Results 1 to 11 of 11

Thread: AR9170 wifi monitoring detects almost no data packets

  1. #1
    Join Date
    2016-Jan
    Posts
    2

    AR9170 wifi monitoring detects almost no data packets

    hey,
    when using airodump-ng to monitor packets I almost see no packet transfer with my usb cards in monitor mode.
    I have 2 internal wifi and 2 external atheros usb wifi cards to test.

    airodump -c 13 wlanX
    Card Beacons #Data
    internal Broadcom 1000 7159 (ok)
    internal Intel Wireless-N 1000 7443 (ok)
    USB TP-Link TL-WN821N V1 (AR9170) 1510 7 (bad)
    USB TP-Link TL-WN821N V2 (AR9170) 1574 8 (bad)

    However airodump detects lost packets between AP and Client of the AR9170 cards (the amount isn't equal to the broadcom's detected loss amount).

    What I've tested so far:
    - Tested in: Kali 1.1 (problem), Kali 2.0 (problem), Backtrack 5 R3 (everything works as it should)
    - wps handshake detecting: Kali - only detected by broadcom, Backtrack - all 3 cards detect handshake
    - Carl9170 drivers/firmware: Kali - 1.9.7/1.9.6, Backtrack - 1.9.4/1.9.4
    - Aircrack versions: Kali - 1.2, Backtrack - 1.1
    - Copied Aircrack from Backtrack to Kali: Same problem
    - Copied Carl9170 firmware (not the driver) from Backtrack to Kali: Same problem
    - Captured .cap file: almost empty with AR9170 cards
    - Occurs on each channel or AP
    - dmesg sometimes (less than once every 100 seconds) outputs for AR9170: invalid plcp cck rate (0). or frame tail is clipped.
    - no distance problems (1m away, 4m away, 10m away)
    - tested on two notebooks

    I'm not sure if this is a aircrack problem... any help would be good. Perhaps someone had the same problems.
    Last edited by Coldfinger; 2016-01-06 at 11:57.

  2. #2
    Join Date
    2013-Apr
    Location
    Kali forums
    Posts
    805
    You can check the aircrack forums for confirmation, but the latest version of aircrack (1.2 RC 3) has several bug fixes in it.

    I'd try updating Kali, and see if it resolves your problem. Have you done an injection test with aireplay-ng?

  3. #3
    Join Date
    2016-Jan
    Posts
    2
    Ok some more tests:
    - Everything works in BT5R3: monitoring, getting data packets, handshakes, injection out of the box
    - I found out that the missing data packets problem is not just Kali related. I have the same problem in Ubuntu 15 for example.
    - Injection test not successful in Kali (perhaps due to that problem...)
    - Kali updates don't solve the problem

    So I think I'll switch over to aircrack forums. Somehow it seems like not many people are using AR9170 chipset at all. I suspect that this is something new kernel/module/driver-based problem.

  4. #4
    Join Date
    2013-Apr
    Location
    Kali forums
    Posts
    805
    The only other thing I can think of is to check the output of dmesg or /var/log for anything weird.

  5. #5
    Join Date
    2016-Jan
    Posts
    1
    hi, im new to this distro, i have a similar problem, i use tl-821n v2. I can not get any client when i run airodump-ng, and im near my modem, and tried connecting, and disconecting my device with the correct password several times, i tought this model didnt support injection, but i see that the problem could be the drivers.

  6. #6
    Join Date
    2016-Feb
    Posts
    19
    Hello,

    I have the same problem too. No data packets....

