User Tools

Site Tools


install_drivers

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
install_drivers [2009/01/06 23:41]
netrolller3d Replace an anti-ath5k sentence with two-way instructions. (Ath5k is going to be the default driver in BT4, and is no longer "experimental".)
install_drivers [2018/10/05 23:27] (current)
mister_x [Driver compilation] Update links to Kali patches
Line 1: Line 1:
 ====== Installing Drivers ====== ====== Installing Drivers ======
 +===== Linux =====
  
 +==== Open Source drivers ====
 +Nowadays, most open source drivers make use of cfg80211 (and sometimes mac80211). There are 2 types of wireless cards:
 +  * FullMac
 +  * SoftMac
  
 +Here is a picture on how the different parts, cfg80211/​mac80211/​nl80211,​ work together ([[https://​stackoverflow.com/​questions/​21456235/​how-nl80211-library-cfg80211-work|original StackOverflow post]]):
  
 +{{https://​i.stack.imgur.com/​TNLK1.png}}
  
 +Staging drivers are stand alone drivers that are not ready to be merged in the kernel for various reasons such code not ready or driver not stable enough for example.
  
 +[[https://​wireless.wiki.kernel.org/​|Linux-wireless wiki]] is an excellent resource regarding the different drivers.
  
-===== Linux ===== +===FullMac=== 
-As of now, Aireplay-ng only supports injection on Prism2, PrismGT ​(FullMAC), Atheros, Broadcom ​(with the b43 driver), RTL8180, RTL8187RalinkACX1xx ​and ZydasInjection on** HermesAironet and Marvell** is not supported because ​of firmware ​and/or driver limitations. + 
-\\+Those wireless cards have [[https://​wireless.wiki.kernel.org/​en/​developers/​documentation/​glossary#​mlme|MLME]] ​(MAC subLayer Management Entityhandled in hardware usually for power savings reasons ​(such as smartphonestabletsSBC and IoT). 
 + 
 +With a few exceptionsnone of those cards support monitor mode and injection.
  
-There are two families of drivers - ieee80211 and mac80211. ​ Basically, mac80211 is starting to replace ieee80211. ​ See [[install_drivers#​mac80211_versus_ieee80211_stacks|this write-up]] for more detail. ​ Where the mac80211 version of the driver is stable and supports injection, that should be your first choice. ​ Keeping in mind that mac80211 is only well supported starting in about 2.6.25 and up kernels. ​ However, in many cases, only legacy ieee80211 drivers exist for injection.+===SoftMac===
  
-Nearly all non-mac80211 drivers that can support injection need to be patched to support injection ​in **Monitor mode**. ​ On the other hand, the mac80211 versions of the drivers generally only need the mac80211 ​core itself patched to support the fragmentation attack.+SoftMac wireless cards have MLME handled ​in software with mac80211.
  
-Remember you cannot use both ieee80211 and mac80211 versions ​of the same driver at the same time.  You must decide to use one or the other, not both.  If you try loading both, one will fail.  So you must consciously decide which one you wish to use and blacklist the other one if you have both on your system.+Most of those do support capture ​and injection (with a few exceptions).
  
-Also keep in mind that the mac80211 driver versions ​are still immature compared to the ieee80211 versions ​Getting the mac80211 infrastructure working properly requires more linux skills ​and poses some risks to your system You are dealing with "​bleeding edge" software So unless you have good linux skills ​and are prepared for problems, consider using the ieee80211 versions for now+==== Vendor drivers ==== 
-\\+ 
 +Vendor drivers have their own stack and are often called STA driversThey are usually limited to Managed mode (client) ​and sometimes Infrastructure (limited Access Point features) in order to share an Internet connection (tethering)They can be open source or closed source (or a mix of both). 
 + 
 + 
 +Most of them won't support monitor mode (and injection).  
 + 
 + 
 +==== Driver compilation ====
  
 You will need the following to compile drivers: You will need the following to compile drivers:
-  * Linux kernel headers that match your current running kernel. On openSUSE, the kernel sources also must be installed.+  * Linux kernel headers that match your current running kernel. On openSUSE, the kernel sources also must be installed.  Depending on the driver and distribution,​ you must install the full kernel sources as well.
   * The same **gcc** version that was used to compile your kernel. At least make sure that the first two version numbers or the compiler are the same (e.g. it's OK to use gcc **3.4**.6 to compile the driver if the kernel was compiled by gcc **3.4**.2). Ignoring this rule will cause **Invalid module format** errors during module load. That can be checked via /​proc/​version.   * The same **gcc** version that was used to compile your kernel. At least make sure that the first two version numbers or the compiler are the same (e.g. it's OK to use gcc **3.4**.6 to compile the driver if the kernel was compiled by gcc **3.4**.2). Ignoring this rule will cause **Invalid module format** errors during module load. That can be checked via /​proc/​version.
-  * Always use latest patches ​that you can find [[http://patches.aircrack-ng.org/|here]] +  * Always use the latest patches ​from Kali: 
-\\ +    * [[https://git.kali.org/gitweb/?​p=packages/​linux.git;​a=blob_plain;​f=debian/​patches/​features/​all/​kali-wifi-injection.patch;​hb=refs/​heads/​kali/​master|kali-wifi-injection.patch]] 
-Noteif you're using drivers provided by your distribution,​ they are NOT patched. +    * [[https://git.kali.org/​gitweb/?​p=packages/​linux.git;​a=blob_plain;​f=debian/​patches/​features/​all/​wireless-carl9170-Enable-sniffer-mode-promisc-flag-t.patch;​hb=refs/​heads/​kali/​master|wireless-carl9170-Enable-sniffer-mode-promisc-flag-t.patch]]
-\\+
  
-The following are detailed instructions for installing/​patching the ieee80211 versions of the drivers: 
  
-  ​[[acx]] +**Note**: if you're using drivers provided by your distribution,​ they are NOT patched.
-  ​[[broadcom|bcm43xx]] +
-  ​[[HostAP]] (prism2) +
-  ​[[ipw2200]] +
-  * [[ipw3945]] +
-  * [[madwifi|madwifi-old]]  +
-  * [[madwifi-ng]] +
-  * [[prism54]]  +
-  * [[r8180-sa2400]] +
-  * [[r8187]] +
-  * [[r8187b]] +
-  * [[rt2500]] +
-  * [[rt2570]] +
-  * [[rt2870]] +
-  * [[rt61]] +
-  * [[rt73]] +
-  * [[wlan-ng]] (prism2) +
-  * [[zd1211rw]]+
  
-\\ 
-For fragmentation support, all mac80211 drivers require the mac80211 core to be patched: 
  
-  * [[mac80211|mac80211 core patching ​instructions]]+General information about patching drivers plus troubleshooting tips can be found in the [[patching|How To Patch Drivers Tutorial]].
  
-The mac80211 link above also contains information regarding which mac80211 drivers work with the aircrack-ng suite.+Refer to your distribution way of compiling kernels:
  
-In addition, the following mac80211 drivers require extra patches to enable or improve monitoring or injection support (purpose of the patch is in parentheses):+  * [[https://​www.debian.org/​releases/​jessie/​i386/​ch08s06.html.en|Debian]]-based distributions 
 +  * [[https://​wiki.ubuntu.com/​Kernel/​BuildYourOwnKernel|Ubuntu]]-based distributions 
 +  * [[https://​www.suse.com/​communities/​blog/​compiling-de-linux-kernel-suse-way/​|OpenSUSE]] 
 +  * [[https://​access.redhat.com/​documentation/​en-US/​Red_Hat_Enterprise_Linux/​3/​html/​System_Administration_Guide/​s1-custom-kernel-modularized.html|RedHat]] 
 +  * [[https://​wiki.gentoo.org/​wiki/​Kernel|Gentoo]] 
 +  * [[https://​wiki.archlinux.org/​index.php/​Kernels/​Arch_Build_System|ArchLinux]] 
 +  * [[https://​fedoraproject.org/​wiki/​Building_a_custom_kernel|Fedora]] 
 +  * [[https://​wiki.centos.org/​HowTos/​Custom_Kernel|CentOS]]
  
