Hello everyone,
I desperately try to run the tool "airbase-ng" correctly ...

I use the last arm image of kali (update and upgrade):

Linux kali 4.0.9 #1 PREEMPT Thu Jan 28 21:18:26 CST 2016 armv6l GNU/Linux

I also use a AWUS036H as wifi card:

PHY Interface Driver Chipset

phy0 wlan0 rtl8187 Realtek Semiconductor Corp. RTL8187

When I create my AP with airbase-ng, everything seems to be fine:

root@kali:~# airbase-ng -e TEST wlan0mon
16:14:23 Created tap interface at0
16:14:23 Trying to set MTU on at0 to 1500
16:14:23 Trying to set MTU on wlan0 to 1800
16:14:23 Access Point with BSSID 00:C0:CA:4F:15:44 started.

I can successfully connect to it:

16:15:11 Client XX:XX:XX:XX:XX:XX associated (unencrypted) to ESSID: "TEST"

However, as soon as I try to create traffic with the connected device (with the good iptables rules and dhcp server), BOOM:

read failed: Network is down
wi_read(): Network is down
Error: Got channel -1, expected a value > 0.
write failed: No such device or address
wi_write(): No such device or address
Error sending beacon!
write failed: No such device or address
wi_write(): No such device or address
write failed: No such device or address
wi_write(): No such device or address
write failed: No such device or address
wi_write(): No such device or address
write failed: No such device or address
wi_write(): No such device or address
write failed: No such device or address
wi_write(): No such device or address

The wifi card seems to get out from monitor mode ...

I have tried several things that I have found on the net:

Use a shorter USB cable
Use iwconfig instead of airmon-ng to set the card in monitor
Set the channel when I set the modinor


Nothing to do, I still have this problem...
You are my last hope :D

Thans for your help!

Have you tried :~# airmon-ng check ? It should list any possible interfering processes, which you would be best to kill first. Hope this helps, please let me know.

To FOcks

Although airmon-ng check kill is a solution it kills all processes thru NetworkManager(NM). There is another method:


Read thru

https://forums.kali.org/showthread.php?29594-Kali-2016-1-R-Airmon-ng-Check-Kill-Command-Not-Required

If you are using Kali 2.0 the menus do not work in every case so just go to the:
/etc/NetworkManager/system-connections folder and erase or temporarily remove all the ESSID text files in the folder.

Now NM will sit quietly.

Note NM can not only override your wifi device it will override any spoofed mac address you set thru macchanger in a terminal window. So if you are accessing the internet and want to spoof your mac use the clone mac address facility thru NM only.

MTeams

Thanks for your answers!


Have you tried :~# airmon-ng check ? It should list any possible interfering processes, which you would be best to kill first. Hope this helps, please let me know.
I always use :

airmon-ng check kill
Before set wifi card in monitor mode.



If you are using Kali 2.0 the menus do not work in every case so just go to the:
/etc/NetworkManager/system-connections folder and erase or temporarily remove all the ESSID text files in the folder.

I don't have anything in this directory :/ but I am pretty sure that NW is correctly killed.

Thanks for your help!

I will add more information.

My DHCP server config is :

default-lease-time 600;
max-lease-time 7200;
subnet 192.168.2.0 netmask 255.255.255.0
{
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.2.255;
option domain-name-servers 8.8.8.8;
option routers 192.168.2.1;
range 192.168.2.20 192.168.2.60;
}
subnet 192.168.1.0 netmask 255.255.255.0
{
}


I start it with :

dhcpd -cf /etc/dhcp/dhcpd.conf

But before, I set some rules to provide internet to the virtual AP (at0) from wired connexion (eth0) :

ifconfig at0 up
ifconfig at0 192.168.2.1 netmask 255.255.255.0
ifconfig at0 mtu 1500
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain
iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE
iptables --append FORWARD -j ACCEPT --in-interface at0
echo "1" > /proc/sys/net/ipv4/ip_forward

The DCHP server get no error :

Internet Systems Consortium DHCP Server 4.3.3
Copyright 2004-2015 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
Config file: /etc/dhcp/dhcpd.conf
Database file: /var/lib/dhcp/dhcpd.leases
PID file: /var/run/dhcpd.pid
Wrote 3 leases to leases file.
Listening on LPF/at0/00:c0:ca:4f:15:44/192.168.2.0/24
Sending on LPF/at0/00:c0:ca:4f:15:44/192.168.2.0/24
Listening on LPF/eth0/b8:27:eb:10:48:bf/192.168.1.0/24
Sending on LPF/eth0/b8:27:eb:10:48:bf/192.168.1.0/24
Sending on Socket/fallback/fallback-net


When my device connects to AP, the configuration is :

Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.1.254 0.0.0.0 UG 0 0 0 eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 at0

Is it possible that the problem comes from ARM version of airbase-ng?