zd1211rw
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionLast revisionBoth sides next revision | ||
zd1211rw [2007/08/26 17:28] – Added detailed troubleshooting information darkaudax | zd1211rw [2017/01/09 21:34] – Mark page as deprecated. mister_x | ||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== | + | ====== |
- | This driver supports the zd1211 and the newer zd1211b chipsets by Zydas. | + | **IMPORTANT NOTE**: |
- | The older zd1211 chipset only partially supports injection. | + | ====== zd1211rw ====== |
+ | authored by sleek | ||
- | The new zd1211b chipset fully supports all functions. | + | **Review and injection tutorial** |
- | The zd1211rw driver has been incorporated into the latest kernels. | + | The ZyDAS zd1211 and zd1211b (//also known as AR5007UG//) chips are one of the most distributed wireless b/g chips in the market. They are also the cheapest, on eBay, you can get one for about 5-6USD shipping included. In the same time, these chips are very stable, with excellent range and sensitivity, |
- | The following links may be helpful | + | The zd1211rw was included in mainline kernel 2.6.18 as a softmac driver, known to be notoriously unstable and heavily crippled in terms aircrack-ng support. Things turned for the better when the zd1211rw was ported as mac80211 |
- | * [[http:// | + | The only unsupported function is the fragmentation " |
- | * [[http:// | + | |
- | * [[http:// | + | |
+ | Overall, its a great all-purpose chip to have for wireless auditing and general connectivity. | ||
+ | ====== Patching ====== | ||
+ | To enable injection, we'll have to patch the driver first. | ||
- | ===== Patching zd1211rw ===== | + | ==== Modern kernels |
+ | For modern kernels, good results can be obtained even when sticking closely to stock kernels. | ||
- | This section will describe how to patch your driver for injection. | ||
- | You will need to have your kernel headers and full source already installed on your system. See [[zd1211rw# | + | === Kernel 2.6.39+ === |
+ | See [[http:// | ||
- | Copy contents of **/ | + | **1.** cd into your kernel sources |
- | Copy contents of **/usr/src/linux/drivers/net/ | + | **2.** Apply the patch: |
+ | wget -O - 'http://trac.aircrack-ng.org/raw-attachment/ticket/894/zd1211rw-inject+dbi-fix-2.6.39.2.patch' | ||
- | Download | + | **3.** Recompile |
- | Copy zd1211rw_inject_2.6.20.patch to **/ | + | === Kernel 2.6.34 - 2.6.38 === |
- | | + | **1.** |
- | NOTE: In the following lines, verbose and dry-run have a double dash in front of them. | + | **2.** Apply the patch: |
- | | + | |
- | If it was OK: | + | **3.** Recompile and reload the driver as usual. Refer to your distro' |
- | patch -Np1 --verbose | + | |
- | Copy ieee80211_inject.patch | + | ==== Legacy kernels ==== |
- | patch -Np1 --verbose --dry-run -i ieee80211_inject.patch | + | On old kernels, you need to use the compat-wireless approach. |
+ | The most frequent road block you'll stumble upon is compilation errors with compat-wireless. They' | ||
- | If it was OK: | + | === Kernel 2.26.24+ === |
- | patch -Np1 --verbose | + | |
- | **NOTE**: In the following lines, change "2.6.20-1.2944.fc6" to match your particular system. | + | **1.** Go to http:// |
- | | + | **2.** Next up, **cd to your /path/to/compat-wireless** directory and download the patch, required for injection: [[http://www.zlaten.biz/tmp/zd1211rw-inject+dbi-fix-2.6.26.patch|zd1211rw-inject+dbi-fix-2.6.26.patch]], the fixed channel patch, [[http://patches.aircrack-ng.org/channel-negative-one-maxim.patch|channel-negative-one-maxim.patch]] and the [[http://patches.aircrack-ng.org/mac80211.compat08082009.wl_frag+ack_v1.patch|mac80211.compat08082009.wl_frag+ack_v1.patch]] for higher injection speed. Visit the general [[mac80211|mac80211]] wiki page for details. |
- | make -C / | + | |
- | cd /usr/src/linux/ | + | |
- | make -C /lib/modules/2.6.20-1.2944.fc6/build/ M=`pwd` modules | + | |
- | Now copy the new modules to the / | + | **3.** Apply the patches: |
- | | + | |
- | | + | |
- | | + | patch -Np1 -i channel-negative-one-maxim.patch. |
+ | __Note: | ||
- | And finally, rebuild | + | **4.** Patching is complete and we are ready to compile our driver, type **make** for the process to begin and wait for few minutes to complete. |
- | | + | **5.** Barring any errors, next up is installing, **sudo make install** |
- | At this point, | + | **6.** Now that the newly compiled driver |
- | If you have problems compiling | + | **7.** To load the new driver, just type **sudo modprobe |
- | | + | **8.** That's it! This concludes the zd1211 injection tutorial. You should now be able to inject. [[injection_test|Test]] your USB device, by setting it to monitor mode (airmon-ng) |
- | | + | |
- | ===== Installing Fedora kernel headers and source ===== | ||
- | These instructions are specific to Fedora. Change **2.6.20-1.2944.fc6** to the particular kernel version you have installed. **uname | + | # aireplay-ng -9 mon0 |
+ | 14: | ||
+ | 14: | ||
+ | 14: | ||
+ | 14: | ||
+ | 14: | ||
+ | 14: | ||
+ | 14: | ||
+ | Voila ;-) | ||
- | You need these packages already installed: | + | Known issues at this point: |
- | | + | Fragmentation attack is not yet supported. |
- | kernel-devel-2.6.20-1.2944.fc6 | + | |
- | Running the command **rpm -qa | grep kernel** will show which kernel packages are installed. | ||
- | If the headers | + | === Kernels 2.6.23 |
- | rpm -ivh kernel-headers-2.6.20-1.2944.fc6.i386.rpm | + | As mentioned above, kernels prior to 2.6.25 (2.6.2**4** with compat-wireless) are shipped with the softmac version of the driver which in its best day supports only half the functions, half the time. In other words, if you're stuck on an ancient kernel, you're pretty much out of luck. Your best bet is to either install a supported |
- | rpm -ivh kernel-devel-2.6.20-1.2944.fc6.i686.rpm (obtain i586 or i686 depending on your architecture) | + | |
- | Alternatively, use **yum -y install kernel-headers" | + | And if you're absolutely bent on installing the softmac driver on an old kernel, you can try [[http:// |
- | Now download and install the full kernel sources if they are not already on your system (This assumes you have downloaded this RPM from your favourite repository). | + | ==== Troubleshooting ==== |
- | rpm -ivh kernel-2.6.20-1.2944.fc6.src.rpm | + | === Couldn' |
- | Change | + | If dmesg has an error similar |
- | | + | usb 1-1: Could not load firmware file zd1211/ |
+ | | ||
- | Change " | + | This means you are missing |
- | rpmbuild -bp --target=i586 | + | |
- | **NOTE**: Change references | + | On some distributions, |
- | /bin/cp -a / | + | You can obtain the firmware from: |
- | ln -s / | + | |
+ | - http:// | ||
+ | - RPM for you distribution. | ||
- | ===== Recompiling Kernel with Loadable Modules ===== | + | === Why do I get ioctl(SIOCGIFINDEX) failed ? === |
- | Some kernels incorporate the functionality built into the kernel. | + | If you get error messages similar |
- | These are the settings for menuconfig using 2.6.20-gentoo-r7, | + | * Error message: " |
+ | * Error message: " | ||
- | First, change the appropriate items in menuconfig: | + | Then [[faq# |
- | cd / | + | ===== Feedback |
- | + | ||
- | make menuconfig | + | |
- | + | ||
- | | + | |
- | then set | + | |
- | < | + | |
- | < | + | |
- | all other module capable IEEE 80211 items will have automatically set themselves to <M> | + | |
- | + | ||
- | Also check that: | + | |
- | | + | |
- | < | + | |
- | + | ||
- | Exit out and save the config | + | |
- | + | ||
- | Now apply the zd1211 and ieee80211 inject patches and recompile/ | + | |
- | + | ||
- | Apply the zd1211 inject and ieee80211 inject patches as per patch instructions but only do the 4 patch -Np1 commands, in gentoo doing the make commands and copying all the files is unnecessary!! | + | |
- | + | ||
- | After the patches are applied, you can now recompile the kernel and modules with the following commands: | + | |
- | + | ||
- | cd /usr/src | + | |
- | make && make modules modules_install install | + | |
- | + | ||
- | Wait for it to finish and then reboot your system. | + | |
- | + | ||
- | Lastly, test your drivers and the injection patch. | + | |
- | + | ||
- | + | ||
- | ===== Troubleshooting | + | |
- | + | ||
- | ===== General ===== | + | |
- | + | ||
- | Use " | + | |
- | + | ||
- | Bus 003 Device 003: ID 157e: | + | |
- | Bus 003 Device 001: ID 0000: | + | |
- | Bus 001 Device 001: ID 0000: | + | |
- | Bus 002 Device 001: ID 0000:0000 | + | |
- | + | ||
- | If your device is not listed then you first need to determine why and correct it. | + | |
- | + | ||
- | Use " | + | |
- | + | ||
- | | + | |
- | | + | |
- | | + | |
- | usb 3-1: reset high speed USB device using ehci_hcd and address 3 | + | |
- | usb 3-1: firmware version 0x4810 and device bootcode version 0x4802 differ | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | + | ||
- | Depending on the error messages in dmesg, take the appropriate action. | + | |
- | + | ||
- | Use " | + | |
- | + | ||
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | + | ||
- | A common problem on new kernels is that the new mac80211 version of the driver gets loaded instead of the older legacy driver covered on this page. If that is the case, then you need to blacklist the modules by editing / | + | |
- | + | ||
- | # | + | |
- | | + | |
- | | + | |
- | + | ||
- | Also ensure that the time stamp on zd1211.ko module matches the date and time you compiled it. Otherwise this may mean you are running the wrong version of the module. | + | |
- | + | ||
- | ===== Couldn' | + | |
- | + | ||
- | If dmesg has an error similar to the following: | + | |
- | + | ||
- | usb 1-1: Could not load firmware file zd1211/ | + | |
- | | + | |
- | + | ||
- | This means you are missing the firmware for your device or it is located in the wrong location. | + | |
- | + | ||
- | You can obtain the firmware from: | + | |
- | + | ||
- | - http:// | + | |
- | - RPM for you distribution. | + | |
+ | * Instructions and discussion about the zd1211rw in the forum [[http:// | ||
+ |
zd1211rw.txt · Last modified: 2018/03/11 19:04 by mister_x