    05:02.0 Ethernet controller: Qualcomm Atheros AR5413/AR5414 Wireless Network Adapter [AR5006X(S) 802.11abg] (rev 01)
    Subsystem: Ubiquiti Networks, Inc. XR2 802.11g Wireless Mini PCI Adapter
    Flags: bus master, medium devsel, latency 168, IRQ 18
    Memory at febf0000 (32-bit, non-prefetchable) [size=64K]
    Capabilities: [44] Power Management version 2
    Kernel driver in use: ath5k
    Kernel modules: ath5k

  7. #7
    Join Date
    2016-Feb
    Location
    Bangalore
    Posts
    114
    Please post the Error Log !!!
    of the non working devices
    hardware logs / Software mem dumps / error logs etc
    ################################################

    |
    /vvvvvvvvvvvv \-------------------------------------------------------------------------,,
    |^^^^^^^^ /===================================--""

    ################################################
    ----------The quieter you become,The more you will able to hear-----------
    ################################################
    Venkatesh L Sharma https://twitter.com/1337in

  8. #8
    Join Date
    2016-Feb
    Posts
    19
    dmesg:
    10.257774] ath5k: phy0: Atheros AR5414 chip found (MAC: 0xa5, PHY: 0x61)
    [ 10.261431] cfg80211: Regulatory domain changed to country: US
    [ 10.261436] cfg80211: DFS Master region: FCC
    [ 10.261438] cfg80211: (start_freq - end_freq @ bandwidth), (max_antenna_gain, max_eirp), (dfs_cac_time)
    [ 10.261441] cfg80211: (2402000 KHz - 2472000 KHz @ 40000 KHz), (N/A, 3000 mBm), (N/A)
    [ 10.261444] cfg80211: (5170000 KHz - 5250000 KHz @ 80000 KHz, 160000 KHz AUTO), (N/A, 1700 mBm), (N/A)
    [ 10.261447] cfg80211: (5250000 KHz - 5330000 KHz @ 80000 KHz, 160000 KHz AUTO), (N/A, 2300 mBm), (0 s)
    [ 10.261450] cfg80211: (5490000 KHz - 5730000 KHz @ 160000 KHz), (N/A, 2300 mBm), (0 s)
    [ 10.261452] cfg80211: (5735000 KHz - 5835000 KHz @ 80000 KHz), (N/A, 3000 mBm), (N/A)

    root@freeroute:~# lspci -v
    05:02.0 Ethernet controller: Qualcomm Atheros AR5413/AR5414 Wireless Network Adapter [AR5006X(S) 802.11abg] (rev 01)
    Subsystem: Ubiquiti Networks, Inc. XR2 802.11g Wireless Mini PCI Adapter
    Flags: bus master, medium devsel, latency 168, IRQ 18
    Memory at febf0000 (32-bit, non-prefetchable) [size=64K]
    Capabilities: [44] Power Management version 2
    Kernel driver in use: ath5k
    Kernel modules: ath5k

    root@freeroute:~# iwconfig
    wlan0 IEEE 802.11bg ESSIDff/any
    Mode:Managed Access Point: Not-Associated Tx-Power=30 dBm
    Retry short limit:7 RTS thrff Fragment thrff
    Encryption keyff
    Power Managementff

    lo no wireless extensions.

    eth0 no wireless extensions.

    root@freeroute:~# rfkill list
    0: phy0: Wireless LAN
    Soft blocked: no
    Hard blocked: no
    root@freeroute:~# airmon-ng --debug start wlan0


    /bin/sh -> /bin/dash

    SHELL is GNU bash, version 4.3.42(1)-release (i586-pc-linux-gnu)
    Copyright (C) 2013 Free Software Foundation, Inc.
    License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>

    This is free software; you are free to change and redistribute it.
    There is NO WARRANTY, to the extent permitted by law.

    No LSB modules are available.
    Distributor ID: Kali
    Description: Kali GNU/Linux Rolling
    Release: kali-rolling
    Codename: kali-rolling

    Linux freeroute 4.3.0-kali1-686-pae #1 SMP Debian 4.3.5-1kali1 (2016-02-11) i686 GNU/Linux

    K indicates driver is from 4.3.0-kali1-686-pae
    V indicates driver comes directly from the vendor, almost certainly a bad thing
    S indicates driver comes from the staging tree, these drivers are meant for reference not actual use, BEWARE
    ? indicates we do not know where the driver comes from... report this


    X[PHY]Interface Driver[Stack]-FirmwareRev Chipset Extended Info

    getStack mac80211
    getdriver() ath5k
    getchipset() Qualcomm Atheros AR5413/AR5414 Wireless Network Adapter [AR5006X(S) 802.11abg] (rev 01)
    BUS = pci
    BUSINFO =
    DEVICEID = 0x168c:0x001b
    getFrom() K
    getFirmware N/A
    K[phy0]wlan0 ath5k[mac80211]-N/A Qualcomm Atheros AR5413/AR5414 Wireless Network Adapter [AR5006X(S) 802.11abg] (rev 01)

    (mac80211 monitor mode vif enabled for [phy0]wlan0 on [phy0]wlan0mon)
    (mac80211 station mode vif disabled for [phy0]wlan0)



    r

  9. #9
    Join Date
    2016-Feb
    Posts
    19
    And airodump-ng stat:

    root@freeroute:~# airodump-ng wlan0mon
    CH 3 ][ Elapsed: 2 mins ][ 2016-02-25 17:18

    BSSID PWR Beacons #Data, #/s CH MB ENC CIPHER AUTH ESSID

    4C:5E:0C0:51:75 -53 155 0 0 1 54e. WPA2 CCMP PSK freeroute
    4E:5E:0C0:51:75 -54 154 0 0 1 54e. WPA2 CCMP PSK freeroute_VAP
    10:FE:ED:CD:8E:72 -71 429 0 0 6 54e. WPA2 CCMP PSK lamihalynet
    78:54:2E:53:1D:2E -73 141 0 0 11 54e WPA2 CCMP PSK aletta
    C0:4A:00:4A:67:58 -84 240 0 0 4 54e. WPA2 CCMP PSK TP-LINK_4A6758
    64:66:B3:FB:F2:C6 -92 85 0 0 1 54e. WPA2 CCMP PSK Nitta0311
    10:FE:ED:85:86:E2 -96 26 0 0 1 54e. WEP WEP TP-LINK-001
    90:17:AC:E9:17:9C -97 24 0 0 11 54e WPA2 CCMP PSK T-home

    BSSID STATION PWR Rate Lost Frames Probe

    (not associated) 98:3B:16:A8:FA:9D -87 0 - 1 33 74 lamihalynet
    (not associated) C4:62:EA:83:1E:E3 -81 0 - 1 0 4
    (not associated) 24:00:BA:E7:34:1D -95 0 - 1 0 1 virag
    (not associated) C0:9F:42:8D:63:62 -66 0 - 1 0 1
    (not associated) 5C:F8:A1:AA:9D:CD -93 0 - 1 0 7 TP-LINK_77BADA

  10. #10
    Join Date
    2016-Feb
    Posts
    19
    The full log here: http://pastebin.com/cC0ZDtCT

  11. #11
    Join Date
    2016-Aug
    Posts
    2
    I've found the exact same issue. I test my internal Intel card and see 1000's of data packets on an OPN network. With my Atheros cards, (ALPHA, TP-LINK, etc...) I see almost no data. This wasn't the case in previous builds, but I can't seem to get quality data capture on Kali 2.0, Kali 2016.1. Something has gone wrong in the drivers for Atheros IMO. Have any of you found a resolution? Thanks.

Similar Threads

  1. Raspberry pi monitor mode does not show data packets
    By Shellhopper in forum ARM Archive
    Replies: 0
    Last Post: 2020-11-04, 19:20
  2. Raspberry pi 3b+ Wifi monitoring chipset.
    By sk_Azo in forum ARM Archive
    Replies: 2
    Last Post: 2018-09-26, 18:41
  3. Replies: 1
    Last Post: 2017-06-15, 11:45
  4. airodump-ng is not getting data packets.
    By Fetalerror in forum General Archive
    Replies: 2
    Last Post: 2015-10-11, 18:00

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •