chercloud7
2014-09-30, 16:15
Hey everyone,
I'm running Kali 32-bit in Virtualbox updated Friday with the latest upgrades/dist-upgrades (have also tested in a booted OS). I have two Proxim 8494 and one Ubiquiti SR71 usb adapters and I'm getting similar results with all three units.
The cards will go into monitor mode and can be used for packet injection, but they aren't running in promiscuous mode. In other words, they are dropping frames not intended for them [for example EAPOL and Probe Response frames]. These cards have worked for me in the past (maybe 6-12 months ago) in a stock configuration so I'm wondering if there isn't a "feature" in one of the newer dist-upgrades that needs to be turned on to get the cards in promiscuous mode?
This artile:
http://www.aircrack-ng.org/doku.php?id=install_drivers#linux
...talks about using mac80211 drivers instead of ieee80211 drivers, but this isn't something I've had to change before so I'm not excited to dive into that task as I'm not very fluent in Linux.
Am I missing something obvious?
root@kali-VM:~# lspci
00:00.0 Host bridge: Intel Corporation 440FX - 82441FX PMC [Natoma] (rev 02)
00:01.0 ISA bridge: Intel Corporation 82371SB PIIX3 ISA [Natoma/Triton II]
00:01.1 IDE interface: Intel Corporation 82371AB/EB/MB PIIX4 IDE (rev 01)
00:02.0 VGA compatible controller: InnoTek Systemberatung GmbH VirtualBox Graphics Adapter
00:03.0 Ethernet controller: Advanced Micro Devices [AMD] 79c970 [PCnet32 LANCE] (rev 40)
00:04.0 System peripheral: InnoTek Systemberatung GmbH VirtualBox Guest Service
00:05.0 Multimedia audio controller: Intel Corporation 82801AA AC'97 Audio Controller (rev 01)
00:06.0 USB controller: Apple Inc. KeyLargo/Intrepid USB
00:07.0 Bridge: Intel Corporation 82371AB/EB/MB PIIX4 ACPI (rev 08)
00:0b.0 USB controller: Intel Corporation 82801FB/FBM/FR/FW/FRW (ICH6 Family) USB2 EHCI Controller
root@kali-VM:~# iwconfig
lo no wireless extensions.
mon0 IEEE 802.11abgn Mode:Monitor Frequency:2.412 GHz Tx-Power=20 dBm
Retry short limit:7 RTS thr:off Fragment thr:off
Power Management:off
eth0 no wireless extensions.
wlan1 IEEE 802.11abgn ESSID:off/any
Mode:Managed Access Point: Not-Associated Tx-Power=20 dBm
Retry short limit:7 RTS thr:off Fragment thr:off
Encryption key:off
Power Management:off
root@kali-VM:~# ifconfig
eth0 Link encap:Ethernet HWaddr 08:00:27:d9:d3:ee
inet addr:10.0.2.15 Bcast:10.0.2.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fed9:d3ee/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:3 errors:0 dropped:0 overruns:0 frame:0
TX packets:29 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1240 (1.2 KiB) TX bytes:2486 (2.4 KiB)
Interrupt:19 Base address:0xd020
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:12 errors:0 dropped:0 overruns:0 frame:0
TX packets:12 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:720 (720.0 B) TX bytes:720 (720.0 B)
mon0 Link encap:UNSPEC HWaddr 00-20-A6-CA-58-B9-00-00-00-00-00-00-00-00-00-00
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:7106 errors:0 dropped:7106 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1203695 (1.1 MiB) TX bytes:0 (0.0 B)
root@kali-VM:~# lsusb
Bus 001 Device 002: ID 1435:0804 Wistron NeWeb AR9170+AR9104 802.11abgn Wireless Adapter
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 002 Device 002: ID 80ee:0021 VirtualBox USB Tablet
Bus 002 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
root@kali-VM:~# dmesg
...
