I've been trying to setup and test an access point using airbase-ng with a TP LINK WN722N USB card via a Kali Linux 1.0.9 x64 VM setup. For some reason, airbase-ng works temporarily for a few seconds (ie. I receive beacons from other stations and can even connect to the AP from other computers), but then the AP dies and the output for airbase-ng hangs and doesn't show anymore output after. To reset the state of the card, I have to un-plug and re-plus the USB card back in. Below is my setup. I am able to monitor and even inject packets fine, it's just the airbase-ng Wifi AP that isn't working properly.
Do I need to install a patch for my wifi to get this work?
Virtual Machine: VMWare Player 6.03
root@treadstone-vm:~# uname -a
Linux treadstone-vm 3.14-kali1-amd64 #1 SMP Debian 3.14.5-1kali1 (2014-06-07) x86_64 GNU/Linux
root@treadstone-vm:~# lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description: Debian GNU/Linux Kali Linux 1.0.9
Release: Kali Linux 1.0.9
Codename: n/a
Wireless USB Card
Chipset: Atheros
Vendor: TP-Link
Model: WN722N USB
root@treadstone-vm:~# iwconfig
eth0 no wireless extensions.
lo no wireless extensions.
wlan0 IEEE 802.11bgn ESSID:off/any
Mode:Managed Access Point: Not-Associated Tx-Power=20 dBm
Retry short limit:7 RTS thr:off Fragment thr:off
Encryption key:off
Power Management:off
root@treadstone-vm:~# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0c:29:8f:a5:62
inet addr:192.168.1.114 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe8f:a562/64 Scope:Link
inet6 addr: fd2c:60b4:7f15:0:20c:29ff:fe8f:a562/64 Scope:Global
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:23 errors:0 dropped:0 overruns:0 frame:0
TX packets:55 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:3230 (3.1 KiB) TX bytes:4628 (4.5 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:12 errors:0 dropped:0 overruns:0 frame:0
TX packets:12 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:720 (720.0 B) TX bytes:720 (720.0 B)
wlan0 Link encap:Ethernet HWaddr e8:94:f6:09:66:c5
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
root@treadstone-vm:~# lsusb
Bus 002 Device 003: ID 0cf3:9271 Atheros Communications, Inc. AR9271 802.11n
Bus 002 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 001 Device 003: ID 0e0f:0002 VMware, Inc. Virtual USB Hub
Bus 001 Device 002: ID 0e0f:0003 VMware, Inc. Virtual Mouse
Bus 001 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
root@treadstone-vm:~# lsmod | grep ath
ath9k_htc 64602 0
ath9k_common 12634 1 ath9k_htc
ath9k_hw 391009 2 ath9k_common,ath9k_htc
ath 26026 3 ath9k_common,ath9k_htc,ath9k_hw
mac80211 488308 1 ath9k_htc
cfg80211 436618 3 ath,mac80211,ath9k_htc
usbcore 166472 5 uhci_hcd,ehci_hcd,ehci_pci,usbhid,ath9k_htc
root@treadstone-vm:~# airmon-ng
Interface Chipset Driver
wlan0 Atheros AR9271 ath9k - [phy1]
root@treadstone-vm:~# airbase-ng -e test -P -C 10 -v mon0
04:48:11 Created tap interface at0
04:48:11 Trying to set MTU on at0 to 1500
04:48:11 Trying to set MTU on mon0 to 1800
04:48:11 Access Point with BSSID E8:94:F6:09:66:C5 started.
Error: Got channel -1, expected a value > 0.
04:48:23 Got broadcast probe request from 00:00:48:67:9B:9B
04:48:23 Got broadcast probe request from 00:00:48:67:9B:9B
04:48:23 Got broadcast probe request from 00:00:48:67:9B:9B
04:48:24 Got broadcast probe request from BC:85:56:E1:4C:EF
04:48:24 Got broadcast probe request from BC:85:56:E1:4C:EF
...
...
Waits and hangs... no more beacons are received and AP not visible after a few seconds of running.
dmesg:
[ 1417.587640] ieee80211 phy0: Atheros AR9271 Rev:1
[ 1417.587653] cfg80211: Calling CRDA for country: CN
[ 1417.591009] cfg80211: Regulatory domain changed to country: CN
[ 1417.591011] cfg80211: DFS Master region: unset
[ 1417.591012] cfg80211: (start_freq - end_freq @ bandwidth), (max_antenna_gain, max_eirp)
[ 1417.591013] cfg80211: (2402000 KHz - 2482000 KHz @ 40000 KHz), (N/A, 2000 mBm)
[ 1417.591014] cfg80211: (5170000 KHz - 5250000 KHz @ 80000 KHz), (N/A, 2300 mBm)
[ 1417.591015] cfg80211: (5250000 KHz - 5330000 KHz @ 80000 KHz), (N/A, 2300 mBm)
[ 1417.591016] cfg80211: (5735000 KHz - 5835000 KHz @ 80000 KHz), (N/A, 3000 mBm)
[ 1417.591016] cfg80211: (57240000 KHz - 59400000 KHz @ 2160000 KHz), (N/A, 2800 mBm)
[ 1417.591017] cfg80211: (59400000 KHz - 63720000 KHz @ 2160000 KHz), (N/A, 4400 mBm)
[ 1417.591018] cfg80211: (63720000 KHz - 65880000 KHz @ 2160000 KHz), (N/A, 2800 mBm)
[ 1419.097367] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready
[ 1419.223397] waiting module removal not supported: please upgrade
[ 1419.223484] usbcore: deregistering interface driver ath9k_htc
[ 1421.017742] usb 2-1: ath9k_htc: USB layer deinitialized
[ 1421.017784] ath9k_htc: Driver unloaded
[ 1421.018133] waiting module removal not supported: please upgrade
[ 1421.043530] waiting module removal not supported: please upgrade
[ 1421.043848] waiting module removal not supported: please upgrade
[ 1421.044182] waiting module removal not supported: please upgrade
[ 1421.044492] waiting module removal not supported: please upgrade
[ 2001.942593] perf samples too long (10027 > 10000), lowering kernel.perf_event_max_sample_rate to 12500
root@treadstone-vm:~#
root@treadstone-vm:~# airmon-zc --verbose
Linux treadstone-vm 3.14-kali1-amd64 #1 SMP Debian 3.14.5-1kali1 (2014-06-07) x86_64 GNU/Linux
Detected VM using lscpu
This appears to be a VMware Virtual Machine
If your system supports VT-d, it may be possible to use PCI devices
If your system does not support VT-d, you can only use USB wifi cards
K indicates driver is from 3.14-kali1-amd64
V indicates driver comes directly from the vendor, almost certainly a bad thing
S indicates driver comes from the staging tree, these drivers are meant for reference not actual use, BEWARE
? indicates we do not know where the driver comes from... report this
X[PHY]Interface Driver[Stack]-FirmwareRev Chipset Extended Info
K[phy0]wlan0 ath9k_htc[mac80211]-1.3 Atheros Communications, Inc. AR9271 802.11n We Todd Ed
root@treadstone-vm:~# rfkill unblock wifi; rfkill list
4: phy0: Wireless LAN
Soft blocked: no
Hard blocked: no