Having some issues using the internal wifi in monitor mode for injections etc.
Running 32-bit Kali for the RPi, apt update && apt upgrade no problems.
This is what I do, and what happens:
Code:
root@kali:~# sudo iw phy phy0 interface add mon0 type monitor
root@kali:~# ifconfig mon0 up
root@kali:~# aireplay-ng --test mon0
22:49:30 Trying broadcast probe requests...
22:49:30 Injection is working!
22:49:31 Found 4 APs
...
The injection test does its thing and all looks good at this point.
As an example, I'm doing a continous deauth to my own phone for testing purposes:
Code:
root@kali:~# airodump-ng mon0
... all works, I find my AP in the list..
root@kali:~# airodump-ng --bssid AB:CD:EF:GH:12:34 -c 11 mon0
... all good, I see my phone in the station list...
root@kali:~# aireplay-ng -0 0 -a AB:CD:EF:GH:12:34 -c BB:CC:DD:EE:12:34 mon0
23:01:28 Waiting for beacon frame (BSSID: AB:CD:EF:GH:12:34) on channel 11
23:01:29 Sending 64 directed DeAuth (code 7). STMAC: [BB:CC:DD:EE:12:34] [ 0|49 ACKs]
23:01:30 Sending 64 directed DeAuth (code 7). STMAC: [BB:CC:DD:EE:12:34] [ 0|50 ACKs]
23:01:30 Sending 64 directed DeAuth (code 7). STMAC: [BB:CC:DD:EE:12:34] [ 0|69 ACKs]
23:01:32 Sending 64 directed DeAuth (code 7). STMAC: [BB:CC:DD:EE:12:34] [50|265 ACKs]
23:01:35 Sending 64 directed DeAuth (code 7). STMAC: [BB:CC:DD:EE:12:34] [14|311 ACKs]
23:01:37 Sending 64 directed DeAuth (code 7). STMAC: [BB:CC:DD:EE:12:34] [193|232 ACKs]
23:01:40 Sending 64 directed DeAuth (code 7). STMAC: [BB:CC:DD:EE:12:34] [ 0|277 ACKs]
23:01:44 Sending 64 directed DeAuth (code 7). STMAC: [BB:CC:DD:EE:12:34] [23|301 ACKs]
23:01:47 Sending 64 directed DeAuth (code 7). STMAC: [BB:CC:DD:EE:12:34] [ 0|322 ACKs]
23:01:50 Sending 64 directed DeAuth (code 7). STMAC: [BB:CC:DD:EE:12:34] [ 0|292 ACKs]
23:01:53 Sending 64 directed DeAuth (code 7). STMAC: [BB:CC:DD:EE:12:34] [ 0|359 ACKs]
23:01:56 Sending 64 directed DeAuth (code 7). STMAC: [BB:CC:DD:EE:12:34] [ 0|319 ACKs]
23:01:59 Sending 64 directed DeAuth (code 7). STMAC: [BB:CC:DD:EE:12:34] [ 0|291 ACKs]
23:02:02 Sending 64 directed DeAuth (code 7). STMAC: [BB:CC:DD:EE:12:34] [21|320 ACKs]
23:02:05 Sending 64 directed DeAuth (code 7). STMAC: [BB:CC:DD:EE:12:34] [ 0|307 ACKs]
23:02:08 Sending 64 directed DeAuth (code 7). STMAC: [BB:CC:DD:EE:12:34] [ 0|285 ACKs]
23:02:11 Sending 64 directed DeAuth (code 7). STMAC: [BB:CC:DD:EE:12:34] [ 0|261 ACKs]
23:02:14 Sending 64 directed DeAuth (code 7). STMAC: [BB:CC:DD:EE:12:34] [ 0|399 ACKs]
23:02:17 Sending 64 directed DeAuth (code 7). STMAC: [BB:CC:DD:EE:12:34] [ 0|374 ACKs]
23:02:20 Sending 64 directed DeAuth (code 7). STMAC: [BB:CC:DD:EE:12:34] [ 0|373 ACKs]
23:02:23 Sending 64 directed DeAuth (code 7). STMAC: [BB:CC:DD:EE:12:34] [ 0|385 ACKs]
23:02:25 Sending 64 directed DeAuth (code 7). STMAC: [BB:CC:DD:EE:12:34] [19|359 ACKs]
23:02:27 Sending 64 directed DeAuth (code 7). STMAC: [BB:CC:DD:EE:12:34] [96|286 ACKs]
23:02:30 Sending 64 directed DeAuth (code 7). STMAC: [BB:CC:DD:EE:12:34] [133|290 ACKs]
23:02:33 Sending 64 directed DeAuth (code 7). STMAC: [BB:CC:DD:EE:12:34] [ 0|361 ACKs]
23:02:35 Sending 64 directed DeAuth (code 7). STMAC: [BB:CC:DD:EE:12:34] [52|324 ACKs]
23:02:37 Sending 64 directed DeAuth (code 7). STMAC: [BB:CC:DD:EE:12:34] [186|275 ACKs]
23:02:40 Sending 64 directed DeAuth (code 7). STMAC: [BB:CC:DD:EE:12:34] [35|313 ACKs]
23:02:43 Sending 64 directed DeAuth (code 7). STMAC: [BB:CC:DD:EE:12:34] [ 0|324 ACKs]
23:02:48 Sending 64 directed DeAuth (code 7). STMAC: [BB:CC:DD:EE:12:34] [25|316 ACKs]
23:02:50 Sending 64 directed DeAuth (code 7). STMAC: [BB:CC:DD:EE:12:34] [14|413 ACKs]
23:02:54 Sending 64 directed DeAuth (code 7). STMAC: [BB:CC:DD:EE:12:34] [ 0|287 ACKs]
23:02:56 Sending 64 directed DeAuth (code 7). STMAC: [BB:CC:DD:EE:12:34] [ 0|291 ACKs]
... and it freezes!
Sometimes it can run for 2 minutes, sometimes only 30 seconds before it freezes. The injection/deauth works fine until it freezes. At this point I'm able to Ctrl+C out of the frozen deauth, but from here on the monitor wifi mode doesn't work at all. If I run "airodump-ng mon0" again it shows nothing. Running ifconfig will show no errors but the monitor mode certainly has broken until I reboot.
Running deauth injections is just an example of breaking the wifi mon mode. I've played around with other tools like wifite2 and it can work for a while and suddenly the monitor mode has broken and nothing works until I reboot again.
Any ideas on what's causing the wifi monitor mode to break like that?