Aircrack-ng forum
General Category => Newbies => Topic started by: GetRektBoy724 on October 08, 2020, 12:43:16 am
-
pls help i cant do packet injection on QCA9377
monitor mode is already supported.....i can see a lot of AP with airodump-ng
but if i run a test with aireplay-ng,injection is not working
i use this firmware https://github.com/marcost2/ath10k
after i run "aireplay-ng -9 wlan0mon" and it didnt work...i check dmesg and this thing showed up :
[ 167.730039] ------------[ cut here ]------------
[ 167.730068] WARNING: CPU: 0 PID: 1681 at drivers/net/wireless/ath/ath10k/mac.c:3791 ath10k_mac_tx+0x2e3/0x4b0 [ath10k_core]
[ 167.730069] Modules linked in: snd_seq_dummy(E) snd_hrtimer(E) snd_seq(E) snd_seq_device(E) fuse(E) binfmt_misc(E) nls_ascii(E) nls_cp437(E) vfat(E) fat(E) btusb(E) ath10k_pci(E) intel_rapl_msr(E) intel_rapl_common(E) btrtl(E) ath10k_core(E) btbcm(E) uvcvideo(E) x86_pkg_temp_thermal(E) btintel(E) intel_powerclamp(E) bluetooth(E) jitterentropy_rng(E) coretemp(E) ath(E) mac80211(E) snd_soc_skl(E) kvm_intel(E) snd_soc_hdac_hda(E) drbg(E) snd_hda_ext_core(E) ansi_cprng(E) snd_hda_codec_hdmi(E) snd_soc_sst_ipc(E) cfg80211(E) snd_soc_sst_dsp(E) videobuf2_vmalloc(E) videobuf2_memops(E) videobuf2_v4l2(E) snd_soc_acpi_intel_match(E) snd_hda_codec_generic(E) libarc4(E) snd_soc_acpi(E) ecdh_generic(E) ecc(E) snd_soc_core(E) videobuf2_common(E) ledtrig_audio(E) kvm(E) snd_compress(E) videodev(E) snd_hda_intel(E) irqbypass(E) mc(E) snd_intel_dspcfg(E) snd_hda_codec(E) iTCO_wdt(E) intel_pmc_bxt(E) iTCO_vendor_support(E) intel_xhci_usb_role_switch(E) snd_hda_core(E) snd_hwdep(E) snd_pcm(E) rapl(E)
[ 167.730116] intel_cstate(E) snd_timer(E) snd(E) intel_uncore(E) watchdog(E) roles(E) mei_me(E) efi_pstore(E) soundcore(E) sg(E) ideapad_laptop(E) intel_wmi_thunderbolt(E) efivars(E) joydev(E) serio_raw(E) evdev(E) sparse_keymap(E) mei(E) rfkill(E) intel_pch_thermal(E) tpm_crb(E) tpm_tis(E) tpm_tis_core(E) tpm(E) acpi_pad(E) ac(E) wmi_bmof(E) rng_core(E) sunrpc(E) efivarfs(E) ip_tables(E) x_tables(E) autofs4(E) ext4(E) crc16(E) mbcache(E) jbd2(E) crc32c_generic(E) sd_mod(E) t10_pi(E) crc_t10dif(E) sr_mod(E) cdrom(E) crct10dif_generic(E) hid_rmi(E) rmi_core(E) hid_generic(E) crct10dif_pclmul(E) crct10dif_common(E) crc32_pclmul(E) crc32c_intel(E) ghash_clmulni_intel(E) i915(E) i2c_algo_bit(E) ahci(E) libahci(E) drm_kms_helper(E) aesni_intel(E) libaes(E) crypto_simd(E) cec(E) libata(E) r8169(E) realtek(E) xhci_pci(E) i2c_i801(E) cryptd(E) glue_helper(E) libphy(E) i2c_smbus(E) xhci_hcd(E) scsi_mod(E) intel_lpss_pci(E) intel_lpss(E) idma64(E) drm(E) usbcore(E) usb_common(E) wmi(E) i2c_hid(E)
[ 167.730174] button(E) hid(E) battery(E) video(E)
[ 167.730183] CPU: 0 PID: 1681 Comm: aireplay-ng Tainted: G E 5.8.0-kali2-amd64 #1 Debian 5.8.10-1kali1
[ 167.730185] Hardware name: my hardware name
[ 167.730202] RIP: 0010:ath10k_mac_tx+0x2e3/0x4b0 [ath10k_core]
[ 167.730207] Code: 06 66 44 89 50 0a 66 44 89 78 0c e9 9c fe ff ff 48 8b 87 b0 12 00 00 a8 08 0f 85 8d fe ff ff 41 f6 40 38 20 0f 85 82 fe ff ff <0f> 0b 4c 89 c6 4c 89 f7 41 bd f4 fd ff ff e8 4a 17 e7 ff e9 f0 fe
[ 167.730209] RSP: 0018:ffffb60c82a679d8 EFLAGS: 00010246
[ 167.730212] RAX: 0000000000000042 RBX: 0000000000000000 RCX: 0000000000000000
[ 167.730214] RDX: 0000000000000000 RSI: ffff94fdd8342bb0 RDI: ffff94fde3a61e60
[ 167.730216] RBP: ffff94fde3a61e60 R08: ffff94fdd7319a00 R09: 0000000000000000
[ 167.730218] R10: 0000000000000000 R11: 0000000000000002 R12: ffff94fdd7319a00
[ 167.730220] R13: 0000000000000000 R14: ffff94fde3a607c0 R15: ffff94fdd8342bb0
[ 167.730223] FS: 00007f16616d6740(0000) GS:ffff94fde6c00000(0000) knlGS:0000000000000000
[ 167.730225] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 167.730227] CR2: 00007ffd650bfca8 CR3: 000000025f6fe006 CR4: 00000000003606f0
[ 167.730229] Call Trace:
[ 167.730242] ? account_entity_enqueue+0x9c/0xd0
[ 167.730259] ath10k_mac_op_tx+0x119/0x220 [ath10k_core]
[ 167.730316] ieee80211_tx_frags+0x173/0x250 [mac80211]
[ 167.730365] __ieee80211_tx+0x7a/0x130 [mac80211]
[ 167.730412] ieee80211_tx+0xfd/0x140 [mac80211]
[ 167.730457] ieee80211_monitor_start_xmit+0x336/0x630 [mac80211]
[ 167.730467] dev_hard_start_xmit+0x8d/0x1d0
[ 167.730473] __dev_queue_xmit+0x654/0x8c0
[ 167.730479] ? packet_parse_headers+0xd8/0x110
