Results 1 to 5 of 5

Thread: airbase-ng : Wifi card gets out from monitor mode unexpectedly

  1. #1
    Join Date
    2013-Mar
    Posts
    7

    Angry airbase-ng : Wifi card gets out from monitor mode unexpectedly

    Hello everyone,
    I desperately try to run the tool "airbase-ng" correctly ...

    I use the last arm image of kali (update and upgrade):
    Code:
    Linux kali 4.0.9 #1 PREEMPT Thu Jan 28 21:18:26 CST 2016 armv6l GNU/Linux
    I also use a AWUS036H as wifi card:
    Code:
    PHY     Interface       Driver          Chipset
    
    phy0   wlan0           rtl8187         Realtek Semiconductor Corp. RTL8187
    When I create my AP with airbase-ng, everything seems to be fine:
    Code:
    root@kali:~# airbase-ng -e TEST wlan0mon
    16:14:23  Created tap interface at0
    16:14:23  Trying to set MTU on at0 to 1500
    16:14:23  Trying to set MTU on wlan0 to 1800
    16:14:23  Access Point with BSSID 00:C0:CA:4F:15:44 started.
    I can successfully connect to it:
    Code:
    16:15:11  Client XX:XX:XX:XX:XX:XX associated (unencrypted) to ESSID: "TEST"
    However, as soon as I try to create traffic with the connected device (with the good iptables rules and dhcp server), BOOM:
    Code:
    read failed: Network is down
    wi_read(): Network is down
    Error: Got channel -1, expected a value > 0.
    write failed: No such device or address
    wi_write(): No such device or address
    Error sending beacon!
    write failed: No such device or address
    wi_write(): No such device or address
    write failed: No such device or address
    wi_write(): No such device or address
    write failed: No such device or address
    wi_write(): No such device or address
    write failed: No such device or address
    wi_write(): No such device or address
    write failed: No such device or address
    wi_write(): No such device or address
    The wifi card seems to get out from monitor mode ...

    I have tried several things that I have found on the net:
    • Use a shorter USB cable
    • Use iwconfig instead of airmon-ng to set the card in monitor
    • Set the channel when I set the modinor


    Nothing to do, I still have this problem...
    You are my last hope

    Thans for your help!

  2. #2
    Join Date
    2015-Dec
    Posts
    8
    Have you tried :~# airmon-ng check ? It should list any possible interfering processes, which you would be best to kill first. Hope this helps, please let me know.

  3. #3
    Join Date
    2013-Jul
    Posts
    844
    To FOcks

    Although airmon-ng check kill is a solution it kills all processes thru NetworkManager(NM). There is another method:


    Read thru

    https://forums.kali.org/showthread.p...d-Not-Required

    If you are using Kali 2.0 the menus do not work in every case so just go to the:
    /etc/NetworkManager/system-connections folder and erase or temporarily remove all the ESSID text files in the folder.

    Now NM will sit quietly.

    Note NM can not only override your wifi device it will override any spoofed mac address you set thru macchanger in a terminal window. So if you are accessing the internet and want to spoof your mac use the clone mac address facility thru NM only.

    MTeams

  4. #4
    Join Date
    2013-Mar
    Posts
    7
    Thanks for your answers!

    Quote Originally Posted by alacazam View Post
    Have you tried :~# airmon-ng check ? It should list any possible interfering processes, which you would be best to kill first. Hope this helps, please let me know.
    I always use :
    Code:
    airmon-ng check kill
    Before set wifi card in monitor mode.

    Quote Originally Posted by mmusket33 View Post
    If you are using Kali 2.0 the menus do not work in every case so just go to the:
    /etc/NetworkManager/system-connections folder and erase or temporarily remove all the ESSID text files in the folder.
    I don't have anything in this directory :/ but I am pretty sure that NW is correctly killed.

    Thanks for your help!
    Last edited by F0cks; 2016-02-17 at 17:17.

  5. #5
    Join Date
    2013-Mar
    Posts
    7
    I will add more information.

    My DHCP server config is :
    Code:
    default-lease-time 600;
    max-lease-time 7200;
    subnet 192.168.2.0 netmask 255.255.255.0
    {
            option subnet-mask 255.255.255.0;
            option broadcast-address 192.168.2.255;
            option domain-name-servers 8.8.8.8;
            option routers 192.168.2.1;
            range 192.168.2.20 192.168.2.60;
    }
    subnet 192.168.1.0 netmask 255.255.255.0
    {
    }
    I start it with :
    Code:
    dhcpd -cf /etc/dhcp/dhcpd.conf
    But before, I set some rules to provide internet to the virtual AP (at0) from wired connexion (eth0) :
    Code:
    ifconfig at0 up
    ifconfig at0 192.168.2.1 netmask 255.255.255.0
    ifconfig at0 mtu 1500
    iptables --flush
    iptables --table nat --flush
    iptables --delete-chain
    iptables --table nat --delete-chain
    iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE
    iptables --append FORWARD -j ACCEPT --in-interface at0
    echo "1" > /proc/sys/net/ipv4/ip_forward
    The DCHP server get no error :
    Code:
    Internet Systems Consortium DHCP Server 4.3.3
    Copyright 2004-2015 Internet Systems Consortium.
    All rights reserved.
    For info, please visit https://www.isc.org/software/dhcp/
    Config file: /etc/dhcp/dhcpd.conf
    Database file: /var/lib/dhcp/dhcpd.leases
    PID file: /var/run/dhcpd.pid
    Wrote 3 leases to leases file.
    Listening on LPF/at0/00:c0:ca:4f:15:44/192.168.2.0/24
    Sending on   LPF/at0/00:c0:ca:4f:15:44/192.168.2.0/24
    Listening on LPF/eth0/b8:27:eb:10:48:bf/192.168.1.0/24
    Sending on   LPF/eth0/b8:27:eb:10:48:bf/192.168.1.0/24
    Sending on   Socket/fallback/fallback-net
    When my device connects to AP, the configuration is :
    Code:
    Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
    0.0.0.0         192.168.1.254   0.0.0.0         UG    0      0        0 eth0
    192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
    192.168.2.0     0.0.0.0         255.255.255.0   U     0      0        0 at0
    Is it possible that the problem comes from ARM version of airbase-ng?

Similar Threads

  1. Nexus 5 monitor mode without usb wifi card
    By Anarkad in forum NetHunter General Questions
    Replies: 3
    Last Post: 2016-09-03, 01:53
  2. How to use WiFi with internal card while USB is in monitor mode?
    By IRGeekSauce in forum TroubleShooting Archive
    Replies: 4
    Last Post: 2016-06-28, 17:50
  3. one wifi card. associate with AP and run airbase-ng
    By i8igmac in forum ARM Archive
    Replies: 0
    Last Post: 2014-08-31, 21:41

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •