Aircrack-ng forum
General Category => Bug reports => Topic started by: kcdtv on May 19, 2015, 11:07:06 am
-
I get some strangte problems with monitor mode since i tryed aircrack-ng under xubutnu 15.04
i use the last svn revision
kcdtv@profezorapplestruff:~$ svn co http://svn.aircrack-ng.org/trunk/ aircrack-ng
U aircrack-ng/scripts/airmon-ng
Récupération de la référence externe dans 'aircrack-ng/scripts/airoscript-ng' :
Référence externe extraite à la révision 2560
When i launch mode monitor my interface is changed into wlan0mon but is still "magable" with network manager and it is useles in monitor mode
I put the stdout of airmon-ng with --verbose option
sudo airmon-ng --verbose start wlan0
[sudo] password for kcdtv:
Found 6 processes that could cause trouble.
If airodump-ng, aireplay-ng or airtun-ng stops working after
a short period of time, you may want to kill (some of) them!
PID Name
600 NetworkManager
609 avahi-daemon
659 avahi-daemon
749 wpa_supplicant
815 dhclient
1072 dhclient
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 15.04
Release: 15.04
Codename: vivid
Linux profezorapplestruff 3.19.0-16-generic #16-Ubuntu SMP Thu Apr 30 16:09:58 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
K indicates driver is from 3.19.0-16-generic
V indicates driver comes directly from the vendor, almost certainly a bad thing
S indicates driver comes from the staging tree, these drivers are meant for reference not actual use, BEWARE
? indicates we do not know where the driver comes from... report this
X[PHY]Interface Driver[Stack]-FirmwareRev Chipset Extended Info
K[phy0]wlan0 ath9k[mac80211]-N/A Qualcomm Atheros QCA9565 / AR9565 Wireless Network Adapter (rev 01)command failed: Device or resource busy (-16)
(mac80211 monitor mode vif enabled for [phy0]wlan0 on [phy0]wlan0mon)
(mac80211 station mode vif disabled for [phy0]wlan0)
and if i launch for example airodump-ng i get this error:
sudo airodump-ng wlan0mon
ioctl(SIOCSIWMODE) failed: Device or resource busy
ARP linktype is set to 1 (Ethernet) - expected ARPHRD_IEEE80211,
ARPHRD_IEEE80211_FULL or ARPHRD_IEEE80211_PRISM instead. Make
sure RFMON is enabled: run 'airmon-ng start wlan0mon <#>'
Sysfs injection support was not found either.
i am a bit lost as i didn't change the driver or whatever and it was perfectly working in xubuntu 14.10
i think it is not related toi aircrack-ng but in something from canonical... does someone have any idea of what i should try to solve this issue
I forgot to say that i can use the interface in mode monitor but in "wlanX" put in monitor mode with iwconfig ???
-
hahaha! ;D the the fierce paladin of new airmon, cant get it to work! ;D
-
Have you checked what rfkill says? Is it blocked?
If not, check dmesg.
And, mikail, it's not the new airmon-ng. You would get the same issue with the older one too. There is something wrong with the interface/driver/firmware.
-
And, mikail, it's not the new airmon-ng. You would get the same issue with the older one too. There is something wrong with the interface/driver/firmware.
i didn't mentioned it before but I tryed with some old version of aircrack-ng and i had more or less the same issue.
this is a version where airmon-ng create a monX interface
aircrack-ng
Aircrack-ng 1.2 beta3 - (C) 2006-2013 Thomas d'Otreppe
http://www.aircrack-ng.org
and the results is more or less the same, the interface in mode monitor is not "available" "busy" "not unique"
$ sudo airmon-ng start wlan0
Found 5 processes that could cause trouble.
If airodump-ng, aireplay-ng or airtun-ng stops working after
a short period of time, you may want to kill (some of) them!
PID Name
586 NetworkManager
598 avahi-daemon
719 avahi-daemon
765 wpa_supplicant
947 dhclient
Interface Chipset Driver
wlan0 Atheros AR9565 ath9k - [phy0]SIOCSIFFLAGS: Le nom n'est pas unique sur le réseau
(monitor mode enabled on mon0)
kcdtv@profezorapplestruff:~$ sudo airodump-ng mon0
ioctl(SIOCSIFFLAGS) failed: Name not unique on network
what i see with dmesg related to wifi interface:
[ 15.528087] ath: phy0: WB335 2-ANT card detected
[ 15.528092] ath: phy0: Set BT/WLAN RX diversity capability
[ 15.534566] ath: phy0: Enable LNA combining
[ 15.535655] ath: phy0: ASPM enabled: 0x42
[ 15.535658] ath: EEPROM regdomain: 0x6a
[ 15.535660] ath: EEPROM indicates we should expect a direct regpair map
[ 15.535663] ath: Country alpha2 being used: 00
[ 15.535665] ath: Regpair used: 0x6a
[ 15.613285] ieee80211 phy0: Selected rate control algorithm 'minstrel_ht'
[ 15.613833] ieee80211 phy0: Atheros AR9565 Rev:2 mem=0xffffc90021680000, irq=17
[ 16.410899] cfg80211: World regulatory domain updated:
[ 16.410906] cfg80211: DFS Master region: unset
[ 16.410909] cfg80211: (start_freq - end_freq @ bandwidth), (max_antenna_gain, max_eirp), (dfs_cac_time)
[ 16.410914] cfg80211: (2402000 KHz - 2472000 KHz @ 40000 KHz), (300 mBi, 2000 mBm), (N/A)
[ 16.410917] cfg80211: (2457000 KHz - 2482000 KHz @ 40000 KHz), (300 mBi, 2000 mBm), (N/A)
[ 16.410921] cfg80211: (2474000 KHz - 2494000 KHz @ 20000 KHz), (300 mBi, 2000 mBm), (N/A)
[ 16.410924] cfg80211: (5170000 KHz - 5250000 KHz @ 40000 KHz), (300 mBi, 2000 mBm), (N/A)
[ 16.410927] cfg80211: (5735000 KHz - 5835000 KHz @ 40000 KHz), (300 mBi, 2000 mBm), (N/A)
and at the end...
[ 33.294101] r8169 0000:01:00.0 eth0: link up
[ 46.584068] wlan0: deauthenticating from 00:1a:2b:b0:23:90 by local choice (Reason: 3=DEAUTH_LEAVING)
[ 46.603328] cfg80211: Calling CRDA to update world regulatory domain
[ 46.608062] cfg80211: World regulatory domain updated:
[ 46.608069] cfg80211: DFS Master region: unset
[ 46.608071] cfg80211: (start_freq - end_freq @ bandwidth), (max_antenna_gain, max_eirp), (dfs_cac_time)
[ 46.608076] cfg80211: (2402000 KHz - 2472000 KHz @ 40000 KHz), (300 mBi, 2000 mBm), (N/A)
[ 46.608079] cfg80211: (2457000 KHz - 2482000 KHz @ 40000 KHz), (300 mBi, 2000 mBm), (N/A)
[ 46.608081] cfg80211: (2474000 KHz - 2494000 KHz @ 20000 KHz), (300 mBi, 2000 mBm), (N/A)
[ 46.608084] cfg80211: (5170000 KHz - 5250000 KHz @ 40000 KHz), (300 mBi, 2000 mBm), (N/A)
[ 46.608087] cfg80211: (5735000 KHz - 5835000 KHz @ 40000 KHz), (300 mBi, 2000 mBm), (N/A)
i manually desauthenticate (2ndline last code ) before activating the mode monitor...
problem is definitively linked to something that happened in the update from 14.10 to new ubuntu version. I never had issues like this before with any version of aircrack-ng,
revision 2059 was working fine in 14.10,
so - to go back to present time / with revision 2060 and ubuntnu 15.04 ( and the same happens with older revision and "old airmon-ng" ); the only way to have the interface working with airmon-ng it is with "check kill" (and i can do it with iwconfig)
But using airmon-ng (old or new) means that we loose all internet connection (ethernet and secondary wifi interface) in ubuntu 15.04 :'(
kcdtv@profezorapplestruff:~$ sudo airmon-ng check kill start wlan0
[sudo] password for kcdtv:
Killing these processes:
PID Name
759 wpa_supplicant
1743 avahi-daemon
1744 avahi-daemon
kcdtv@profezorapplestruff:~$ sudo airmon-ng start wlan0
Found 2 processes that could cause trouble.
If airodump-ng, aireplay-ng or airtun-ng stops working after
a short period of time, you may want to kill (some of) them!
PID Name
1756 avahi-daemon
1757 avahi-daemon
PHY Interface Driver Chipset
phy0 wlan0 ath9k Qualcomm Atheros QCA9565 / AR9565 Wireless Network Adapter (rev 01)
(mac80211 monitor mode vif enabled for [phy0]wlan0 on [phy0]wlan0mon)
(mac80211 station mode vif disabled for [phy0]wlan0)
sudo airodump-ng wlan0mon
CH 1 ][ Elapsed: 0 s ][ 2015-05-22 16:23
BSSID PWR Beacons #Data, #/s CH MB ENC CIPHER AUTH ESSID
C0:C1:C0: -89 2 0 0 6 54 WPA2 CCMP PSK SKELE
E0:91:53:0 -83 2 0 0 6 54 . WEP WEP WLAN_
00:1A:29 -83 2 0 0 11 54e WPA CCMP PSK WLAN_
2C:95:7C4 -77 3 0 0 11 54e WPA2 CCMP PSK JAZZT
9C:97:2 -71 5 1 0 11 54e WPA2 CCMP PSK Jazzt
F8:8E:8 -1 0 13 0 4 -1 WPA <leng
20:08:E -80 4 0 0 9 54e WPA2 CCMP PSK vodaf
00:1A:2 -76 3 3 0 6 54e WPA CCMP PSK WLAN_
FA:8F:C -80 2 0 0 1 54e. OPN <leng
F8:8E:85 -70 1 1 0 1 54e WPA CCMP PSK MOVIS
F0:84:C9 -73 3 95 36 1 54e WEP WEP JAZZ_
BSSID STATION PWR Rate Lost Frames Probe
F8:8E:85 84:00:D2: -88 0 - 1e 21 13
(not associated) 0C:8971 -85 0 - 1 0 2
(not associated) 7C:1DC:5B -72 0 - 1 0 1
00:1A:2B: 00:C:FC:16 -50 0 - 0e 0 3
i guess it is the -bip- network manager canonical flavour...
so i checked that, restarted my system and stopped manualy with
sudo service network-manager stop
and i had no issue with airmon-ng
sudo airmon-ng start wlan0
Found 3 processes that could cause trouble.
If airodump-ng, aireplay-ng or airtun-ng stops working after
a short period of time, you may want to kill (some of) them!
PID Name
582 avahi-daemon
653 avahi-daemon
749 wpa_supplicant
PHY Interface Driver Chipset
phy0 wlan0 ath9k Qualcomm Atheros QCA9565 / AR9565 Wireless Network Adapter (rev 01)
(mac80211 monitor mode vif enabled for [phy0]wlan0 on [phy0]wlan0mon)
(mac80211 station mode vif disabled for [phy0]wlan0)
sudo airodump-ng wlan0mon
CH 14 ][ Elapsed: 0 s ][ 2015-05-22 16:39
BSSID PWR Beacons #Data, #/s CH MB ENC CIPHER AUTH ESSID
20:89:86:1 -73 2 0 0 1 54e WPA2 CCMP PSK JAZZT
FA:8F:CA: -77 3 0 0 1 54e. OPN <leng
F0:84:C9:5 -76 1 42 0 1 54e WEP WEP JAZZ_
9C:97:26:A -73 2 5 0 11 54e WPA2 CCMP PSK Jazzt
BSSID STATION PWR Rate Lost Frames Probe
F0:84:C9:53:C2:58 6C:71:D9:5E:35:5D -34 9e- 2e 18 61
well... i cannot say much,
it seems that netwrok-manager form ubuntu 15.04 does not let airmon-ng truly manage the selected interface.
apt-cache show network-manager
Package: network-manager
Priority: optional
Section: net
Installed-Size: 2928
Maintainer: Ubuntu Core Dev Team <ubuntu-devel-discuss@lists.ubuntu.com>
Original-Maintainer: Utopia Maintenance Team <pkg-utopia-maintainers@lists.alioth.debian.org>
Architecture: amd64
Version: 0.9.10.0-4ubuntu15.1
Depends: libc6 (>= 2.17), libdbus-1-3 (>= 1.0.2), libdbus-glib-1-2 (>= 0.102), libglib2.0-0 (>= 2.37.3), libgudev-1.0-0 (>= 165), libmm-glib0 (>= 1.0.0), libndp0 (>= 1.2), libnewt0.52, libnl-3-200 (>= 3.2.21), libnl-genl-3-200 (>= 3.2.21), libnl-route-3-200 (>= 3.2.7), libnm-glib4 (>= 0.9.10.0), libnm-util2 (>= 0.9.10.0-4ubuntu15.1), libpolkit-gobject-1-0 (>= 0.101), libreadline6 (>= 6.0), libsoup2.4-1 (>= 2.39.3), libsystemd0, init-system-helpers (>= 1.18~), lsb-base (>= 4.1+Debian11ubuntu7), dnsmasq-base, wpasupplicant (>= 0.7.3-1), dbus (>= 1.1.2), udev, adduser, isc-dhcp-client (>= 4.3.1-5ubuntu1), libpam-systemd, policykit-1
Recommends: ppp (>= 2.4.6), iptables, modemmanager, crda, iputils-arping, network-manager-pptp, network-manager-gnome | plasma-widget-networkmanagement | plasma-nm
Suggests: avahi-autoipd, python
Conflicts: connman
Breaks: network-manager-gnome (<< 0.9), network-manager-kde (<< 1:0.9), network-manager-openconnect (<< 0.9), network-manager-openvpn (<< 0.9), network-manager-pptp (<< 0.9), network-manager-vpnc (<< 0.9), plasma-widget-networkmanagement (<< 0.9~), ppp (<< 2.4.6)
Filename: pool/main/n/network-manager/network-manager_0.9.10.0-4ubuntu15.1_amd64.deb
Size: 753644
MD5sum: 3e7f66d1c0808456a7ba6c1b583198aa
SHA1: aa4186e496517b40bd78dd7f677a0befb60006c1
SHA256: 7588a88009f694ed0e1a1fa8e5da21e485f23d858066ae4f4dc82fba632c600a
Description-fr: Gestion du réseau (démon et utilitaires en espace utilisateur)
NetworkManager est un service système pour le réseau qui gère vos
matériels réseau et connexions en essayant de garder la connectivité
active lorsque c'est possible. Il gère l’Ethernet, le réseau sans fil, le
mobile haut débit (WWAN), les modems PPPoE et fournit l'intégration de
plusieurs types de services de VPN.
.
Ce paquet fournit les démons qui s'exécutent dans l'espace utilisateur
ainsi qu'une interface de ligne de commande pour interagir avec Network
Manager.
.
Dépendances optionnelles :
* ppp : requis pour établir des connexions commutées (ex. via GSM) ;
* avahi-autoipd : fournit IPv4LL, un protocole d'auto-configuration des adresses IP link-local.
Description-md5: 8f6f8b56b77097ec1e2134d2c9189882
Homepage: http://www.gnome.org/projects/NetworkManager/
Bugs: https://bugs.launchpad.net/ubuntu/+filebug
Origin: Ubuntu
Supported: 9m
Task: ubuntu-desktop, ubuntu-usb, kubuntu-desktop, kubuntu-full, kubuntu-active-desktop, kubuntu-active-full, edubuntu-desktop, edubuntu-usb, xubuntu-core, xubuntu-desktop, mythbuntu-frontend, mythbuntu-desktop, mythbuntu-backend-slave, mythbuntu-backend-master, lubuntu-desktop, ubuntustudio-desktop, ubuntustudio-desktop-minimal, ubuntu-gnome-desktop, ubuntu-touch-core, ubuntu-desktop-next, ubuntu-touch, ubuntukylin-desktop, ubuntu-mate-core
Package: network-manager
Priority: optional
Section: net
Installed-Size: 2928
Maintainer: Ubuntu Core Dev Team <ubuntu-devel-discuss@lists.ubuntu.com>
Original-Maintainer: Utopia Maintenance Team <pkg-utopia-maintainers@lists.alioth.debian.org>
Architecture: amd64
Version: 0.9.10.0-4ubuntu15
Depends: libc6 (>= 2.17), libdbus-1-3 (>= 1.0.2), libdbus-glib-1-2 (>= 0.102), libglib2.0-0 (>= 2.37.3), libgudev-1.0-0 (>= 165), libmm-glib0 (>= 1.0.0), libndp0 (>= 1.2), libnewt0.52, libnl-3-200 (>= 3.2.21), libnl-genl-3-200 (>= 3.2.21), libnl-route-3-200 (>= 3.2.7), libnm-glib4 (>= 0.9.10.0), libnm-util2 (>= 0.9.10.0-4ubuntu15), libpolkit-gobject-1-0 (>= 0.101), libreadline6 (>= 6.0), libsoup2.4-1 (>= 2.39.3), libsystemd0, init-system-helpers (>= 1.18~), lsb-base (>= 4.1+Debian11ubuntu7), dnsmasq-base, wpasupplicant (>= 0.7.3-1), dbus (>= 1.1.2), udev, adduser, isc-dhcp-client (>= 4.3.1-5ubuntu1), libpam-systemd, policykit-1
Recommends: ppp (>= 2.4.6), iptables, modemmanager, crda, iputils-arping, network-manager-pptp, network-manager-gnome | plasma-widget-networkmanagement | plasma-nm
Suggests: avahi-autoipd, python
Conflicts: connman
Breaks: network-manager-gnome (<< 0.9), network-manager-kde (<< 1:0.9), network-manager-openconnect (<< 0.9), network-manager-openvpn (<< 0.9), network-manager-pptp (<< 0.9), network-manager-vpnc (<< 0.9), plasma-widget-networkmanagement (<< 0.9~), ppp (<< 2.4.6)
Filename: pool/main/n/network-manager/network-manager_0.9.10.0-4ubuntu15_amd64.deb
Size: 754614
MD5sum: 4ad4b4b5d73ae00ea70ef9b2a033d6de
SHA1: 523c3180a8e7d57c40584fdb081d076a71ed9550
SHA256: d197af0347cb23152a7b4e71d7e36888c2304f5c595e76d7e53a1215862fe509
Description-fr: Gestion du réseau (démon et utilitaires en espace utilisateur)
NetworkManager est un service système pour le réseau qui gère vos
matériels réseau et connexions en essayant de garder la connectivité
active lorsque c'est possible. Il gère l’Ethernet, le réseau sans fil, le
mobile haut débit (WWAN), les modems PPPoE et fournit l'intégration de
plusieurs types de services de VPN.
.
Ce paquet fournit les démons qui s'exécutent dans l'espace utilisateur
ainsi qu'une interface de ligne de commande pour interagir avec Network
Manager.
.
Dépendances optionnelles :
* ppp : requis pour établir des connexions commutées (ex. via GSM) ;
* avahi-autoipd : fournit IPv4LL, un protocole d'auto-configuration des adresses IP link-local.
Description-md5: 8f6f8b56b77097ec1e2134d2c9189882
Homepage: http://www.gnome.org/projects/NetworkManager/
Bugs: https://bugs.launchpad.net/ubuntu/+filebug
Origin: Ubuntu
Supported: 9m
Task: ubuntu-desktop, ubuntu-usb, kubuntu-desktop, kubuntu-full, kubuntu-active-desktop, kubuntu-active-full, edubuntu-desktop, edubuntu-usb, xubuntu-core, xubuntu-desktop, mythbuntu-frontend, mythbuntu-desktop, mythbuntu-backend-slave, mythbuntu-backend-master, lubuntu-desktop, ubuntustudio-desktop, ubuntustudio-desktop-minimal, ubuntu-gnome-desktop, ubuntu-touch-core, ubuntu-desktop-next, ubuntu-touch, ubuntukylin-desktop, ubuntu-mate-core
i had a loock in airmon script and i don't know... i can pass mode monitor with iw by hand (like in the script) and mode monitor is enabled... but then it seems that newtork manager block the "phy" for the "wlan"
That is also something that i forgot to say in my previous mesage and is important : when i have wlan0mon enabled i can connect myself with it but i cannot use monitor mode :P
-
2 things: You forget to kill network managers. And have you checked rfkill as I suggested.
-
rfkill seems ok
kcdtv@profezorapplestruff:~$ rfkill list
0: phy0: Wireless LAN
Soft blocked: no
Hard blocked: no
kcdtv@profezorapplestruff:~$ sudo airmon-ng start wlan0
[sudo] kcdtv@profezorapplestruff:~$ rfkill list
0: phy0: Wireless LAN
Soft blocked: no
Hard blocked: no
kcdtv@profezorapplestruff:~$ sudo airmon-ng start wlan0
[sudo] password for kcdtv:
Found 5 processes that could cause trouble.
If airodump-ng, aireplay-ng or airtun-ng stops working after
a short period of time, you may want to kill (some of) them!
PID Name
563 avahi-daemon
578 NetworkManager
668 avahi-daemon
735 wpa_supplicant
842 dhclient
PHY Interface Driver Chipset
phy0 wlan0 ath9k Qualcomm Atheros QCA9565 / AR9565 Wireless Network Adapter (rev 01)command failed: Device or resource busy (-16)
(mac80211 monitor mode vif enabled for [phy0]wlan0 on [phy0]wlan0mon)
(mac80211 station mode vif disabled for [phy0]wlan0)
kcdtv@profezorapplestruff:~$ rfkill list
0: phy0: Wireless LAN
Soft blocked: no
Hard blocked: no
kcdtv@profezorapplestruff:~$ rfkill event
1432562080.344940: idx 0 type 1 op 0 soft 0 hard 0
You forget to kill network managers
I stopped it instead of kiling it. The issue is the same in both cases : if i have to kill or stop network manager i immediately loose Internet connection, ethernet or the other wireles interface...
i know i can restart network-manager when i want internet back and how to change airmon-ng for me to restart it automatically but the interest would be to have airmon working as it was working in 14.10 with the interface in mode monitor fully dedicated to monitor mode and the other LAN or WLAN interface working in managed mode with the network manager enabled.
I am not scared to modify and try stuff with airmon.
-
haha :)) that's priceless! :))
Misterx, I think he is asking for something like the old airmon-ng.. :))
-
I forgot to update this thread : There is a simple way to solve the issue without modifying airmon-ng .
It works perfectly in Ubuntu 15.04 ( and in Kali linux 2.0 ) : Edit NewtorkManager.conf to prevent conflicts with airmon-ng (no check kill) (https://forum.aircrack-ng.org/index.php/topic,1082.msg3303.html#msg3303)
The issue is actually not a "bug" from airmon-ng.
It is more a bug from the lasts version of "Network Manager" that's automatically disable mode monitor in order to manage the interface.
And I guess it is not a bug unless you are interested in using mode monitor and injection.
For sure airmon-ng can be modified to immediately write down the interface in the netwrokmanager.conf file and erase it when mode monitor is disabled
But modifying a script to solve issues from another tool is not a good way. And you will have to modify it again after every update
I recommend editing your network Manager Configuration file. It is simple and you just have to do it once.