[ 167.730485] packet_sendmsg+0xac1/0x1580
[ 167.730490] ? _cond_resched+0x16/0x40
[ 167.730494] ? aa_sk_perm+0x3e/0x1a0
[ 167.730500] sock_sendmsg+0x5e/0x60
[ 167.730506] sock_write_iter+0x97/0x100
[ 167.730512] new_sync_write+0x196/0x1b0
[ 167.730517] vfs_write+0x1c3/0x1f0
[ 167.730522] ksys_write+0xa7/0xe0
[ 167.730526] do_syscall_64+0x44/0xc0
[ 167.730532] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 167.730535] RIP: 0033:0x7f1661a21fb3
[ 167.730540] Code: 75 05 48 83 c4 58 c3 e8 cb 41 ff ff 66 2e 0f 1f 84 00 00 00 00 00 90 64 8b 04 25 18 00 00 00 85 c0 75 14 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 55 c3 0f 1f 40 00 48 83 ec 28 48 89 54 24 18
[ 167.730542] RSP: 002b:00007ffd650bfca8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 167.730545] RAX: ffffffffffffffda RBX: 000000000000002a RCX: 00007f1661a21fb3
[ 167.730547] RDX: 0000000000000036 RSI: 00007ffd650bfcd0 RDI: 0000000000000006
[ 167.730549] RBP: 000055913516c490 R08: ffffffff013a0040 R09: ed35307dc900ffff
[ 167.730551] R10: 0000ffffffffffff R11: 0000000000000246 R12: 00007ffd650bfcd0
[ 167.730552] R13: 000055913463ce90 R14: 00007ffd650c0df0 R15: 00000000000000c8
[ 167.730557] ---[ end trace 1a32cb0a9bf4e54d ]---
[ 167.730570] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 168.330618] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 168.930651] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 170.670043] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 171.270089] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 171.870124] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 184.606063] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 185.206114] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 185.806152] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 186.450686] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 186.451490] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 186.451580] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 186.451667] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 186.651793] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 186.651906] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 186.652018] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 189.666924] ath10k_warn: 49 callbacks suppressed
[ 189.666931] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 189.668172] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 189.668286] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 189.668394] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 189.868543] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 189.868832] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 189.868942] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 189.869049] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 190.470565] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 190.471938] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 194.741473] ath10k_warn: 58 callbacks suppressed
[ 194.741480] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 194.742679] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 194.742794] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 194.742901] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 195.344835] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 195.345118] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 195.346355] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 195.347158] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 195.547344] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 195.548580] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 199.815692] ath10k_warn: 50 callbacks suppressed
[ 199.815699] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 199.817020] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 199.817944] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 199.818142] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 200.018340] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 200.018613] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 200.018722] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 200.018830] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 200.218990] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 200.220230] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 204.891838] ath10k_warn: 70 callbacks suppressed
[ 204.891845] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 204.892159] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 204.892269] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 204.892377] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 205.092485] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 205.093840] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 205.094019] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 205.094176] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 205.294347] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 205.294887] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 209.911539] ath10k_warn: 78 callbacks suppressed
[ 209.911547] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 209.911840] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 209.911947] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 209.912051] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 210.112187] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 210.112479] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 210.112586] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 210.112690] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 210.312841] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 210.312954] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 214.969906] ath10k_warn: 90 callbacks suppressed
[ 214.969914] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 214.970028] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 214.970133] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 214.970237] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 215.170347] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 215.170469] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 215.170575] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 215.170679] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 215.370841] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 215.370957] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 220.026545] ath10k_warn: 90 callbacks suppressed
[ 220.026553] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 220.026840] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 220.026947] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 220.027051] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 220.227191] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 220.227306] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 220.227412] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 220.227516] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 220.427616] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
[ 220.427730] ath10k_pci 0000:02:00.0: failed to transmit frame: -524
my "uname -a" output :
Linux GetRektBoy724 5.8.0-kali2-amd64 #1 SMP Debian 5.8.10-1kali1 (2020-09-22) x86_64 GNU/Linux
i can use my QCA9377 on managed mode perfectly
THIS IS NOT KALI VM.......
pls help...any help is appreciated ;D :D ;)
-
Next time, attach dmesg output instead of pasting here. Plus, for any output, use the "code" tag to make it easier to read.
Reinstall Kali, update it and try again with the stock firmware. You'll also need to provide details on the commands you ran and the results you get.
-
my version of kali was the latest and im ready running apt update and apt upgrade several times
also if i use stock firmware,EVEN MONITOR MODE doesnt work and after i change itu to firmware-5,i get monitor mode to works
for enabling monitor mode,i use :
airmon-ng check kill
airmon-ng start wlan0
-
FYI, apt dist-upgrade upgrades more stuff than apt upgrade.
Which channel are you on when running aireplay-ng? What does iw list show?
-
apt dist-upgrade change nothing.
cause i have access to the router with other device...i exactly attack the channel that the AP runs which is channel 6
iw list show this :
Wiphy phy0
wiphy index: 0
max # scan SSIDs: 16
max scan IEs length: 195 bytes
max # sched scan SSIDs: 16
max # match sets: 16
max # scan plans: 2
max scan plan interval: 7200
max scan plan iterations: 100
Retry short limit: 7
Retry long limit: 4
Coverage class: 0 (up to 0m)
Device supports RSN-IBSS.
Device supports AP-side u-APSD.
Device supports T-DLS.
Supported Ciphers:
* WEP40 (00-0f-ac:1)
* WEP104 (00-0f-ac:5)
* TKIP (00-0f-ac:2)
* CCMP-128 (00-0f-ac:4)
* CMAC (00-0f-ac:6)
* CMAC-256 (00-0f-ac:13)
* GMAC-128 (00-0f-ac:11)
* GMAC-256 (00-0f-ac:12)
Available Antennas: TX 0x1 RX 0x1
Configured Antennas: TX 0x1 RX 0x1
Supported interface modes:
* IBSS
* managed
* AP
* monitor
* mesh point
* P2P-client
* P2P-GO
* P2P-device
Band 1:
Capabilities: 0x196f
RX LDPC
HT20/HT40
SM Power Save disabled
RX HT20 SGI
RX HT40 SGI
RX STBC 1-stream
Max AMSDU length: 7935 bytes
DSSS/CCK HT40
Maximum RX AMPDU length 65535 bytes (exponent: 0x003)
Minimum RX AMPDU time spacing: 8 usec (0x06)
HT TX/RX MCS rate indexes supported: 0-7
Bitrates (non-HT):
* 1.0 Mbps
* 2.0 Mbps (short preamble supported)
* 5.5 Mbps (short preamble supported)
* 11.0 Mbps (short preamble supported)
* 6.0 Mbps
* 9.0 Mbps
* 12.0 Mbps
* 18.0 Mbps
* 24.0 Mbps
* 36.0 Mbps
* 48.0 Mbps
* 54.0 Mbps
Frequencies:
* 2412 MHz [1] (20.0 dBm)
* 2417 MHz [2] (20.0 dBm)
* 2422 MHz [3] (20.0 dBm)
* 2427 MHz [4] (20.0 dBm)
* 2432 MHz [5] (20.0 dBm)
* 2437 MHz [6] (20.0 dBm)
* 2442 MHz [7] (20.0 dBm)
* 2447 MHz [8] (20.0 dBm)
* 2452 MHz [9] (20.0 dBm)
* 2457 MHz [10] (20.0 dBm)
* 2462 MHz [11] (20.0 dBm)
* 2467 MHz [12] (20.0 dBm) (no IR)
* 2472 MHz [13] (20.0 dBm)
* 2484 MHz [14] (disabled)
Band 2:
Capabilities: 0x196f
RX LDPC
HT20/HT40
SM Power Save disabled
RX HT20 SGI
RX HT40 SGI
RX STBC 1-stream
Max AMSDU length: 7935 bytes
DSSS/CCK HT40
Maximum RX AMPDU length 65535 bytes (exponent: 0x003)
Minimum RX AMPDU time spacing: 8 usec (0x06)
HT TX/RX MCS rate indexes supported: 0-7
VHT Capabilities (0x33907132):
Max MPDU length: 11454
Supported Channel Width: neither 160 nor 80+80
RX LDPC
short GI (80 MHz)
SU Beamformee
MU Beamformee
RX antenna pattern consistency
TX antenna pattern consistency
VHT RX MCS set:
1 streams: MCS 0-9
2 streams: not supported
3 streams: not supported
4 streams: not supported
5 streams: not supported
6 streams: not supported
7 streams: not supported
8 streams: not supported
VHT RX highest supported: 0 Mbps
VHT TX MCS set:
1 streams: MCS 0-9
2 streams: not supported
3 streams: not supported
4 streams: not supported
5 streams: not supported
6 streams: not supported
7 streams: not supported
8 streams: not supported
VHT TX highest supported: 0 Mbps
Bitrates (non-HT):
* 6.0 Mbps
* 9.0 Mbps
* 12.0 Mbps
* 18.0 Mbps
* 24.0 Mbps
* 36.0 Mbps
* 48.0 Mbps
* 54.0 Mbps
Frequencies:
* 5180 MHz [36] (30.0 dBm) (no IR)
* 5200 MHz [40] (30.0 dBm) (no IR)
* 5220 MHz [44] (30.0 dBm) (no IR)
* 5240 MHz [48] (30.0 dBm) (no IR)
* 5260 MHz [52] (30.0 dBm) (no IR, radar detection)
* 5280 MHz [56] (30.0 dBm) (no IR, radar detection)
* 5300 MHz [60] (30.0 dBm) (no IR, radar detection)
* 5320 MHz [64] (30.0 dBm) (no IR, radar detection)
* 5500 MHz [100] (30.0 dBm) (no IR, radar detection)
* 5520 MHz [104] (30.0 dBm) (no IR, radar detection)
* 5540 MHz [108] (30.0 dBm) (no IR, radar detection)
* 5560 MHz [112] (30.0 dBm) (no IR, radar detection)
* 5580 MHz [116] (30.0 dBm) (no IR, radar detection)
* 5600 MHz [120] (30.0 dBm) (no IR, radar detection)
* 5620 MHz [124] (30.0 dBm) (no IR, radar detection)
* 5640 MHz [128] (30.0 dBm) (no IR, radar detection)
* 5660 MHz [132] (30.0 dBm) (no IR, radar detection)
* 5680 MHz [136] (30.0 dBm) (no IR, radar detection)
* 5700 MHz [140] (30.0 dBm) (no IR, radar detection)
* 5720 MHz [144] (30.0 dBm) (no IR)
* 5745 MHz [149] (30.0 dBm) (no IR)
* 5765 MHz [153] (30.0 dBm) (no IR)
* 5785 MHz [157] (30.0 dBm) (no IR)
* 5805 MHz [161] (30.0 dBm) (no IR)
* 5825 MHz [165] (30.0 dBm) (no IR)
* 5845 MHz [169] (30.0 dBm) (no IR)
* 5865 MHz [173] (disabled)
Supported commands:
* new_interface
* set_interface
* new_key
* start_ap
* new_station
* new_mpath
* set_mesh_config
* set_bss
* authenticate
* associate
* deauthenticate
* disassociate
* join_ibss
* join_mesh
* remain_on_channel
* set_tx_bitrate_mask
* frame
* frame_wait_cancel
* set_wiphy_netns
* set_channel
* set_wds_peer
* tdls_mgmt
* tdls_oper
* probe_client
* set_noack_map
* register_beacons
* start_p2p_device
* set_mcast_rate
* connect
* disconnect
* channel_switch
* set_qos_map
* set_multicast_to_unicast
Supported TX frame types:
* IBSS: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
* managed: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
* AP: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
* AP/VLAN: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
* mesh point: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
* P2P-client: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
* P2P-GO: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
* P2P-device: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
Supported RX frame types:
* IBSS: 0x40 0xb0 0xc0 0xd0
* managed: 0x40 0xb0 0xd0
* AP: 0x00 0x20 0x40 0xa0 0xb0 0xc0 0xd0
* AP/VLAN: 0x00 0x20 0x40 0xa0 0xb0 0xc0 0xd0
* mesh point: 0xb0 0xc0 0xd0
* P2P-client: 0x40 0xd0
* P2P-GO: 0x00 0x20 0x40 0xa0 0xb0 0xc0 0xd0
* P2P-device: 0x40 0xd0
software interface modes (can always be added):
* monitor
valid interface combinations:
* #{ managed } <= 2, #{ AP, mesh point, P2P-client, P2P-GO } <= 2, #{ P2P-device } <= 1,
total <= 4, #channels <= 1
* #{ managed } <= 2, #{ P2P-client } <= 2, #{ AP, mesh point, P2P-GO } <= 1, #{ P2P-device } <= 1,
total <= 4, #channels <= 2
* #{ managed } <= 1, #{ IBSS } <= 1,
total <= 2, #channels <= 1
HT Capability overrides:
* MCS: ff ff ff ff ff ff ff ff ff ff
* maximum A-MSDU length
* supported channel width
* short GI for 40 MHz
* max A-MPDU length exponent
* min MPDU start spacing
Device supports TX status socket option.
Device supports HT-IBSS.
Device supports SAE with AUTHENTICATE command
Device supports scan flush.
Device supports AP scan.
Device supports per-vif TX power setting
Driver supports full state transitions for AP/GO clients
Driver supports a userspace MPM
Driver/device bandwidth changes during BSS lifetime (AP/GO mode)
Device supports static SMPS
Device supports configuring vdev MAC-addr on create.
Device supports randomizing MAC-addr in net-detect scans.
Maximum associated stations in AP mode: 32
Supported extended features:
* [ VHT_IBSS ]: VHT-IBSS
* [ RRM ]: RRM
* [ SET_SCAN_DWELL ]: scan dwell setting
* [ FILS_STA ]: STA FILS (Fast Initial Link Setup)
* [ CQM_RSSI_LIST ]: multiple CQM_RSSI_THOLD records
* [ CONTROL_PORT_OVER_NL80211 ]: control port over nl80211
* [ TXQS ]: FQ-CoDel-enabled intermediate TXQs
* [ AQL ]: Airtime Queue Limits (AQL)
* [ CONTROL_PORT_NO_PREAUTH ]: disable pre-auth over nl80211 control port support
* [ DEL_IBSS_STA ]: deletion of IBSS station support
* [ SCAN_FREQ_KHZ ]: scan on kHz frequency support
* [ CONTROL_PORT_OVER_NL80211_TX_STATUS ]: tx status for nl80211 control port support
:)
-
ok i see something weirdo
last time i check my injection capabilities using :
aireplay-ng -9 wlan0mon
but today i test running deauth attack with :
aireplay-ng --deauth 0 wlan0mon -a <myAPmacaddress>
and i see no errors at all...