[ 1.512128] tsc: Refined TSC clocksource calibration: 2272.442 MHz
[ 1.536143] usb 1-1: new high-speed USB device number 2 using ehci-pci
[ 1.956437] usb 1-1: New USB device found, idVendor=1435, idProduct=0804
[ 1.956443] usb 1-1: New USB device strings: Mfr=16, Product=32, SerialNumber=48
[ 1.956446] usb 1-1: Product: ORiNOCO 802.11n USB
[ 1.956449] usb 1-1: Manufacturer: Proxim
[ 1.956452] usb 1-1: SerialNumber: 12345
[ 2.201214] usb 2-1: new full-speed USB device number 2 using ohci-pci
[ 2.461181] usb 2-1: New USB device found, idVendor=80ee, idProduct=0021
[ 2.461187] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0
[ 2.461190] usb 2-1: Product: USB Tablet
[ 2.461193] usb 2-1: Manufacturer: VirtualBox
[ 2.467043] hidraw: raw HID events driver (C) Jiri Kosina
[ 2.475285] usbcore: registered new interface driver usbhid
[ 2.475289] usbhid: USB HID core driver
...
[ 4.120949] platform microcode: firmware: direct-loading firmware intel-ucode/06-3a-09
[ 4.120970] microcode: CPU0 sig=0x306a9, pf=0x2, revision=0x19
[ 4.120980] microcode: CPU0 update to revision 0x1b failed
[ 4.121303] platform microcode: firmware: direct-loading firmware intel-ucode/06-3a-09
[ 4.121396] microcode: CPU1 sig=0x306a9, pf=0x2, revision=0x19
[ 4.121407] microcode: CPU1 update to revision 0x1b failed
...
[ 4.765885] [drm] Initialized drm 1.1.0 20060810
[ 4.788841] [drm] Supports vblank timestamp caching Rev 2 (21.10.2013).
[ 4.788846] [drm] No driver support for vblank timestamp query.
[ 4.788849] [drm] Initialized vboxvideo 1.0.0 20090303 for 0000:00:02.0 on minor 0
[ 4.798894] piix4_smbus 0000:00:07.0: SMBus base address uninitialized - upgrade BIOS or use force_addr=0xaddr
[ 4.826064] ACPI: AC Adapter [AC] (on-line)
...
[ 4.859679] input: Unspecified device as /devices/pci0000:00/0000:00:04.0/input/input5
[ 4.861002] vboxguest: major 0, IRQ 20, I/O port d040, MMIO at 00000000f0400000 (size 0x400000)
[ 4.861008] vboxguest: Successfully loaded version 4.3.12 (interface 0x00010004)
[ 4.872293] parport_pc 00:03: reported by Plug and Play ACPI
[ 4.966528] intel_rapl: domain package energy ctr 0:0 not working, skip
[ 5.091384] intel_rapl: domain core energy ctr 0:0 not working, skip
[ 5.092958] cfg80211: Calling CRDA to update world regulatory domain
[ 5.116517] input: ImExPS/2 Generic Explorer Mouse as /devices/platform/i8042/serio1/input/input6
[ 5.187745] cfg80211: World regulatory domain updated:
[ 5.187753] cfg80211: DFS Master region: unset
[ 5.187755] cfg80211: (start_freq - end_freq @ bandwidth), (max_antenna_gain, max_eirp)
[ 5.187759] cfg80211: (2402000 KHz - 2472000 KHz @ 40000 KHz), (N/A, 2000 mBm)
[ 5.187762] cfg80211: (2457000 KHz - 2482000 KHz @ 40000 KHz), (N/A, 2000 mBm)
[ 5.187764] cfg80211: (2474000 KHz - 2494000 KHz @ 20000 KHz), (N/A, 2000 mBm)
[ 5.187767] cfg80211: (5170000 KHz - 5250000 KHz @ 80000 KHz), (N/A, 2000 mBm)
[ 5.187769] cfg80211: (5735000 KHz - 5835000 KHz @ 80000 KHz), (N/A, 2000 mBm)
[ 5.187772] cfg80211: (57240000 KHz - 63720000 KHz @ 2160000 KHz), (N/A, 0 mBm)
[ 5.366483] intel_rapl: domain uncore energy ctr 0:0 not working, skip
[ 5.366645] intel_rapl: no valid rapl domains found in package 0
[ 5.480149] usb 1-1: reset high-speed USB device number 2 using ehci-pci
[ 5.480195] intel8x0_measure_ac97_clock: measured 58023 usecs (9876 samples)
[ 5.480199] intel8x0: measured clock 170208 rejected
[ 5.760942] intel_rapl: domain package energy ctr 0:0 not working, skip
[ 5.843199] intel8x0_measure_ac97_clock: measured 58931 usecs (7200 samples)
[ 5.843204] intel8x0: measured clock 122176 rejected
[ 5.920226] intel_rapl: domain core energy ctr 0:0 not working, skip
[ 6.058595] intel_rapl: domain uncore energy ctr 0:0 not working, skip
[ 6.058643] intel_rapl: no valid rapl domains found in package 0
[ 6.200371] intel8x0_measure_ac97_clock: measured 56017 usecs (7200 samples)
[ 6.200376] intel8x0: measured clock 128532 rejected
[ 6.200379] intel8x0: clocking to 48000
[ 6.203105] usbcore: registered new interface driver carl9170
[ 6.205019] usb 1-1: firmware: direct-loading firmware carl9170-1.fw
[ 6.205055] usb 1-1: driver API: 1.9.7 2012-12-15 [1-1]
[ 6.205062] usb 1-1: firmware API: 1.9.6 2012-07-07
[ 6.635009] ath: EEPROM regdomain: 0x20
[ 6.635014] ath: EEPROM indicates we should expect a direct regpair map
[ 6.635017] ath: Country alpha2 being used: 00
[ 6.635020] ath: Regpair used: 0x20
[ 6.642691] ieee80211 phy0: Selected rate control algorithm 'minstrel_ht'
[ 6.646091] usb 1-1: Atheros AR9170 is registered as 'phy0'
[ 7.869192] floppy0: no floppy controllers found
[ 7.869231] work still pending
[ 7.917138] random: nonblocking pool is initialized
[ 8.307263] Adding 901116k swap on /dev/sda5. Priority:-1 extents:1 across:901116k
[ 8.328747] EXT4-fs (sda1): re-mounted. Opts: (null)
[ 8.420663] EXT4-fs (sda1): re-mounted. Opts: errors=remount-ro
[ 8.587969] loop: module loaded
[ 10.059085] pcnet32 0000:00:03.0 eth0: link up, 100Mbps, full-duplex
[ 10.550943] vboxsf: Successfully loaded version 4.3.12 (interface 0x00010004)
[ 11.351750] Netfilter messages via NETLINK v0.30.
[ 12.023657] IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready
I'm running Kali 32-bit in Virtualbox updated Friday with the latest upgrades/dist-upgrades (have also tested in a booted OS). I have two Proxim 8494 and one Ubiquiti SR71 usb adapters and I'm getting similar results with all three units.
The cards will go into monitor mode and can be used for packet injection, but they aren't running in promiscuous mode. In other words, they are dropping frames not intended for them [for example EAPOL and Probe Response frames]. These cards have worked for me in the past (maybe 6-12 months ago) in a stock configuration so I'm wondering if there isn't a "feature" in one of the newer dist-upgrades that needs to be turned on to get the cards in promiscuous mode?
This artile:
http://www.aircrack-ng.org/doku.php?id=install_drivers#linux
...talks about using mac80211 drivers instead of ieee80211 drivers, but this isn't something I've had to change before so I'm not excited to dive into that task as I'm not very fluent in Linux.
Am I missing something obvious?
root@kali-VM:~# lspci
00:00.0 Host bridge: Intel Corporation 440FX - 82441FX PMC [Natoma] (rev 02)
00:01.0 ISA bridge: Intel Corporation 82371SB PIIX3 ISA [Natoma/Triton II]
00:01.1 IDE interface: Intel Corporation 82371AB/EB/MB PIIX4 IDE (rev 01)
00:02.0 VGA compatible controller: InnoTek Systemberatung GmbH VirtualBox Graphics Adapter
00:03.0 Ethernet controller: Advanced Micro Devices [AMD] 79c970 [PCnet32 LANCE] (rev 40)
00:04.0 System peripheral: InnoTek Systemberatung GmbH VirtualBox Guest Service
00:05.0 Multimedia audio controller: Intel Corporation 82801AA AC'97 Audio Controller (rev 01)
00:06.0 USB controller: Apple Inc. KeyLargo/Intrepid USB
00:07.0 Bridge: Intel Corporation 82371AB/EB/MB PIIX4 ACPI (rev 08)
00:0b.0 USB controller: Intel Corporation 82801FB/FBM/FR/FW/FRW (ICH6 Family) USB2 EHCI Controller
root@kali-VM:~# iwconfig
lo no wireless extensions.
mon0 IEEE 802.11abgn Mode:Monitor Frequency:2.412 GHz Tx-Power=20 dBm
Retry short limit:7 RTS thr:off Fragment thr:off
Power Management:off
eth0 no wireless extensions.
wlan1 IEEE 802.11abgn ESSID:off/any
Mode:Managed Access Point: Not-Associated Tx-Power=20 dBm
Retry short limit:7 RTS thr:off Fragment thr:off
Encryption key:off
Power Management:off
root@kali-VM:~# ifconfig
eth0 Link encap:Ethernet HWaddr 08:00:27:d9:d3:ee
inet addr:10.0.2.15 Bcast:10.0.2.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fed9:d3ee/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:3 errors:0 dropped:0 overruns:0 frame:0
TX packets:29 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1240 (1.2 KiB) TX bytes:2486 (2.4 KiB)
Interrupt:19 Base address:0xd020
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:12 errors:0 dropped:0 overruns:0 frame:0
TX packets:12 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:720 (720.0 B) TX bytes:720 (720.0 B)
mon0 Link encap:UNSPEC HWaddr 00-20-A6-CA-58-B9-00-00-00-00-00-00-00-00-00-00
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:7106 errors:0 dropped:7106 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1203695 (1.1 MiB) TX bytes:0 (0.0 B)
root@kali-VM:~# lsusb
Bus 001 Device 002: ID 1435:0804 Wistron NeWeb AR9170+AR9104 802.11abgn Wireless Adapter
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 002 Device 002: ID 80ee:0021 VirtualBox USB Tablet
Bus 002 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
root@kali-VM:~# dmesg
...
[ 1.512128] tsc: Refined TSC clocksource calibration: 2272.442 MHz
[ 1.536143] usb 1-1: new high-speed USB device number 2 using ehci-pci
[ 1.956437] usb 1-1: New USB device found, idVendor=1435, idProduct=0804
[ 1.956443] usb 1-1: New USB device strings: Mfr=16, Product=32, SerialNumber=48
[ 1.956446] usb 1-1: Product: ORiNOCO 802.11n USB
[ 1.956449] usb 1-1: Manufacturer: Proxim
[ 1.956452] usb 1-1: SerialNumber: 12345
[ 2.201214] usb 2-1: new full-speed USB device number 2 using ohci-pci
[ 2.461181] usb 2-1: New USB device found, idVendor=80ee, idProduct=0021
[ 2.461187] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0
[ 2.461190] usb 2-1: Product: USB Tablet
[ 2.461193] usb 2-1: Manufacturer: VirtualBox
[ 2.467043] hidraw: raw HID events driver (C) Jiri Kosina
[ 2.475285] usbcore: registered new interface driver usbhid
[ 2.475289] usbhid: USB HID core driver
...
[ 4.120949] platform microcode: firmware: direct-loading firmware intel-ucode/06-3a-09
[ 4.120970] microcode: CPU0 sig=0x306a9, pf=0x2, revision=0x19
[ 4.120980] microcode: CPU0 update to revision 0x1b failed
[ 4.121303] platform microcode: firmware: direct-loading firmware intel-ucode/06-3a-09
[ 4.121396] microcode: CPU1 sig=0x306a9, pf=0x2, revision=0x19
[ 4.121407] microcode: CPU1 update to revision 0x1b failed
...
[ 4.765885] [drm] Initialized drm 1.1.0 20060810
[ 4.788841] [drm] Supports vblank timestamp caching Rev 2 (21.10.2013).
[ 4.788846] [drm] No driver support for vblank timestamp query.
[ 4.788849] [drm] Initialized vboxvideo 1.0.0 20090303 for 0000:00:02.0 on minor 0
[ 4.798894] piix4_smbus 0000:00:07.0: SMBus base address uninitialized - upgrade BIOS or use force_addr=0xaddr
[ 4.826064] ACPI: AC Adapter [AC] (on-line)
...
