airmon-ng
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
| airmon-ng [2010/10/06 15:12] – Added extra check kill troubleshooting tip darkaudax | airmon-ng [2015/08/23 23:40] – [Typical Uses] Updated mister_x | ||
|---|---|---|---|
| Line 17: | Line 17: | ||
| ==== Typical Uses ==== | ==== Typical Uses ==== | ||
| - | To start wlan0 in monitor mode: airmon-ng start wlan0 | + | ===Check status and/or listing wireless interfaces === |
| - | To start wlan0 in monitor mode on channel 8: airmon-ng | + | ~# airmon-ng |
| + | PHY Interface Driver Chipset | ||
| + | |||
| + | phy0 wlan0 ath9k_htc Atheros Communications, | ||
| - | To stop wlan0: airmon-ng stop wlan0 | + | ===Checking for interfering processes=== |
| + | |||
| + | When putting a card into monitor mode, it will automatically check for interfering processes. It can also be done manually by running the following command: | ||
| + | |||
| + | ~# airmon-ng check | ||
| + | Found 5 processes that could cause trouble. | ||
| + | If airodump-ng, | ||
| + | a short period of time, you may want to kill (some of) them! | ||
| + | |||
| + | PID Name | ||
| + | 718 NetworkManager | ||
| + | 870 dhclient | ||
| + | 1104 avahi-daemon | ||
| + | 1105 avahi-daemon | ||
| + | 1115 wpa_supplicant | ||
| + | |||
| + | == Killing interfering processes== | ||
| + | |||
| + | This command stops network managers then kill interfering processes left: | ||
| + | |||
| + | ~# airmon-ng check kill | ||
| + | Killing these processes: | ||
| + | |||
| + | PID Name | ||
| + | 870 dhclient | ||
| + | 1115 wpa_supplicant | ||
| + | |||
| + | ===Turn monitor mode on=== | ||
| + | |||
| + | **Note**: It is very important to kill the network managers before putting a card in monitor mode! | ||
| + | |||
| + | ~# airmon-ng start wlan0 | ||
| + | Found 5 processes that could cause trouble. | ||
| + | If airodump-ng, | ||
| + | a short period of time, you may want to kill (some of) them! | ||
| + | |||
| + | PID Name | ||
| + | 718 NetworkManager | ||
| + | 870 dhclient | ||
| + | 1104 avahi-daemon | ||
| + | 1105 avahi-daemon | ||
| + | 1115 wpa_supplicant | ||
| + | |||
| + | PHY Interface Driver Chipset | ||
| + | |||
| + | phy0 wlan0 ath9k_htc Atheros Communications, | ||
| + | (mac80211 monitor mode vif enabled for [phy0]wlan0 on [phy0]wlan0mon) | ||
| + | (mac80211 station mode vif disabled for [phy0]wlan0) | ||
| + | |||
| + | As you can see, it created a monitor mode interface called wlan0mon and it notified there are a few process that will interfere with the tools. | ||
| + | |||
| + | ===Turn monitor mode off=== | ||
| + | |||
| + | ~# airmon-ng stop wlan0mon | ||
| + | PHY Interface Driver Chipset | ||
| + | |||
| + | phy0 wlan0mon ath9k_htc Atheros Communications, | ||
| + | (mac80211 station mode vif enabled on [phy0]wlan0) | ||
| + | (mac80211 monitor mode vif disabled for [phy0]wlan0mon) | ||
| + | |||
| + | And you might as well want to restart the network manager via | ||
| + | |||
| + | service network-manager start | ||
| - | To check the status: airmon-ng | ||
| ==== Madwifi-ng driver monitor mode ==== | ==== Madwifi-ng driver monitor mode ==== | ||
| Line 293: | Line 357: | ||
| Source thread: http:// | Source thread: http:// | ||
| + | |||
| + | ==== SIOCSIFFLAGS: | ||
| + | |||
| + | If you have an output similar to: | ||
| + | |||
| + | # airmon-ng start wlan0 | ||
| + | Interface Chipset Driver | ||
| + | wlan0 Broadcom b43 - [phy0]SIOCSIFFLAGS: | ||
| + | (monitor mode enabled on mon0) | ||
| + | |||
| + | It indicates that RF are blocked. It needs to be enabled by using the switch on your laptop and/or using the following command: | ||
| + | |||
| + | rfkill unblock all | ||
| + | | ||
| + | See also http:// | ||
airmon-ng.txt · Last modified: 2022/02/09 00:34 by mister_x