does it show that the packet injection is working ?? :l
-
if i want to test my injection capabilities,i always run airodump-ng and aireplay-ng simultaneously so i can see if there is a change on the network.
aireplay-ng test flag is using directed probe method right? (correct me if i wrong)
yesterday i test my injection capabilities with aireplay-ng like always but i see something weirdo in here.....
so if run this :
aireplay-ng -9 wlan0mon
and then i see airodump-ng...all of the client's probe connected to my network was changed
is it a sign that the injection capabilities is working ???
pls answer misterx
-
When doing the injection test, you MUST be on a fixed channel. If you are hopping channels, it will not work correctly, and when not specifying one in airodump-ng will make it hop. Forgetting to kill network managers will do that as well.
Aireplay-ng will tell you if injection is successful, and it will ping access points. If you see anything more than 0/30, that means injection works. If it's 0, then there could be a few reasons: 1. Channel hopping 2. Too far. If you want to 100% confirm you can inject, you need another wireless card and capture on the same channel as the one you're injecting on, and aireplay-ng can handle that as well.
-
ok so first my channel was not hopping,second my script that i make to turn on monitor mode was automaticly kill network manager with :
airmon-ng check kill
third is there is no possible way it was too far,im sitting beside the router/AP.
im also have rtl8188eu and driver i use was from aircrack-ng github,i test it using aireplay-ng...it works perfectly.
you ask : why you dont use your rtl8188eu ??
my answer is : my rtl8188eu device is tp-link tl-wn722n v3 which is pretty bulky and i want to use my internal wifi card on my laptop
-
There is more than just network manager that can interfere. Are you using airmon-ng to do it?
Since you mention you have a separate card, you can actually check if your ath9k is actually injecting or not.
One last thing: being too close to the AP can be a problem as well: a signal too strong can get you packet loss as well.
-
yes im using airmon-ng to kill all the interferers program
my seperate card was rtl8188eu of course i use rtl8188eu driver and not ath9k,but if you know how to use ath9k driver for rtl8188eu chipset...i'll listen
i already test it on the different room,probably 3 meter from the AP and nothing changes... :(
-
i also see that ath9k reported successfuly do packet injection on newer kernel (i have 5.8.10)
do you know how to use ath9k firmware on qca9377 ??
-
Sorry, I meant ath10k. No, the firmware for ath9k will not work on ath10k.
-
so there is 2 card running on monitor mode right??
card number one is my qca9377
and card number two is my rtl8188eu checking wireshark if the qca9377 is actually injection or not
hmmm you're genius :)
-
uhh sadly its not working......
my rtl8188eu not capturing any deauthentication packet and my phone is still connected to the AP
do you have solution for the packet injection on ath10k misterx ???
-
misterx pls help me
at least response me if you dont know how to fix this
;) ;D :D :)
-
I don't know.
You can try https://www.candelatech.com/ath10k.php but you'll likely also need their specific driver.
-
ohh ok i'll try it
thx ;D ;D
-
i think im just go with intel ac 3165ngw with iwlwifi driver
http://en.techinfodepot.shoutwiki.com/wiki/Iwlwifi
its support monitor mode and packet injection,right misterx?
??? :D
-
Monitor mode yes, but I have mixed feeling on the injection with intel cards.
-
ok thx for the response....
wish me luck ;D ;D ;)
-
or do you have any other recommendation for internal wifi card with m.2 ngff slot that support monitor mode and packet injection??
-
https://deviwiki.com/wiki/Ath9k#Supported_chips
-
ah thx for all of the responses ;D ;D
you're really helpful :D :D
-
hey misterx
one last question pls :D
do you prefer intel 3165 or atheros QCNFA335 for packet injection and monitor mode ?
pls answer :D
its use QCA9565 chipset
-
well, considering what I said earlier, the answer is obvious: QCNFA335. I haven't used that particular model.
-
oh ok thx for the answer...i will close this thread now :)