-  * [[iwlagn]] (allow injection in 2.6.25/.26, formerly called iwl4965) +==== Compat-Wireless / Linux backports ====
-  * [[rtl8187]] (improve injection speed) +
-  * [[zd1211rw-mac80211]] (fully disable packet filtering in monitor mode)+
  
-\\ +**NOTE**: They are not currently maintained due to lack of time.
-**Note**: For other drivers, simply follow the standard installing procedure for your distribution.+
  
 +[[https://​backports.wiki.kernel.org/​index.php/​Main_Page|Linux-backports]] used to be known as Compat-wireless.
  
 +As mentioned previously, the mac80211 drivers quite often support injection out of the box in recent kernels. ​ The mac80211 drivers are improving very rapidly. ​ Sometimes you want to try the latest mac80211 driver without recompiling your entire kernel. ​ This is where Linux-backports comes in.  You can now download a package which lets you compile and install the latest advances on the Linux wireless subsystem and get some of the latest drivers without having to recompile your entire kernel. This package adds mac80211, mac80211 drivers, and any new FullMAC driver which has had fairly recent updates. ​
  
-===== Windows =====+For full details see the Aircrack-ng [[compat-wireless|Compat-Wireless documentation]].
  
-On windows, currently, only monitoring is supported. Stock drivers doesn'​t support monitoring, you'll have to install [[http://​www.wildpackets.com/​support/​downloads/​drivers|wildpacket]] driver. ​ For Atheros chipsets, if your model isn't listed or your are unsure as to which driver applies, simply download the latest version). \\ 
-\\ 
-To make it short, all Atheros cards should be supported. Centrino or USB adapter are not supported. \\ 
-See [[compatibility_drivers|Compatibility,​ Drivers, Which Card to Purchase]] for a complete list of supported chipsets. \\ 
-In 1.0, [[Airpcap]] adapter will be supported. 
-\\ 
-\\ 
-  * [[wildpacket_driver_install|Installing wildpacket drivers]] 
-\\ 
  
  
-===== Troubleshooting ​=====+==== Troubleshooting ====
  
-This troubleshooting information applies to linux only.  The individual driver pages may have additional troubleshooting information specific to that driver. ​ This troubleshooting information provides general information which applies to all drivers.+This troubleshooting information applies to Linux only.  The individual driver pages may have additional troubleshooting information specific to that driver. ​ This troubleshooting information provides general information which applies to all drivers.
  
 You will need to do a bit of homework first prior to following the troubleshooting tips below. ​ Be sure you know the chipset in your wireless device. ​ Follow this tutorial [[compatible_cards|Tutorial:​ Is My Wireless Card Compatible?​]] to determine the chipset if you don't already know it.  Based on the chipset, determine the proper driver and in turn the kernel modules for it.  To do this, you may have to search the internet, the forum and the distribution support. You will need to do a bit of homework first prior to following the troubleshooting tips below. ​ Be sure you know the chipset in your wireless device. ​ Follow this tutorial [[compatible_cards|Tutorial:​ Is My Wireless Card Compatible?​]] to determine the chipset if you don't already know it.  Based on the chipset, determine the proper driver and in turn the kernel modules for it.  To do this, you may have to search the internet, the forum and the distribution support.
Line 87: Line 81:
  
  
-==== Hardware Verification ​====+=== Hardware Verification ===
  
 The first critical step is to ensure that your wireless device is recognized by your system. ​ There are a variety of methods to verify that your system did this successfully. ​ Here are some methods: The first critical step is to ensure that your wireless device is recognized by your system. ​ There are a variety of methods to verify that your system did this successfully. ​ Here are some methods:
  
-  * The "​dmesg"​ command can quite often contain detailed messages indicating that the wirelss ​devices was properly detected.+  * The "​dmesg"​ command can quite often contain detailed messages indicating that the wireless ​devices was properly detected.
   * If the card is an ISA card, you are usually out of luck.    * If the card is an ISA card, you are usually out of luck. 
   * If the card is a PCI card (miniPCI/​miniPCI Express/PCI Express), you need to use the command "​lspci"​ to display the card identification strings.   * If the card is a PCI card (miniPCI/​miniPCI Express/PCI Express), you need to use the command "​lspci"​ to display the card identification strings.
   * If the hardware is a USB dongle, you need to use the command "​lsusb"​ to display the dongle identification strings. In some case, "​lsusb"​ doesn'​t work (for example if usbfs is not mounted), and you can get the identification strings from the kernel log using "​dmesg"​ (or in /​var/​log/​messages). ​   * If the hardware is a USB dongle, you need to use the command "​lsusb"​ to display the dongle identification strings. In some case, "​lsusb"​ doesn'​t work (for example if usbfs is not mounted), and you can get the identification strings from the kernel log using "​dmesg"​ (or in /​var/​log/​messages). ​
-  * If the card is a Cardbus card (32 bits Pcmcia), and if you are using kernel 2.6.X or kernel 2.4.X with the kernel ​Pcmcia ​subsystem, you need to use the command "​lspci"​ to display the card identification strings. If the card is a Cardbus card (32 bits Pcmcia), and if you are using an older kernel with the standalone ​Pcmcia ​subsystem, you need to use the command "​cardctl ident" display the card identification strings. Try both and see what comes out.  +  * If the card is a Cardbus card (32 bits PCMCIA), and if you are using kernel 2.6.X or kernel 2.4.X with the kernel ​PCMCIA ​subsystem, you need to use the command "​lspci"​ to display the card identification strings. If the card is a Cardbus card (32 bits PCMCIA), and if you are using an older kernel with the standalone ​PCMCIA ​subsystem, you need to use the command "​cardctl ident" display the card identification strings. Try both and see what comes out.  
-  * If the card is a true Pcmcia ​card (16 bits), and if you are using kernel 2.6.14 or later, you need to use the command "​pccardctl ident" to display the card identification strings. If the card is a true Pcmcia ​card (16 bits), and if you are using an older kernel, you need to use the command "​cardctl ident" display the card identification strings. Note that cardmgr will also write some identification strings in the message logs (/​var/​log/​daemon.log) that may be different from the real card identification strings.+  * If the card is a true PCMCIA ​card (16 bits), and if you are using kernel 2.6.14 or later, you need to use the command "​pccardctl ident" to display the card identification strings. If the card is a true PCMCIA ​card (16 bits), and if you are using an older kernel, you need to use the command "​cardctl ident" display the card identification strings. Note that cardmgr will also write some identification strings in the message logs (/​var/​log/​daemon.log) that may be different from the real card identification strings. Usually 16bit PCMCIA cards can be easily identified by the sticker on the bottom of the card with tick boxes or information indicating its a 5V card.
  
 Needless to say, if your wireless device is not detected by your system, you will have to investigate and correct the problem. Needless to say, if your wireless device is not detected by your system, you will have to investigate and correct the problem.
  
-==== Modprobe ​====+ 
 +=== Modprobe ===
  
 Start by running "​modprobe <kernel module name>"​. Start by running "​modprobe <kernel module name>"​.
  
  
 +=== View iwconfig output ===
 +Run the "​iwconfig"​ command and look for wireless devices. ​ Based on the driver, look for an appropriately named interface such as wlan0, wlsp0, etc.  The presence indicates that at least the driver is loaded. ​ The absence likely means it did not.  This at least gives you a starting point on the problem solving. ​
  
  
-==== View iwconfig ​output ===+=== View dmesg output ===
-Run the "​iwconfig"​ command and look for wireless devices. ​ Based on the driver, look for an appropriately named interface such as ath0, rausb0, etc.  The presence indicates that at least the driver is loaded. ​ The absence likely means it did not.  This at least gives you a starting point on the problem solving.+
  
-A common problem is that your system has both ieee80211 ​and mac80211 versions of the drivers.  ​Having wmaster0 typically indicates you are using the new mac80211 drivers. ​ Having wifi0 or eth0 typically means you are using the older (legacy) ieee80211 drivers. Having both wmaster0 and wifi0/eth0 (as well as weird interface names like wlan0_rename) might indicate a udev problem. ​ Based on what which ones you really want, you may have to blacklist or move one or more drivers.+Run the "​dmesg"​ command and look for errors relating to your wireless device. ​ At a minimum there should be some messages relating to your device loading ​and the module initializing it.  ​If there are no messages ​or errors, you will have to investigate and correct the problem.
  
 +Two common issues are:
  
-==== View dmesg output ====+ * "​unknown symbol"​. 
 + * Missing firmware
  
-Run the "​dmesg"​ command and look for errors relating to your wireless ​device. ​ At minimum there should be some messages relating ​to your device loading ​and the module initializing ​it.  If there are no messages or errorsyou will have to investigate ​and correct ​the problem.+=== Missing firmware === 
 + 
 +Some wireless ​cards require ​firmware ​to work. 
 + 
 +The message is very clearly detailed in dmesg, it will tell what filename is missing ​and where it is expecting ​it. In some casesthe driver can fall back and try previous version of the firmware.
  
-See the next entry of a problem commonly seen: "​unknown symbol"​.+Files can be manually added to fix the issue but most of the time, firmwares can be found in package (such as firmware-linux or firmware-linux-nonfree).
  
-==== "​unknown symbol"​ error ====+=== "​unknown symbol"​ error ===
  
 When loading the driver kernel module you get a "​unknown symbol"​ error message for one more field names. ​ Sometimes you will see this in the dmesg output as well.  This is caused by module you are loading not being matching the kernel version you are running. When loading the driver kernel module you get a "​unknown symbol"​ error message for one more field names. ​ Sometimes you will see this in the dmesg output as well.  This is caused by module you are loading not being matching the kernel version you are running.
Line 127: Line 129:
 If you use the RPM package manager then "rpm -qa | grep kernel"​. ​ So if you get something like: If you use the RPM package manager then "rpm -qa | grep kernel"​. ​ So if you get something like:
  
-   kernel-headers-2.6.24.4-64.fc8 +  ​kernel-tools-libs-3.10.0-514.2.2.el7.x86_64 
-   ​kernel-2.6.24.4-64.fc8 +  kernel-headers-3.10.0-514.2.2.el7.x86_64 
-   ​kernel-devel-2.6.24.4-64.fc8 +  kernel-3.10.0-514.2.2.el7.x86_64 
-   ​kernel-headers-2.6.24.1-15.fc8 +  kernel-3.10.0-327.13.1.el7.x86_64 
-   ​kernel-2.6.24.1-15.fc8 +  kernel-devel-3.10.0-327.el7.x86_64 
-   ​kernel-devel-2.6.24.1-15.fc8+  kernel-devel-3.10.0-514.2.2.el7.x86_64 
 +  kernel-devel-3.10.0-327.18.2.el7.x86_64 
 +  kernel-tools-3.10.0-514.2.2.el7.x86_64 
 +  kernel-devel-3.10.0-327.13.1.el7.x86_64 
 +  kernel-3.10.0-327.18.2.el7.x86_64 
 +  kernel-3.10.0-327.el7.x86_64
  
 In the example above, there are kernel headers and a kernel development package that match the kernel we are running. ​ If you are missing them, the use yum or equivalent on your distribution to install them such as: In the example above, there are kernel headers and a kernel development package that match the kernel we are running. ​ If you are missing them, the use yum or equivalent on your distribution to install them such as:
Line 139: Line 146:
    yum -y install kernel-devel    yum -y install kernel-devel
  
-Lets assume that "uname -r" returned "2.6.24.4-64.fc8" then all the 2.6.24.1-15 ones are old and need to be removed. ​ So you remove all the old ones:+Lets assume that "uname -r" returned "3.10.0-514.2.2.el7.x86_64" then all the 3.10.0-327 ones are old and need to be removed. ​ So you remove all the old ones:
  
-   rpm -e 2.6.24.4-64.fc8 +   rpm -e kernel-3.10.0-327.13.1.el7.x86_64 
-   rpm -e kernel-2.6.24.1-15.fc8 +   ​rpm ​-e kernel-devel-3.10.0-327.el7.x86_64 
-   rpm -e kernel-devel-2.6.24.1-15.fc8+   rpm -e kernel-devel-3.10.0-327.18.2.el7.x86_64 
 +   rpm -e kernel-devel-3.10.0-327.13.1.el7.x86_64 
 +   rpm -e kernel-3.10.0-327.18.2.el7.x86_64 
 +   rpm -e kernel-3.10.0-327.el7.x86_64
  
 Also change to "/​lib/​modules"​ and do a directory listing and remove any directory referring to old kernel versions. Also change to "/​lib/​modules"​ and do a directory listing and remove any directory referring to old kernel versions.
Line 150: Line 160:
  
  
-==== View lsmod output ​====+=== View lsmod output ===
  
 Run the "​lsmod"​ command can be used to see the loaded modules. ​ Confirm that the kernel module for your wireless device is actually loaded. ​ If it is not loaded, you will have to investigate and correct the problem. Run the "​lsmod"​ command can be used to see the loaded modules. ​ Confirm that the kernel module for your wireless device is actually loaded. ​ If it is not loaded, you will have to investigate and correct the problem.
Line 157: Line 167:
  
  
-==== View modinfo output ​====+=== View modinfo output ===
  
 Run "​modinfo <kernel module name>"​. ​ This will confirm the module is actually in the modules tree.  As well, confirm it is the correct version. ​ Do a "ls -l <file location per modinfo>"​ and confirm the date matches when you compiled it.  It is not uncommon that you are not running the correct module version. Run "​modinfo <kernel module name>"​. ​ This will confirm the module is actually in the modules tree.  As well, confirm it is the correct version. ​ Do a "ls -l <file location per modinfo>"​ and confirm the date matches when you compiled it.  It is not uncommon that you are not running the correct module version.
  
 +=== Laptop Specific ===
  
 +Some laptops have a BIOS setting and/or a physical switch to enable/​disable internal wireless cards. ​ Make sure that these are are all "​turned on" so that your wireless card is operational.
  
 +This can be verified in userspace using //rfkill// tool:
  
 +To list wireless devices and their status:
  
-==== Blacklisting ====+  rfkill list all
  
-common problem on newer kernels is that the new mac80211 version of the driver gets loaded instead of the older legacy driver, or vice versa If that is the case, then you need to blacklist the wrong modules ​by editing /​etc/​modprobe.d/​blacklist. ​ First, determine the broken module names and add them to the blacklist file as "​blacklist <module name>"​.+hard block refers to the physical/​BIOS switchThe soft block is a software block to disable wireless usually done by network managers.
  
-Specifically for madwifi-ngdo a locate or find for ath5k.ko. ​ If ath5k.ko exists then add "​blacklist ath5k" to /​etc/​modprobe.d/​blacklist and reboot. +In order to disable a soft block, the following command will enable wireless functions of all wireless cards on the system:
-Same for the other way aroundif you want to load ath5k, but madwifi-ng gets loaded instead, add "​blacklist ath_pci"​ to /​etc/​modprobe.d/​blacklist.+
  
 +  rfkill unblock all
  
 +Notes:
  
-==== Reload Driver ==== +  - A specific wireless interface can be unblocked. 
-Although it is not very "​scientific",​ sometimes simply unloading then reloading the driver will get it working.  ​This is done with the rmmod and modprobe commands.+  - For obvious reasons, only a soft block can be disabled.
  
-For b43 and b43legacy, it might also be necessary to reload the underlying SSB module. Similarly, rt2x00 and p54 might need reloading of the common modules (p54common, rt2x00lib, rt2x00usb, rt2x00pci). Sometimes (especially with mac80211 drivers), reloading the stack (for example, modules "​cfg80211"​ and "​mac80211"​) might do the trick. +===== Windows =====
- +
- +
- +
- +
- +
- +
- +
- +
-==== mac80211 versus ieee80211 stacks ​==== +
-There is a new wireless stack starting in the mainline kernel since 2.6.22 called mac80211. ​ As newer versions of the kernel get released more and more wireless devices are being supported by it.  It has the huge advantage of being included in the kernel itself. ​ The mac80211 stack has features such as software MAC (media access controller),​ hostapd, WEP, WPA, WME, a "​link-layer bridging module,"​ and a QoS (quality of service) implementation. ​ Of specific interest to aircrack-ng is native monitor mode and injection support. +
- +
-The legacy drivers use the ieee80211 or net80211 stacks. ​ And quite often there is one stack per wireless device. ​ Depending on the driver, it does not provide native monitor mode or injection support. +
- +
-So with this as background, here is troubleshooting information for problems that arise when both stacks are installed on a system. ​ There are four classes of problems: +
- +
-  * The mac80211 driver for your wireless device is not stable or the monitor mode / injection functionality is not working well. +
-  * You are using a mac80211 driver, but your aircrack-ng version is too old to support Radiotap. +
-  * You are using the legacy driver for your device and want to switch to the mac80211 driver. +
-  * The old and new modules conflict. +
- +
-You can tell if you are running the new mac80211 stack based on the kernel version or you likely get an error message similar to: +
- +
-   ​airmon-ng start wlan0 +
- +
-   ​Interface ​      ​Chipset ​        ​Driver +
-    +
-   ​wlan0 ​                  ​iwl4965 - [phy0]/​usr/​sbin/​airmon-ng:​ line 338: /​sys/​class/​ieee80211/​phy0/​add_iface:​ Permission denied +
-                                   mon0: unknown interface: No matching device found +
-                                   ​(monitor mode enabled on mon0) +
- +
-or in aircrack-ng v1.0-rc1 and newer: +
- +
-   ​airmon-ng start wlan0 +
- +
-   ​Interface ​      ​Chipset ​        ​Driver +
-    +
-   ​wlan0 ​                  ​iwl4965 - [phy0] +
-    +
-   ​ERROR:​ Neither the sysfs interface links nor the iw command is available. +
-   ​Please download and install iw from http://​dl.aircrack-ng.org/​iw.tar.bz2 +
- +
-Notice the reference to "​phy0"​ and "​mon0"​. Read the page [[mac80211]] for a fix for this error. if the error doesn'​t show up, then the correct output of airmon-ng is like this: +
- +
-   ​airmon-ng start wlan0 +
- +
-   ​Interface ​      ​Chipset ​        ​Driver +
-    +
-   ​wlan0 ​                  ​iwl4965 - [phy0] +
-                                   ​(monitor mode enabled on mon0) +
- +
-Another indicator of the mac80211 driver being loaded is if the output from iwconfig includes: +
- +
-   ​wmaster0 ​ no wireless extensions.  +
- +
-Notice the reference to "​wmaster0"​. +
- +
-Perhaps the most consistent way of determining the stack type of your drivers is running the command "lsmod | grep mac80211."​ If the output includes a line like this: +
- +
-   ​mac80211 ​             229108 ​ 4 rt2x00usb,​b43,​rt2x00lib,​zd1211rw +
- +
-then the modules at the end of the line are mac80211 drivers.+
  
-If  the new mac80211 driver ​is not working to your satisfaction then you will have to blacklist it and then use the ieee80211 legacy version The wiki driver section on this page has links to the various drivers.+Two solutions are available for Windows. Currently, only Airpcap ​is supported with Aircrack-ng 0.9.X
  
-It is also possible that the new driver is not working because your version of aircrack-ng is too old. Updating to at least 1.0-rc1 often fixes such problems.+==== Airpcap ====
  
-If you are using a legacy driver, and want to switch to the mac80211 driver, then you need to blacklist the old driver, and enable the new oneIf the names of the old and new in-kernel drivers match (for example, with zd1211rw, which is softmac in 2.6.24 and before, but mac80211 in 2.6.25), then you need to upgrade your wireless subsystem (either by updating the kernel or using compat-wireless-2.6).+[[https://​www.riverbed.com/​products/​steelcentral/​steelcentral-riverbed-airpcap.html|Airpcap]] is a hardware device that supports monitor mode and injection.
  
-If you have conflicts due to running both drivers, then decide which one you want and blacklist the other one.+==== NPcap ====
  
 +[[http://​www.npcap.org|NPcap]] is a packet sniffing library for Windows. It is based on WinPcap/​Libpcap improved with NDIS 6 and LWF.
  
-==== dmesg error "​failed with error -71" for USB device ​ ====+Github repository and downloads can be found [[https://​github.com/​nmap/​npcap|here]].
  
-When using an USB device and you get a message similar to this from dmesg:+Aircrack-ng does not support NPcap yet. It will support it in the near future.
  
-   rt73: Firmware loading error +===== BSD =====
-   rt73: Failed to load Firmware. +
-   rt73: probe of 1-7:1.0 failed with error -71+
  
-Note: Although the example shows RT73, this applies to any USB driver.+Monitor mode support is fairly limited in *BSD distributions. FreeBSD has support for capture and injection with a few drivers.
  
-Here are a few things to check:+==== FreeBSD ====
  
-  ​Ensure you have the firmware installed on your system and in the correct location. +Among all *BSD, FreeBSD has the **best** support.
-  ​You can try downloading a fresh copy of the driver and installing it again. +
-  ​Try connecting your USB device directly to your computer without a cable. ​ Cables can be defective and/or too long.  If they are too long then the signal may degrade or there is insufficient power. +
-  ​If you have multiple USB devices connected to your computer then remove them all except the wireless device and retry.+
  
 +Documentation on how to put wireless cards in monitor mode (and requirements to load the drivers) is explained in the man pages of each driver:
 +  * [[https://​www.freebsd.org/​cgi/​man.cgi?​query=urtwn&​sektion=4|urtwn]],​ for some Realtek USB
 +  * [[https://​www.freebsd.org/​cgi/​man.cgi?​ath(4)|ath]] for Atheros.
  
-==== Laptop Specific ====+More cards/​drivers are supported but a lot of them are not produced anymore
  
-Some laptops have bios setting and/​or ​physical switch to enable/​disable internal wireless cards. ​ Make sure that these are are all "​turned on" so that your wireless ​card is operational.+When installing ​recent version version of Aircrack-ng, ​dedicated [[airmon-ng]] will be installed and it will take care of putting ​card in and out of monitor mode.
  
 +===== Resources =====
  
 +  * Previous version of this page can be found [[install_drivers_old|here]].
 +  * [[https://​aircrack-ng.blogspot.com/​2017/​08/​on-drivers-rtl8812au-wn722n-monitor.html|Discussion]] about current state of drivers, chipset and other WiFi-related topics
install_drivers.1231281662.txt.gz · Last modified: 2009/01/06 23:41 by netrolller3d