Before we continue into this subject readers should be aware that MTeams are only interested in what we are actually seeing on our computer screens. All of this can be easily tested for duplication in a users individual computer.
The use of airmon-ng check kill:
We took a look at the bash coding in the new airmon-ng script thru
leafpad /usr/sbin/airmon-ng
It looks to us that airmon-ng check kill really calls up:
service network-manager stop
service avahi-daemon stop
So all this instruction in these forums about referencing the man pages and the necessity of using airmon-ng check kill is just one(1) way of handling the current network-manager problem or as we think, simply overkill.
Nuking your network connections to allow aircrack-ng tools to run sounds simple. The problem is that:
1. This kills all internet access on all devices
2. If you try and restart ALL these processes good luck. First the man pages are written to resolve airmon-ng conflict. There is little thought to it's total effect on the operating system. Do you see any instruction on how to restore your computer internet functions? The real commands are buried beneath airmon-ng check kill which is a bash script written by aircrack-ng calling up linux commands. To restore your internet connection thru network-manager you can try:
service network-manager start
service avahi-daemon start
However if you kill your wifi system and then try and restore it good luck. Network-manager jams up in part when restored. After restoring these processes try selecting another AP that has not been setup - nothing happens. You can move between Wifi devices that have been already established in the /etc/NetworkManager/system-connections folder BUT you cannot make a new location automatically. To setup a new location in this case you must manually do the following:
For ALL Wifi Operations AVOID using the small black drop down menu(i.e. top has speaker then light intensity) for anything except:
Select the device
DONOT USE Select Network
DONOT USE Turn Off
Click On Wifi Settings and do ALL your work on the Wifi Settings large page that appears after you select Wifi Settings. Pay no attention to connection info on this small black applet.
Click on the "gear in a box symbol" and manually put in your WPA key thru the "security selection" and spoof your address thru the "identity page." Now try and connect using this main page only(again DO NOT USE the small drop down applet).
Reference airmon-ng
There is a far easier method then nuking your entire system if you want a virtual monitor thru airmon-ng
airmon-ng wlan0 start
ifconfig wlan0mon down
iwconfig wlan0mon mode monitor
ifconfig wlan0mon up
Then run:
airodump-ng wlan0mon or reaver or wash or aireplay-ng
Now if you have another wifi device you can use it, as you did not send your entire wifi system into purgatory.
Here is how we set up monitor mode and spoof a mac. We DONOT use airmon-ng check kill.
You must place the device in monitor mode first thru airmon-ng before you spoof the device.
airmon-ng start wlan1
ifconfig wlan1mon down
macchanger -m 00:11:22:33:44:55 wlan1mon
or
macchanger -r wlan1mon
iwconfig wlan1mon mode monitor
ifconfig wlan1mon up
If your network-manager is running and you want to stop your monitor and place back in managed mode you do not need to stop your network-manager especially if you are using another device. Just put the device in mode monitor and remove it as follows.
ifconfig wlan1mon down
iwconfig wlan1mon mode monitor
ifconfig wlan1mon up
airmon-ng stop wlan1mon
If you want to spoof the mac address of any device connecting to the internet thru network-manager suggest you spoof your device using the Network-manager menu NOT thru the terminal window. Note when you enter your mac address the entries stay white and are hard to read BUT when a correct hex address is entered the characters turn black.
In closing there are operations where you want to maintain internet access on one(1) device while establishing a monitor to run other processes on another device. An example is making a rogue AP supported by airbase-ng on one(1) device while supplying internet access on the other.
These methods above work for us. We expect Kali will slowly correct network-manager menus but this is how we see the system at present.
Musket Teams
