain adapter (for example AWUS036NH connected to an USP port of a Raspberry PI) - in that case reduce power output to 20dBm.
2) Runing hcxdumptool on a virtual interface like monX or wlanXmon
3) Interface isn't fully set into monitor mode
4) Not all services that take access to the device are stopped
5) Unsupported driver (Intel, Broadcom, some Atheros).
From the bug tracker, I noticed that most of the issues (nearly all of them) are related to K*A*L*I (btw, the same applies to hashcat). Only a few issues are related to UBUNTU or Debian (NetworkManager and/or wpa-supplicant active on the same physical interface like hcxdumptool). No issues related to the recommended operating system Arch Linux and the recommended drivers.
BTW:
you can check how the access to the physical interface works:
- set your interface to monitor mode (by iw and ip commands)
- run wireshark and capture traffic from that physical interface
- start hcxdumptool on that physical interface
Now you can notice that hcxdumptool disconnect wireshark from the physical interface.
That will not work if they are running on different virtual interfaces.
It's important to choose a network adapter with good driver support (stable, full monitor mode support incl. injection capabilities).
Read more here:
https://wireless.wiki.kernel.org/en/users/drivers
Do not trust in the technical VENDOR information. Sometimes they change the chipset (if you're lucky, they choose a different version number xxx.1 or rev. b).
aircrack-ng suite is much better to use by inexperienced users than hcxdumptool/hcxtools/hcxkeys. The suite supports more operating systems and more interface adapters and is easier to use (for example airmon-ng to set monitor mode). hcxdumptool/hcxtools/hcxkeys are analysis tools and parsing tools (next to the conversation, we also do some kind of pre-hashing) for hashcat and JtR. They are designed to discover weak points within the system (and they do this very well: PMKID attack vector, nonce-error-corection, ...).
There is a feature request to implement PMKID attack vector:
https://github.com/aircrack-ng/aircrack-ng/issues/1937
There is also a feature request to solve the zeroed timestamp issue:
https://github.com/aircrack-ng/aircrack-ng/issues/1958
So I'm sure, we find this features in the next aircrack-ng version.
There can be different reasons:
1) To much power consumption of an USB high gain adapter (for example AWUS036NH connected to an USP port of a Raspberry PI) - in that case reduce power output to 20dBm.
2) Runing hcxdumptool on a virtual interface like monX or wlanXmon
3) Interface isn't fully set into monitor mode
4) Not all services that take access to the device are stopped
5) Unsupported driver (Intel, Broadcom, some Atheros).
From the bug tracker, I noticed that most of the issues (nearly all of them) are related to K*A*L*I (btw, the same applies to hashcat). Only a few issues are related to UBUNTU or Debian (NetworkManager and/or wpa-supplicant active on the same physical interface like hcxdumptool). No issues related to the recommended operating system Arch Linux and the recommended drivers.
BTW:
you can check how the access to the physical interface works:
- set your interface to monitor mode (by iw and ip commands)
- run wireshark and capture traffic from that physical interface
- start hcxdumptool on that physical interface
Now you can notice that hcxdumptool disconnect wireshark from the physical interface.
That will not work if they are running on different virtual interfaces.
It's important to choose a network adapter with good driver support (stable, full monitor mode support incl. injection capabilities).
Read more here:
https://wireless.wiki.kernel.org/en/users/drivers
Do not trust in the technical VENDOR information. Sometimes they change the chipset (if you're lucky, they choose a different version number xxx.1 or rev. b).
aircrack-ng suite is much better to use by inexperienced users than hcxdumptool/hcxtools/hcxkeys. The suite supports more operating systems and more interface adapters and is easier to use (for example airmon-ng to set monitor mode). hcxdumptool/hcxtools/hcxkeys are analysis tools and parsing tools (next to the conversation, we also do some kind of pre-hashing) for hashcat and JtR. They are designed to discover weak points within the system (and they do this very well: PMKID attack vector, nonce-error-corection, ...).
There is a feature request to implement PMKID attack vector:
https://github.com/aircrack-ng/aircrack-ng/issues/1937
There is also a feature request to solve the zeroed timestamp issue:
https://github.com/aircrack-ng/aircrack-ng/issues/1958
So I'm sure, we find this features in the next aircrack-ng version.