You are not logged in.

#1 2018-12-12 15:10:52

shatt3red
Member
Registered: 2018-09-23
Posts: 37

airodump-ng <interface> shows nothing after 30 min of running

Hello,

I want to try out these WPA/wpa2-tools on my own home network, however I am unable to catch any sort of BSSID or anything really, with airodump-ng <myinterface> command.
for future references:

myinterface or interface = wlp2s0.

I did the following: 

1. set interface to monitor mode:  output of iw dev

2.

 sudo airmon-ng check kill.

3.

 sudo airmon-ng start <myinterface>.

4.

 airodump-ng <myinterface>.

If I am not wrong, after

iw list

command I can see that monitor mode is supported:
iw list output

Help very appreaciated.
Regards

Last edited by shatt3red (2018-12-12 15:28:34)

Offline

#2 2018-12-17 00:46:46

shadow19
Member
Registered: 2018-12-16
Posts: 15

Re: airodump-ng <interface> shows nothing after 30 min of running

Buy an external WiFi Card like ALFA Network.

Offline

#3 2018-12-17 13:58:47

shatt3red
Member
Registered: 2018-09-23
Posts: 37

Re: airodump-ng <interface> shows nothing after 30 min of running

shadow19 wrote:

Buy an external WiFi Card like ALFA Network.

Hello and thank you for replying!
May I ask why you said that? I mean is there nothing I can do, but buy external card?
Are you saying my interface is unable to capture anything?

Sorry for questions,
Best of regards
S

Offline

#4 2018-12-17 15:11:06

shadow19
Member
Registered: 2018-12-16
Posts: 15

Re: airodump-ng <interface> shows nothing after 30 min of running

Exactly, try to use an external WiFi card.
Regards.

Offline

#5 2018-12-17 15:21:29

seth
Member
Registered: 2012-09-03
Posts: 50,012

Re: airodump-ng <interface> shows nothing after 30 min of running

We don't even know what type of wifi-chip he's using…

@shatt3red, run "lsusb", check vendor and product of your wifi chip and google it along aircrack to get an idea whether it's effectively supported.
Also make sure there's something to monitor, not every AP yells its BSSID frequently into the wild. Have it eg. communicate w/ another device (your smartphone)

Also watch out for error messages etc.

Offline

#6 2018-12-17 15:22:07

shatt3red
Member
Registered: 2018-09-23
Posts: 37

Re: airodump-ng <interface> shows nothing after 30 min of running

ok tnx

Last edited by shatt3red (2018-12-17 15:22:45)

Offline

#7 2018-12-17 15:30:29

shatt3red
Member
Registered: 2018-09-23
Posts: 37

Re: airodump-ng <interface> shows nothing after 30 min of running

seth wrote:

We don't even know what type of wifi-chip he's using…

@shatt3red, run "lsusb", check vendor and product of your wifi chip and google it along aircrack to get an idea whether it's effectively supported.
Also make sure there's something to monitor, not every AP yells its BSSID frequently into the wild. Have it eg. communicate w/ another device (your smartphone)

Also watch out for error messages etc.


Thank you for reply Seth!

results of lsusb command:
results

If I understand correctly chip is Realtek Semiconductor Corp. I googled it with aircrack and I haven't seen anything saying that is not compatible.
If I am wrong let me know.
S

Last edited by shatt3red (2018-12-17 15:36:35)

Offline

#8 2018-12-17 16:23:51

seth
Member
Registered: 2012-09-03
Posts: 50,012

Re: airodump-ng <interface> shows nothing after 30 min of running

Nope, those are bluetooth, webcam and a fingerprint scanner.
Output of "lspci"?

Offline

#9 2018-12-17 17:22:47

shatt3red
Member
Registered: 2018-09-23
Posts: 37

Re: airodump-ng <interface> shows nothing after 30 min of running

seth wrote:

Nope, those are bluetooth, webcam and a fingerprint scanner.
Output of "lspci"?

Aha, you were right:

02:00.0 Network controller: Qualcomm Atheros QCA6174 802.11ac Wireless Network Adapter (rev 32)

if I google it I find a lot of problems when using this adapter hmm
However, people are able to solve this issues, if I understand correctly the issue is with drivers?
How should I proceed?
my guess is I need to install some driver from here?

currently installed driver:

configuration: broadcast=yes driver=ath10k_pci driverversion=4.19.2-arch1-1-ARCH firmware=RM.4.4.1.c2-00057-QCARMSWP-1

guthub driver

S

Last edited by shatt3red (2018-12-17 17:37:26)

Offline

#10 2018-12-17 21:18:39

seth
Member
Registered: 2012-09-03
Posts: 50,012

Re: airodump-ng <interface> shows nothing after 30 min of running

The thing is all over the interwebz :-(

Can you use the chip for normal wifi operations? In case you could try "rawmode=true cryptmode=1", see https://wiki.archlinux.org/index.php/Ke … le_options

Also run "dmesg -w" and pay attention to the output when running airodump

Offline

#11 2018-12-17 21:29:57

shatt3red
Member
Registered: 2018-09-23
Posts: 37

Re: airodump-ng <interface> shows nothing after 30 min of running

seth wrote:

The thing is all over the interwebz :-(

Can you use the chip for normal wifi operations? In case you could try "rawmode=true cryptmode=1", see https://wiki.archlinux.org/index.php/Ke … le_options

Also run "dmesg -w" and pay attention to the output when running airodump

what do you mean with normal wifi operations? if you mean connection to internet that's all I was doing so far.
S

Offline

#12 2018-12-17 21:41:48

seth
Member
Registered: 2012-09-03
Posts: 50,012

Re: airodump-ng <interface> shows nothing after 30 min of running

you mean connection to internet

Yes (and to leave no questions: aircrack is NOT to establish regular wifi connections, it's a wifi sniffer and penetration test)

Offline

#13 2018-12-17 21:43:10

shatt3red
Member
Registered: 2018-09-23
Posts: 37

Re: airodump-ng <interface> shows nothing after 30 min of running

ok, will post output of what you said above, and do what you reccomended me to do with module.
S

Last edited by shatt3red (2018-12-17 21:45:58)

Offline

#14 2018-12-17 22:30:47

shatt3red
Member
Registered: 2018-09-23
Posts: 37

Re: airodump-ng <interface> shows nothing after 30 min of running

seth wrote:

you mean connection to internet

Yes (and to leave no questions: aircrack is NOT to establish regular wifi connections, it's a wifi sniffer and penetration test)

So, I did this command:

modprobe ath10k_pci rawmode=1 cryptmode=1

also did dmesg -k and watched for network stuff, I didn't notice anything strange hmm
tell me if i did something wrong.
S

Offline

#15 2018-12-17 22:48:40

seth
Member
Registered: 2012-09-03
Posts: 50,012

Re: airodump-ng <interface> shows nothing after 30 min of running

did you previously unload the module?
The idea was to "dmesg -w" (which will follow) so you can see the direct impact of a monitoring attempt.

Offline

#16 2018-12-17 23:00:49

shatt3red
Member
Registered: 2018-09-23
Posts: 37

Re: airodump-ng <interface> shows nothing after 30 min of running

seth wrote:

did you previously unload the module?
The idea was to "dmesg -w" (which will follow) so you can see the direct impact of a monitoring attempt.

yes I did

I used the modprobe -r ath10k_pci to unload it.

ohh I understand the idea of dmesg now.
however, not working even after what I did.
S

Offline

#17 2018-12-18 10:34:36

seth
Member
Registered: 2012-09-03
Posts: 50,012

Re: airodump-ng <interface> shows nothing after 30 min of running

So it doesn't print anything?
You could paste a complete dmesg, but at this point I'm gonna side w / shadow19 - the ath10k chips seem, at least for now, not to support monitoring. You should however not buy some random external wifi dongle, but first check whether your candiate is gonna work.

Offline

#18 2018-12-18 13:55:29

shatt3red
Member
Registered: 2018-09-23
Posts: 37

Re: airodump-ng <interface> shows nothing after 30 min of running

seth wrote:

So it doesn't print anything?
You could paste a complete dmesg, but at this point I'm gonna side w / shadow19 - the ath10k chips seem, at least for now, not to support monitoring. You should however not buy some random external wifi dongle, but first check whether your candiate is gonna work.

seth how can I configure my modprobe config file so I am certain that I load those module parameters. I typed what I said in terminal, but I saw there is another way.
I will post dmesg output no worries.

Also, you have any dongle you would reccomend?

ALso I am trying to get this to work without buying anything, just because, I saw this: link to someone with solution
S

Last edited by shatt3red (2018-12-18 14:00:39)

Offline

#19 2018-12-18 15:21:50

seth
Member
Registered: 2012-09-03
Posts: 50,012

Re: airodump-ng <interface> shows nothing after 30 min of running

Since the firmware should be up to date (the post is > 1 yr old), the key seems to be "skip_otp=y"
I btw. didn't pay enough attention to your previous posts - all those parameters go to "ath10k_core", NOT " ath10k_pci"

Offline

#20 2018-12-18 20:51:28

shatt3red
Member
Registered: 2018-09-23
Posts: 37

Re: airodump-ng <interface> shows nothing after 30 min of running

seth wrote:

Since the firmware should be up to date (the post is > 1 yr old), the key seems to be "skip_otp=y"
I btw. didn't pay enough attention to your previous posts - all those parameters go to "ath10k_core", NOT " ath10k_pci"

Ohh my bad, I added those parameters to ath10k_pci hmm
I unloaded ath10k_core and added the skip_otp parameter, but how can I check that parameter got added?
S

Last edited by shatt3red (2018-12-18 21:08:03)

Offline

#21 2018-12-18 21:14:49

seth
Member
Registered: 2012-09-03
Posts: 50,012

Re: airodump-ng <interface> shows nothing after 30 min of running

Probably by ath10k_pci, just use some /etc/modprobe.d/ath10k_aircrack.conf or the kernel command line.

systool -vm ath10k_core

will tell you the actually used parameters.

Offline

#22 2018-12-18 21:18:32

shatt3red
Member
Registered: 2018-09-23
Posts: 37

Re: airodump-ng <interface> shows nothing after 30 min of running

seth wrote:

Probably by ath10k_pci, just use some /etc/modprobe.d/ath10k_aircrack.conf or the kernel command line.

systool -vm ath10k_core

will tell you the actually used parameters.

So yeah I can see this here:
ath10k_core

should I unset the parameters I falsely set in ath10k_pci?

Offline

#23 2018-12-18 21:30:16

seth
Member
Registered: 2012-09-03
Posts: 50,012

Re: airodump-ng <interface> shows nothing after 30 min of running

should I unset the parameters I falsely set in ath10k_pci?

Yes, of course. At best it's idempotent, at worst you're causing undefined behavior.

skip_otp is true, rawmode is false and cryptmode is HW.
From what I've read, I'd try adding "rawmode=y cryptmode=1" (next to skip_otp=y)

Offline

#24 2018-12-18 22:31:33

shatt3red
Member
Registered: 2018-09-23
Posts: 37

Re: airodump-ng <interface> shows nothing after 30 min of running

seth wrote:

should I unset the parameters I falsely set in ath10k_pci?

Yes, of course. At best it's idempotent, at worst you're causing undefined behavior.

skip_otp is true, rawmode is false and cryptmode is HW.
From what I've read, I'd try adding "rawmode=y cryptmode=1" (next to skip_otp=y)


So, I cannot set those parameters at all.

Last edited by shatt3red (2018-12-19 00:29:17)

Offline

#25 2018-12-18 23:18:55

Slithery
Administrator
From: Norfolk, UK
Registered: 2013-12-01
Posts: 5,776

Re: airodump-ng <interface> shows nothing after 30 min of running


No, it didn't "fix" anything. It just shifted the brokeness one space to the right. - jasonwryan
Closing -- for deletion; Banning -- for muppetry. - jasonwryan

aur - dotfiles

Offline

Board footer

Powered by FluxBB