[ 4.859679] input: Unspecified device as /devices/pci0000:00/0000:00:04.0/input/input5
[ 4.861002] vboxguest: major 0, IRQ 20, I/O port d040, MMIO at 00000000f0400000 (size 0x400000)
[ 4.861008] vboxguest: Successfully loaded version 4.3.12 (interface 0x00010004)
[ 4.872293] parport_pc 00:03: reported by Plug and Play ACPI
[ 4.966528] intel_rapl: domain package energy ctr 0:0 not working, skip
[ 5.091384] intel_rapl: domain core energy ctr 0:0 not working, skip
[ 5.092958] cfg80211: Calling CRDA to update world regulatory domain
[ 5.116517] input: ImExPS/2 Generic Explorer Mouse as /devices/platform/i8042/serio1/input/input6
[ 5.187745] cfg80211: World regulatory domain updated:
[ 5.187753] cfg80211: DFS Master region: unset
[ 5.187755] cfg80211: (start_freq - end_freq @ bandwidth), (max_antenna_gain, max_eirp)
[ 5.187759] cfg80211: (2402000 KHz - 2472000 KHz @ 40000 KHz), (N/A, 2000 mBm)
[ 5.187762] cfg80211: (2457000 KHz - 2482000 KHz @ 40000 KHz), (N/A, 2000 mBm)
[ 5.187764] cfg80211: (2474000 KHz - 2494000 KHz @ 20000 KHz), (N/A, 2000 mBm)
[ 5.187767] cfg80211: (5170000 KHz - 5250000 KHz @ 80000 KHz), (N/A, 2000 mBm)
[ 5.187769] cfg80211: (5735000 KHz - 5835000 KHz @ 80000 KHz), (N/A, 2000 mBm)
[ 5.187772] cfg80211: (57240000 KHz - 63720000 KHz @ 2160000 KHz), (N/A, 0 mBm)
[ 5.366483] intel_rapl: domain uncore energy ctr 0:0 not working, skip
[ 5.366645] intel_rapl: no valid rapl domains found in package 0
[ 5.480149] usb 1-1: reset high-speed USB device number 2 using ehci-pci
[ 5.480195] intel8x0_measure_ac97_clock: measured 58023 usecs (9876 samples)
[ 5.480199] intel8x0: measured clock 170208 rejected
[ 5.760942] intel_rapl: domain package energy ctr 0:0 not working, skip
[ 5.843199] intel8x0_measure_ac97_clock: measured 58931 usecs (7200 samples)
[ 5.843204] intel8x0: measured clock 122176 rejected
[ 5.920226] intel_rapl: domain core energy ctr 0:0 not working, skip
[ 6.058595] intel_rapl: domain uncore energy ctr 0:0 not working, skip
[ 6.058643] intel_rapl: no valid rapl domains found in package 0
[ 6.200371] intel8x0_measure_ac97_clock: measured 56017 usecs (7200 samples)
[ 6.200376] intel8x0: measured clock 128532 rejected
[ 6.200379] intel8x0: clocking to 48000
[ 6.203105] usbcore: registered new interface driver carl9170
[ 6.205019] usb 1-1: firmware: direct-loading firmware carl9170-1.fw
[ 6.205055] usb 1-1: driver API: 1.9.7 2012-12-15 [1-1]
[ 6.205062] usb 1-1: firmware API: 1.9.6 2012-07-07
[ 6.635009] ath: EEPROM regdomain: 0x20
[ 6.635014] ath: EEPROM indicates we should expect a direct regpair map
[ 6.635017] ath: Country alpha2 being used: 00
[ 6.635020] ath: Regpair used: 0x20
[ 6.642691] ieee80211 phy0: Selected rate control algorithm 'minstrel_ht'
[ 6.646091] usb 1-1: Atheros AR9170 is registered as 'phy0'
[ 7.869192] floppy0: no floppy controllers found
[ 7.869231] work still pending
[ 7.917138] random: nonblocking pool is initialized
[ 8.307263] Adding 901116k swap on /dev/sda5. Priority:-1 extents:1 across:901116k
[ 8.328747] EXT4-fs (sda1): re-mounted. Opts: (null)
[ 8.420663] EXT4-fs (sda1): re-mounted. Opts: errors=remount-ro
[ 8.587969] loop: module loaded
[ 10.059085] pcnet32 0000:00:03.0 eth0: link up, 100Mbps, full-duplex
[ 10.550943] vboxsf: Successfully loaded version 4.3.12 (interface 0x00010004)
[ 11.351750] Netfilter messages via NETLINK v0.30.
[ 12.023657] IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready