Results 1 to 6 of 6

Thread: I cant seem to ever see clients in Airdump-ng or Kissmet

  1. #1

    I cant seem to ever see clients in Airdump-ng or Kissmet

    Hi.

    I have a Compaq Presario CQ60l aptop that Ive installed Kali on (no running from live). The built in wifi card appears to be: Qualcomm Atheros AR242x / AR542x Wireless Network Adapter (PCI-Express).

    I have tried to run airdump and kissmet and although it seems to tell me the card is in monitor mode, it never seems to find a client.

    Im testing on my home network which is PSK WPA2.

    Ive used other devices such as my mobile to log in and out of the wifi network numerous times, but I never seem to detect anything.

    I'm doing the following.

    airmon-ng
    airmon-ng check kill
    airmon-ng start wlan0
    airodump-ng wlan0mon

    Once it displays a list including my network I press CTR + C

    I copy my bssid and channel and do the following

    airodump-ng -c 4 --bssid [mybssid] -w /root/Desktop/ wlan0mon

    It then just sits there monitoring, but never detects a client bssid.

    Im probably doing something really stupid, but dont know what.

    Any help would be appreciated.

  2. #2
    Senior Member
    Join Date
    Apr 2013
    Location
    in a computer
    Posts
    551
    Looks like you are locking airodump-ng to channel 4...silly question, but is your access point operating on channel 4? I'd also be certain that your wireless device really is wlan0. My external wi-fi cards often jump between wlan1 & wlan2. Another thing to try is an injection test using aireplay-ng. The aircrack-ng suite works best when your wi-fi card is fully compatible: that is, it will go into monitor mode & do packet injection.

  3. #3
    Member
    Join Date
    Apr 2016
    Posts
    32
    Hey Rochdalemark,

    Please run "airmon-ng start wlan0" and post the results here.
    Last edited by Cryptic-F; 2016-04-20 at 05:17 PM.

  4. #4
    Junior Member
    Join Date
    Jan 2017
    Posts
    5

    similar problem

    hi guys, i've the similar problem, with one difference.. .. running airodumpo-ng on wlan0mon, i see all networks captable, but there is no one client...before upgrading was working fine... can you help me please?

    i show more :
    Code:
    cat /etc/*{release,version}
    DISTRIB_ID=Kali
    DISTRIB_RELEASE=kali-rolling
    DISTRIB_CODENAME=kali-rolling
    DISTRIB_DESCRIPTION="Kali GNU/Linux Rolling"
    PRETTY_NAME="Kali GNU/Linux Rolling"
    NAME="Kali GNU/Linux"
    ID=kali
    VERSION="2016.1"
    VERSION_ID="2016.1"
    ID_LIKE=debian
    ANSI_COLOR="1;31"
    HOME_URL="http://www.kali.org/"
    SUPPORT_URL="http://forums.kali.org/"
    BUG_REPORT_URL="http://bugs.kali.org/"
    Kali Linux Rolling
    cat: /etc/subversion:  una directory
    Code:
    lspci | grep Ather
    02:00.0 Ethernet controller: Qualcomm Atheros AR242x / AR542x Wireless Network Adapter (PCI-Express) (rev 01)
    Code:
    root@Asgard:~# dmesg | grep ath5k
    [   11.829852] ath5k 0000:02:00.0: can't disable ASPM; OS doesn't have ASPM control
    [   11.830029] ath5k 0000:02:00.0: registered as 'phy0'
    [   12.396437] ath5k: phy0: Atheros AR2425 chip found (MAC: 0xe2, PHY: 0x70)
    [  236.003411] ath5k: ath5k_hw_get_isr: ISR: 0x00000080 IMR: 0x00000000
    [15988.004967] ath5k: ath5k_hw_get_isr: ISR: 0x00000400 IMR: 0x00000000
    [23068.005332] ath5k: ath5k_hw_get_isr: ISR: 0x00000400 IMR: 0x00000000
    [24268.005022] ath5k: ath5k_hw_get_isr: ISR: 0x00000400 IMR: 0x00000000
    [26428.004913] ath5k: ath5k_hw_get_isr: ISR: 0x00000400 IMR: 0x00000000
    [26908.004633] ath5k: ath5k_hw_get_isr: ISR: 0x00000080 IMR: 0x00000000
    [31828.004523] ath5k: ath5k_hw_get_isr: ISR: 0x00000400 IMR: 0x00000000
    [32428.004737] ath5k: ath5k_hw_get_isr: ISR: 0x00000400 IMR: 0x00000000
    [35068.005301] ath5k: ath5k_hw_get_isr: ISR: 0x00000080 IMR: 0x00000000
    [36268.001901] ath5k: ath5k_hw_get_isr: ISR: 0x00000400 IMR: 0x00000000
    [36628.005114] ath5k: ath5k_hw_get_isr: ISR: 0x00000400 IMR: 0x00000000
    [36988.003952] ath5k: ath5k_hw_get_isr: ISR: 0x00000400 IMR: 0x00000000
    [38428.004650] ath5k: ath5k_hw_get_isr: ISR: 0x00000400 IMR: 0x00000000
    [41788.003324] ath5k: ath5k_hw_get_isr: ISR: 0x00000400 IMR: 0x00000000
    [42028.004905] ath5k: ath5k_hw_get_isr: ISR: 0x00000400 IMR: 0x00000000
    [42148.005186] ath5k: ath5k_hw_get_isr: ISR: 0x00000400 IMR: 0x00000000
    [42628.004856] ath5k: ath5k_hw_get_isr: ISR: 0x00000400 IMR: 0x00000000
    [49588.005008] ath5k: ath5k_hw_get_isr: ISR: 0x00000400 IMR: 0x00000000
    [50788.004766] ath5k: ath5k_hw_get_isr: ISR: 0x00000400 IMR: 0x00000000
    [51629.884057] ath5k: ath5k_hw_get_isr: ISR: 0x00000001 IMR: 0x00000000
    [53068.004539] ath5k: ath5k_hw_get_isr: ISR: 0x00000400 IMR: 0x00000000
    [54991.400078] ath5k: ath5k_hw_get_isr: ISR: 0x00000004 IMR: 0x00000000
    [59548.004532] ath5k: ath5k_hw_get_isr: ISR: 0x00000400 IMR: 0x00000000
    [60868.004943] ath5k: ath5k_hw_get_isr: ISR: 0x00000080 IMR: 0x00000000
    [63028.005078] ath5k: ath5k_hw_get_isr: ISR: 0x00000400 IMR: 0x00000000
    [68788.004855] ath5k: ath5k_hw_get_isr: ISR: 0x00000080 IMR: 0x00000000
    [70588.005256] ath5k: ath5k_hw_get_isr: ISR: 0x00000400 IMR: 0x00000000
    i've alot of time to remove module ath5k and reinstall it with a lot of option, but nothing change.


    Code:
    root@Asgard:~# iwconfig 
    wlan0     IEEE 802.11bg  ESSID:"HighWay"  
              Mode:Managed  Frequency:2.462 GHz  Access Point: C4:EA:1D:BC:5F:A7   
              Bit Rate=54 Mb/s   Tx-Power=20 dBm   
              Retry short limit:7   RTS thr:off   Fragment thr:off
              Encryption key:off
              Power Management:off
              Link Quality=51/70  Signal level=-59 dBm  
              Rx invalid nwid:0  Rx invalid crypt:0  Rx invalid frag:0
              Tx excessive retries:113  Invalid misc:1597   Missed beacon:0
    
    lo        no wireless extensions.
    
    eth0      no wireless extensions.
    Code:
    root@Asgard:~# ifconfig 
    
    
    wlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
            inet 192.168.1.125  netmask 255.255.255.0  broadcast 192.168.1.255
            inet6 fe80::223:4eff:fe56:a781  prefixlen 64  scopeid 0x20<link>
            ether 00:23:4e:56:a7:81  txqueuelen 1000  (Ethernet)
            RX packets 167618  bytes 186191338 (177.5 MiB)
            RX errors 0  dropped 0  overruns 0  frame 0
            TX packets 95444  bytes 11563273 (11.0 MiB)
            TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
    Code:
    root@Asgard:~# airmon-ng check kill
    
    Killing these processes:
    
      PID Name
     2058 wpa_supplicant
    
    root@Asgard:~# airmon-ng start wlan0
    
    
    PHY	Interface	Driver		Chipset
    
    phy0	wlan0		ath5k		Qualcomm Atheros AR242x / AR542x Wireless Network Adapter (PCI-Express) (rev 01)
    
    		(mac80211 monitor mode vif enabled for [phy0]wlan0 on [phy0]wlan0mon)
    		(mac80211 station mode vif disabled for [phy0]wlan0)
    
    root@Asgard:~# airodump-ng wlan0mon
    
     CH  5 ][ Elapsed: 2 mins ][ 2017-01-26 17:47                                         
                                                                                                                                                         
     BSSID              PWR  Beacons    #Data, #/s  CH  MB   ENC  CIPHER AUTH ESSID
                                                                                                                                                         
     C4:EA:1D:BC:5F:A7  -63      317        1    0  11  54e  WPA2 CCMP   PSK  HighWay                                                                    
     32:91:8F:44:1C:9E  -69      207        0    0   1  54e. WPA2 CCMP   MGT  WOW FI - FASTWEB                                                           
     30:91:8F:44:1C:9D  -68      217        0    0   1  54e  WPA2 CCMP   PSK  TNCAP441C9D                                                                
     F0:84:2F:C9:60:86  -71      231        0    0   9  54e  WPA2 CCMP   MGT  WOW FI - FASTWEB                                                           
     F0:84:2F:C9:60:83  -71      235        0    0   9  54e  WPA2 CCMP   PSK  FASTWEB-1-K1RcVvAkG4nR                                                     
     C4:EA:1D:69:06:31  -81      108        0    0   1  54e  WPA2 CCMP   PSK  FASTWEB-1-690631                                                           
     C6:EA:1D:69:06:32  -84       88        0    0   1  54e. WPA2 CCMP   MGT  WOW FI - FASTWEB                                                           
     F8:35:DD:EB:07:31  -89       36        0    0  11  54e. WPA  CCMP   PSK  GOinternet_EB0734                                                          
     00:F4:6F:08:20:E7  -89       69        0    0   1  54e. WPA2 CCMP   PSK  AndroidHotspot7953                                                         
     DC:0B:1A:3B:BD:5B  -92        4        0    0   1  54e  WPA2 CCMP   PSK  Telecom-71687253                                                           
                                                                                                                                                         
     BSSID              STATION            PWR   Rate    Lost    Frames  Probe                                                                           
                                                                                                                                                         
     C4:EA:1D:BC:5F:A7  00:23:4E:56:A7:81   -1    1e- 0      0        4                                                                                   
    
    root@Asgard:~#
    after 2 minutes my iphone connected to the same network don't has been found. and i can't believe that all round there i no one client.. ..

    what i've to try?

    thanks a lot

  5. #5
    Senior Member
    Join Date
    Apr 2013
    Location
    in a computer
    Posts
    551
    @frank082, in your airodump-ng output, I see a client 00:23:4E:56:A7:81, connected to the ESSID HighWay

  6. #6
    Junior Member
    Join Date
    Jan 2017
    Posts
    5
    Quote Originally Posted by grid View Post
    @frank082, in your airodump-ng output, I see a client 00:23:4E:56:A7:81, connected to the ESSID HighWay
    tnx @grid for your answer, but the client is my system that see it self.. .. mac address are station, my pc, and bssid my router.. ..

    this thing is very strange,, ,, beacuse with option check kill, airmon-ng terminated wpa_supplicant.. ..

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •