I am using kali and was able to set the adapter to monitor mode using kimocoder driver

It seems to be a known issue on that dongles: <a class="issue-link js-issue-link"

Also please read this notice here: <a href="https://github.com/aircrack-ng/rtl8188

Pushed an update: <a class="commit-link" data-hovercard-type="commit" data-hoverca

unable to set channel with rtl8188eu,about zerbea/hcxdumptool

Comments (21)

ZerBea commented on June 16, 2024

It looks like the driver doesn't like the way hcxdumptool set the channel by SIOCSIWFREQ.
Please run:
$ iw dev wlan0 set channel 6
followed by
$ iw dev
and post the output.

from hcxdumptool.

ZerBea commented on June 16, 2024

It seems to be a known issue on that dongles:
lwfinger/rtl8188eu#203
ComNets-Bremen/TWIN#30

from hcxdumptool.

ZerBea commented on June 16, 2024

Also please read this notice here:
https://github.com/aircrack-ng/rtl8188eus

MONITOR MODE ATTENTION
There is a bug or interferrence with the driver and/or Network-Manager, so if you wan't to use the monitor mode, DON'T kill the network-manager or use airmon-ng (infact)

from hcxdumptool.

ZerBea commented on June 16, 2024

Pushed an update:
dd8925f

Now hcxdumptool print the error message received from the driver inside the brackets.
For example:
$ hcxdumptool -i wlp3s0f0u1 -c 14
initialization...
warning: unable to set channel 14 (Invalid argument) - removed this channel from scan list

In this case the user tried to set channel 14. The driver doesn't support this
and responds with: Invalid argument

Please update and post the error message - I'm sure it is a driver issue.

from hcxdumptool.

respz commented on June 16, 2024

I did not know those git entries you posted and the networkmanager.conf change. After changing the conf file and rebooting I tried again. Here it goes:

# iw dev wlan0 set channel 6
# iw dev
phy#0
	Interface wlan0
		ifindex 3
		wdev 0x1
		addr 10:62:eb:30:65:9b
		type managed
		txpower 13.00 dBm

Then, I updated sources, compiled and I run:

# git pull
remote: Enumerating objects: 14, done.
remote: Counting objects: 100% (14/14), done.
remote: Compressing objects: 100% (10/10), done.
remote: Total 14 (delta 7), reused 11 (delta 4), pack-reused 0
Unpacking objects: 100% (14/14), done.
From https://github.com/ZerBea/hcxdumptool
   0637f4c..dd8925f  master     -> origin/master
Updating 0637f4c..dd8925f
Fast-forward
 changelog     | 22 ++++++++++++++++++++++
 hcxdumptool.c |  9 ++++++---
 2 files changed, 28 insertions(+), 3 deletions(-)
# make
cc -O3 -Wall -Wextra -std=gnu99  -o hcxdumptool hcxdumptool.c 
# hcxdumptool -i wlan0 -c 14
initialization...
warning: NetworkManager is running with pid 433
warning: wpa_supplicant is running with pid 541
failed to set monitor mode: Operation not permitted
failed to init socket

Even though there is the "monitor mode attention" section, I had to kill network manager to set the device to monitor mode.

# kill 541
# hcxdumptool -i wlan0 -c 14
initialization...
warning: NetworkManager is running with pid 433
failed to set monitor mode: Operation not permitted
failed to init socket
# kill 433
# hcxdumptool -i wlan0 -c 14
initialization...
failed to set monitor mode: Operation not permitted
failed to init socket

And I set the device to monitor mode manually

# ip link set wlan0 down
# iw dev wlan0 set type monitor
# ip link set wlan0 up
# hcxdumptool -i wlan0 -c 14
initialization...
warning: unable to set channel 14 (removed this channel from scan list)
no available channel found in scan list

terminated...

I am puzzled because I can capture packages with airodump. It is just too manual using airodump, trying to connect to wifi networks from another device to generate the pkmid data and checking with aircrack latter if the handshakes are there.

from hcxdumptool.

ZerBea commented on June 16, 2024

Latest commits are not uploaded correctly, I did another commit. Please try it again
$ hcxdumptool -i wlan0 -c 1,6,11

Warning now should look like this:
warning: failed to set channel 1 (xxxxxx) - removed this channel from scan list
We need the error message in the brackets from the driver.

Also please set monitor mode by iw and then try to set channel:
$ ip link set wlan0 down
$ iw dev wlan0 set type monitor
$ ip link set wlan0 up
$ iw dev wlan0 set channel 11
$ iw dev

BTW:
aireplay-ng doesn't change channels. So we can't use it as reference for that issue.
"IMPORTANT: You must set your card to monitor mode and to the desired channel with airmon-ng prior to running any of the tests."
Read more here:
http://www.aircrack-ng.org/doku.php?id=injection_test

from hcxdumptool.

ZerBea commented on June 16, 2024

Please post also the output of:
$ hwinfo --wlan

from hcxdumptool.

ZerBea commented on June 16, 2024

Added another option: --ignore_warning
--ignore_warning : hcxdumptool will not terminate if other services take access on the device
: warning: expect problems if hcxdumptool tries to change channels

From now on, hcxdumptool will not terminate during the initalization
if another service take access on the interface. Expect problems if the service tries to change channel or hcxdumptool tries to change channel.

$ hcxdumptool -i wlp0s20f0u3 --ignore_warning
initialization...
warning: NetworkManager is running with pid 449
warning: wpa_supplicant is running with pid 498
interface is possible in use by another service

start capturing (stop with ctrl+c)
INTERFACE................: wlp0s20f0u3
ERRORMAX.................: 100 errors
FILTERLIST...............: 0 entries
MAC CLIENT...............: b4e1ebbd1fb3
MAC ACCESS POINT.........: 28ef01e8a2e7 (incremented on every new client)
EAPOL TIMEOUT............: 150000
REPLAYCOUNT..............: 62524
ANONCE...................: edbde4881adf034f909108fce3032451bf3326887c1e62065b0885e1480441b5

from hcxdumptool.

ZerBea commented on June 16, 2024

We have a possible similar issue in combination with NetworkManager and mt76x0 driver.
read more here:
openwrt/mt76#216 (comment)

That is the reason, why we run code that let hcxdumptool terminate, if NetworkManager is active.
--ignore_warning will disable this

from hcxdumptool.

ZerBea commented on June 16, 2024

BTW:
Please keep in mind that you are running a third party driver, which is patched from the staging driver by the aircrack-ng maintainer to work with aircrack-ng suite.
Also the maintainer mentioned a bug within the drivers monitor mode.

from hcxdumptool.

ZerBea commented on June 16, 2024

Pushed another update:
if option --ignore_warning is set, hcxdumptool doesn't check whether the interface is operational or not
(IFF_RUNNING). We only check that the interface is up (IFF_UP).

Now it should work with the modified NetworkManager.conf

[device]
wifi.scan-rand-mac-address=no

[ifupdown]
managed=false

[connection]
wifi.powersave=0

[main]
plugins=keyfile

[keyfile]
unmanaged-devices=mac:xx:xx:xx:xx:xx

from hcxdumptool.

respz commented on June 16, 2024

Did a git pull and compiled:

# git pull
remote: Enumerating objects: 21, done.
remote: Counting objects: 100% (21/21), done.
remote: Compressing objects: 100% (17/17), done.
remote: Total 21 (delta 9), reused 12 (delta 4), pack-reused 0
Unpacking objects: 100% (21/21), done.
From https://github.com/ZerBea/hcxdumptool
   dd8925f..f126b17  master     -> origin/master
Updating dd8925f..f126b17
Fast-forward
 README.md             |  4 ++++
 changelog             | 11 +++++++++++
 hcxdumptool.c         | 45 ++++++++++++++++++++++++++++++++++-----------
 include/hcxdumptool.h |  3 ++-
 4 files changed, 51 insertions(+), 12 deletions(-)

# make
cc -O3 -Wall -Wextra -std=gnu99  -o hcxdumptool hcxdumptool.c 
# make install
cc -O3 -Wall -Wextra -std=gnu99  -o hcxdumptool hcxdumptool.c 
install -m 0755 -D hcxdumptool /usr/local/bin/hcxdumptool
rm -f hcxdumptool
rm -f *.o *~

Latest commits are not uploaded correctly, I did another commit. Please try it again
$ hcxdumptool -i wlan0 -c 1,6,11

Warning now should look like this:
warning: failed to set channel 1 (xxxxxx) - removed this channel from scan list
We need the error message in the brackets from the driver.

# hcxdumptool -i wlan0 -c 1,6,11
initialization...
warning: NetworkManager is running with pid 463
warning: wpa_supplicant is running with pid 785
failed to set monitor mode: Operation not permitted
failed to init socket

Also please set monitor mode by iw and then try to set channel:
$ ip link set wlan0 down
$ iw dev wlan0 set type monitor
$ ip link set wlan0 up
$ iw dev wlan0 set channel 11
$ iw dev

phy#0
	Interface wlan0
		ifindex 3
		wdev 0x1
		addr 10:62:eb:30:65:9b
		type monitor
		txpower 13.00 dBm

Please post also the output of:
$ hwinfo --wlan

# hwinfo --wlan
14: USB 00.0: 0282 WLAN controller                              
  [Created at usb.122]
  Unique ID: ADDn.V1buGFi11QA
  Parent ID: k4bc.NE9nepdzT05
  SysFS ID: /devices/pci0000:00/0000:00:0b.0/usb1/1-1/1-1:1.0
  SysFS BusID: 1-1:1.0
  Hardware Class: network
  Model: "D-Link DWA-123 11n Adapter"
  Hotplug: USB
  Vendor: usb 0x2001 "D-Link"
  Device: usb 0x3310 "DWA-123 11n Adapter"
  Serial ID: "1062EB30659B"
  Driver: "rtl8188eu"
  Driver Modules: "8188eu"
  Device File: wlan0
  Features: WLAN
  Speed: 480 Mbps
  HW Address: 10:62:eb:30:65:9b
  Permanent HW Address: 10:62:eb:30:65:9b
  Link detected: yes
  WLAN channels: 1 2 3 4 5 6 7 8 9 10 11 12 13
  WLAN frequencies: 2.412 2.417 2.422 2.427 2.432 2.437 2.442 2.447 2.452 2.457 2.462 2.467 2.472
  WLAN bitrates: 1 2 5.5 11
  WLAN encryption modes: TKIP CCMP
  WLAN authentication modes: open wpa-psk wpa-eap
  Module Alias: "usb:v2001p3310d0000dc00dsc00dp00icFFiscFFipFFin00"
  Driver Info #0:
    Driver Status: r8188eu is not active
    Driver Activation Cmd: "modprobe r8188eu"
  Driver Info #1:
    Driver Status: 8188eu is active
    Driver Activation Cmd: "modprobe 8188eu"
  Config Status: cfg=new, avail=yes, need=no, active=unknown
  Attached to: #13 (Hub)

Then I made a few more tests (after setting to monitor mode manually):

-Running without killing processess

# hcxdumptool -i wlan0 -c 1,6,11
initialization...
warning: NetworkManager is running with pid 463
warning: wpa_supplicant is running with pid 785
warning: unable to set channel 1 (removed this channel from scan list)
warning: unable to set channel 6 (removed this channel from scan list)
warning: unable to set channel 11 (removed this channel from scan list)
no available channel found in scan list

terminated...

-Running after killing processess

# hcxdumptool -i wlan0 -c 1,6,11
initialization...
warning: unable to set channel 1 (removed this channel from scan list)
warning: unable to set channel 6 (removed this channel from scan list)
warning: unable to set channel 11 (removed this channel from scan list)
no available channel found in scan list

terminated...

-Running with ignore_warning set

# hcxdumptool -i wlan0 -c 1,6,11 --ignore_warning
initialization...
warning: unable to set channel 1 (removed this channel from scan list)
warning: unable to set channel 6 (removed this channel from scan list)
warning: unable to set channel 11 (removed this channel from scan list)
no available channel found in scan list

terminated...

And then, changing channel with iw dev:

# iwconfig wlan0
wlan0     IEEE 802.11b  ESSID:""  Nickname:"<WIFI@REALTEK>"
          Mode:Monitor  Channel:0  Access Point: Not-Associated   
          Sensitivity:0/0  
          Retry:off   RTS thr:off   Fragment thr:off
          Encryption key:off
          Power Management:off
          Link Quality=0/100  Signal level=-100 dBm  Noise level=0 dBm
          Rx invalid nwid:0  Rx invalid crypt:0  Rx invalid frag:0
          Tx excessive retries:0  Invalid misc:0   Missed beacon:0

# iw dev wlan0 set channel 11
# iwconfig wlan0
wlan0     IEEE 802.11b  ESSID:""  Nickname:"<WIFI@REALTEK>"
          Mode:Monitor  Frequency:2.462 GHz  Access Point: Not-Associated   
          Sensitivity:0/0  
          Retry:off   RTS thr:off   Fragment thr:off
          Encryption key:off
          Power Management:off
          Link Quality=0/100  Signal level=-100 dBm  Noise level=0 dBm
          Rx invalid nwid:0  Rx invalid crypt:0  Rx invalid frag:0
          Tx excessive retries:0  Invalid misc:0   Missed beacon:0

# iw dev wlan0 set channel 6
# iwconfig wlan0
wlan0     IEEE 802.11b  ESSID:""  Nickname:"<WIFI@REALTEK>"
          Mode:Monitor  Frequency:2.437 GHz  Access Point: Not-Associated   
          Sensitivity:0/0  
          Retry:off   RTS thr:off   Fragment thr:off
          Encryption key:off
          Power Management:off
          Link Quality=0/100  Signal level=-100 dBm  Noise level=0 dBm
          Rx invalid nwid:0  Rx invalid crypt:0  Rx invalid frag:0
          Tx excessive retries:0  Invalid misc:0   Missed beacon:0

# iw dev wlan0 set channel 1
# iwconfig wlan0
wlan0     IEEE 802.11b  ESSID:""  Nickname:"<WIFI@REALTEK>"
          Mode:Monitor  Frequency:2.412 GHz  Access Point: Not-Associated   
          Sensitivity:0/0  
          Retry:off   RTS thr:off   Fragment thr:off
          Encryption key:off
          Power Management:off
          Link Quality=0/100  Signal level=-100 dBm  Noise level=0 dBm
          Rx invalid nwid:0  Rx invalid crypt:0  Rx invalid frag:0
          Tx excessive retries:0  Invalid misc:0   Missed beacon:0

from hcxdumptool.

ZerBea commented on June 16, 2024

Ok, pushed another update, now we will retrieve the frequency, too
instead of:
warning: unable to set channel 11 (removed this channel from scan list)
we retrieve this message:
warning: unable to set channel 11 (24xx) - removed this channel from scan list
please do a git pull and test again

from hcxdumptool.

respz commented on June 16, 2024

Ok, now I got this:

# hcxdumptool -i wlan0 -c 1,6,11
initialization...
warning: NetworkManager is running with pid 461
warning: wpa_supplicant is running with pid 951
warning: unable to set channel 1 (241200000) - removed this channel from scan list
warning: unable to set channel 6 (243700000) - removed this channel from scan list
warning: unable to set channel 11 (246200000) - removed this channel from scan list
no available channel found in scan list

terminated...

from hcxdumptool.

respz commented on June 16, 2024

Could this be just a problem of number formatting before setting the channel?

from hcxdumptool.

ZerBea commented on June 16, 2024

Great, we got it.
The driver is reporting a wrong frequency! Normally we expect the frequency in MHz
1 / 2412MHz
6 / 2437MHz
11 / 2462MHz

I'll check how I can fix this.

from hcxdumptool.

ZerBea commented on June 16, 2024

Pushed another update: fixed issue if driver reports the frequency in Hz instead of MHz
Please try it.

from hcxdumptool.

respz commented on June 16, 2024

Sorry for the delay. I updated kali and had to reinstall wifi driver.
Ok, now it is working.

# hcxdumptool -i wlan0 -c 1,6,11
initialization...
warning: NetworkManager is running with pid 421
warning: wpa_supplicant is running with pid 743

start capturing (stop with ctrl+c)
INTERFACE................: wlan0
ERRORMAX.................: 100 errors
FILTERLIST...............: 0 entries
MAC CLIENT...............: b0ece1a33b3b
MAC ACCESS POINT.........: 586ed6b8141f (incremented on every new client)
EAPOL TIMEOUT............: 150000
REPLAYCOUNT..............: 62517
ANONCE...................: 2c3c16c327b298a3c21280a1afd3ebcce3b52ca0e633c7f1f271dd169ce0aa48

INFO: cha=6, rx=4889, rx(dropped)=43, tx=389, powned=0, err=0
INFO: cha=11, rx=12363, rx(dropped)=195, tx=1494, powned=1, err=0

I am going to let it run for a few minutes to see if it captures a some pkmids.
Thank you.

from hcxdumptool.

ZerBea commented on June 16, 2024

run hcxdumptool with option -enable_status=1
and close issue if everything is working like expected.

from hcxdumptool.

ZerBea commented on June 16, 2024

Great. Thanks for reported that issue. Now we can mark this driver as working in combination with hcxdumptool.

from hcxdumptool.

respz commented on June 16, 2024

I am glad that I could help.

from hcxdumptool.

unable to set channel with rtl8188eu about hcxdumptool HOT 21 CLOSED

Comments (21)

Related Issues (20)

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent