Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

Sorry Guest, you are banned from posting and sending personal messages on this forum.

This ban is not set to expire.

[leste]

I've been the past month trying to make aircrack-ng work with my main computer, which has a Qualcomm Atheros QCA6174 chipset. The wireless works fine on the ath10k drivers (that I had to install manually), and I know my network card supports monitor mode and injection(fonts: https://www.aircrack-ng.org/doku.php?id=compatibility_drivers see Chipset section, besides, I can use

Code: [Select]

nmap -sPto see all the devices connected to my network).

The problem is evident when i use

Code: [Select]

airmon-ng start wlan0 and

Code: [Select]

airodump-ng wlan0monnext, but airodump-ng does not detects any AP's. Killing processes like network-manager, wpa_supplicant and dhclient does not affect this output at all (neither with

Code: [Select]

service stop <process> nor with

Code: [Select]

airmon-ng check kill or

Code: [Select]

killall <process>.

My main lead is this output of

Code: [Select]

dmesg | grep -i ath10k:

Code: [Select]

[   11.772460] ath10k_pci 0000:02:00.0: pci irq msi oper_irq_mode 2 irq_mode 0 reset_mode 0
[glow=red,2,300][   12.090548] ath10k_pci 0000:02:00.0: firmware: failed to load ath10k/pre-cal-pci-0000:02:00.0.bin (-2)
[   12.090745] ath10k_pci 0000:02:00.0: Direct firmware load for ath10k/pre-cal-pci-0000:02:00.0.bin failed with error -2
[   12.090795] ath10k_pci 0000:02:00.0: firmware: failed to load ath10k/cal-pci-0000:02:00.0.bin (-2)
[   12.090985] ath10k_pci 0000:02:00.0: Direct firmware load for ath10k/cal-pci-0000:02:00.0.bin failed with error -2[/glow]
[   12.101282] ath10k_pci 0000:02:00.0: firmware: direct-loading firmware ath10k/QCA6174/hw3.0/firmware-5.bin
[   12.101297] ath10k_pci 0000:02:00.0: qca6174 hw3.2 target 0x05030000 chip_id 0x00340aff sub 1028:0310
[   12.101302] ath10k_pci 0000:02:00.0: kconfig debug 0 debugfs 0 tracing 0 dfs 0 testmode 0
[   12.103646] ath10k_pci 0000:02:00.0: firmware ver WLAN.RM.2.0-00088-QCARMSWPZ-1 api 5 features ignore-otp crc32 4dcf5871
[   12.729288] ath10k_pci 0000:02:00.0: firmware: direct-loading firmware ath10k/QCA6174/hw3.0/board-2.bin
[   12.730343] ath10k_pci 0000:02:00.0: board_file api 2 bmi_id N/A crc32 6fc88fe7
[   15.020077] ath10k_pci 0000:02:00.0: htt-ver 3.14 wmi-op 4 htt-op 3 cal otp max-sta 32 raw 0 hwcrypto 1

because I think the failures can be related. Some other outputs that might be interesting:

Code: [Select]

$airmon-ng start wlan0

Code: [Select]

Found 3 processes that could cause trouble.
If airodump-ng, aireplay-ng or airtun-ng stops working after
a short period of time, you may want to run 'airmon-ng check kill'

  PID Name
  652 NetworkManager
  858 wpa_supplicant
 6252 dhclient

PHY Interface Driver Chipset

phy0 wlan0 ath10k_pci Qualcomm Atheros QCA6174 802.11ac Wireless Network Adapter (rev 32)

(mac80211 monitor mode vif enabled for [phy0]wlan0 on [phy0]wlan0mon)
(mac80211 station mode vif disabled for [phy0]wlan0)

-------------

Code: [Select]

$aireplay -9 wlan0mon

Code: [Select]

18:47:12  Trying broadcast probe requests...
18:47:14  No Answer...
18:47:14  Found 0 APs


[misterx]

1. Issue airmon-ng check kill first as explained by the index page of aircrack-ng.org
2. There seems to be firmware issues
3. Is the card working in managed mode?
4. Why did you install the drivers?
5. What is the output of uname -a?

[leste]

1. I did, didn't work.
2. Yes, but I can use commands like nmap, netdiscover and iwlist scan, so it should work, right?
3. Yes, it works fine on managed mode.
4. Because every distro I've ever put on this computer didn't recognize the drivers at first, so I always have installed them manually ( on /lib/firmware/ath10k/QCA6174/hw...)
5.Linux localhost.localdomain 4.8.0-kali2-amd64 #1 SMP Debian 4.8.15-1kali1 (2016-12-23) x86_64 GNU/Linux

[misterx]

1. Calibration firmware, have you looked up the errors on google on how to solve those?
2. How did you install the driver? It should be built-in

[leste]

1. Yes, I've looked a lot. I think there is no one complaining about this error because it does not affect wireless connection.
2. I cloned the firmware files https://github.com/kvalo/ath10k-firmware to /lib/firmware/ath10k/. It's not built-in because it's a relatively new network card (heard Fedora 25 already includes it, but I haven't checked yet).

Some output that might be useful:

after airmon-ng start wlan0:

Code: [Select]

root@localhost:/home/leste# iwconfig
eth0      no wireless extensions.

lo        no wireless extensions.

wlan0mon  IEEE 802.11  Mode:Monitor  Frequency:2.457 GHz  Tx-Power=0 dBm   
          Retry short limit:7   RTS thr:off   Fragment thr:off
          Power Management:on
         


[misterx]

OK, but what about the driver that you mention you had to install manually. Where do you get it from?

[leste]

Sorry, I  confused the terms. What I installed manually was just the firmware

[misterx]

Out of curiosity, what are the results with the stock firmware (firmware-4.bin) ?

And by the way, when running injection test, make sure you're on a channel with APs.

[leste]

Yes, I am doing it with many AP's nearby, although airodump-ng caches nothing. What do you mean by the results?

[misterx]

Stuff being displayed in Airodump-ng and maybe results in the injection test.

[leste]

Airodump-ng displays nothing, and the injection fails.

[syn111]

same card, same dmesg warnings, airmon-ng displays nothing.

[kens]

Same problem here with Qualcomm Atheros QCA6174 on ath10k firmware.
Tried almost anything, including manual firmware install, but without any success, airodump-ng keeps scanning through channels and cant find anything.

[muchi]

Joined just to say i have the same issue on same chipset on killer 1535. I dont think monitor mode is supported on firmware 3.0 but was on 2.1. Need someone to create a patch for injection and monitor mode

[misterx]

I heard recently you might have to use some parameters when loading the ath10k driver for monitor mode. rawmode on ath10k_core and maybe set cryptmode to 1 (software).