User Tools

Site Tools


airmon-ng

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
airmon-ng [2015/08/23 23:56]
mister_x Added troubleshooting tips
airmon-ng [2019/05/01 22:57] (current)
mister_x Added section about --verbose and --debug
Line 51: Line 51:
    1115 wpa_supplicant    1115 wpa_supplicant
  
-===Turn monitor mode on===+===Enable ​monitor mode===
  
 **Note**: It is very important to kill the network managers before putting a card in monitor mode! **Note**: It is very important to kill the network managers before putting a card in monitor mode!
Line 75: Line 75:
 As you can see, it created a monitor mode interface called wlan0mon and it notified there are a few process that will interfere with the tools. As you can see, it created a monitor mode interface called wlan0mon and it notified there are a few process that will interfere with the tools.
  
-===Turn monitor mode off===+===Disable ​monitor mode===
  
   ~# airmon-ng stop wlan0mon   ~# airmon-ng stop wlan0mon
Line 84: Line 84:
   (mac80211 monitor mode vif disabled for [phy0]wlan0mon)   (mac80211 monitor mode vif disabled for [phy0]wlan0mon)
  
-And you might as well want to restart the network manager ​via+Don't forget ​to restart the network manager. It is usually done with the following command:
  
   service network-manager start   service network-manager start
Line 111: Line 111:
 If you want to use ath0 (which is already used): If you want to use ath0 (which is already used):
  
-airmon-ng stop ath0 +  ​airmon-ng stop ath0 
  
 And the system will respond: And the system will respond:
Line 131: Line 131:
 You can see ath0 is gone. You can see ath0 is gone.
  
-To start ath0 in monitor mode: airmon-ng start wifi0+To put wifi0 in monitor mode: 
 + 
 +  ​airmon-ng start wifi0
  
 System responds: System responds:
Line 165: Line 167:
  
 You can set the channel number by adding it to the end: airmon-ng start wifi0 9 You can set the channel number by adding it to the end: airmon-ng start wifi0 9
- 
- 
-==== mac80211 drivers monitor mode ==== 
- 
-See [[install_drivers#​mac80211_versus_ieee80211_stacks|mac80211 versus ieee80211 stacks]] for some background information. 
- 
-When using the mac80211 version of a driver, the use of airmon-ng and the aircrack-ng tools are slightly different. 
- 
-Running: 
- 
-   ​airmon-ng start wlan0 
- 
-Gives something like: 
- 
-   ​Interface ​  ​Chipset ​     Driver 
-    
-   ​wlan0 ​     Intel 4965 a/​b/​g/​n ​  ​iwl4965 - [phy0] 
-            (monitor mode enabled on mon0) 
- 
-Notice that it created "​mon0"​. ​ You must then use "​mon0"​ in all the subsequent aircrack-ng tools as the injection interface. 
- 
-To remove monitor mode enter: 
- 
-   ​airmon-ng stop mon0 
  
  
Line 202: Line 180:
  
 To determine the current channel, enter "​iwlist <​interface name> channel"​. ​ If you will be working with a specific access point, then the current channel of the card should match that of the AP.  In this case, it is a good idea to include the channel number when running the initial airmon-ng command. To determine the current channel, enter "​iwlist <​interface name> channel"​. ​ If you will be working with a specific access point, then the current channel of the card should match that of the AP.  In this case, it is a good idea to include the channel number when running the initial airmon-ng command.
- 
-==== BSSIDs with Spaces, Special Characters ==== 
- 
-See this [[faq#​how_to_use_spaces_double_quote_and_single_quote_in_ap_names|FAQ entry]] on  how to define your BSSID if it has spaces, quotes, double quotes or special characters in it. 
  
 ==== How Do I Put My Card Back into Managed Mode? ==== ==== How Do I Put My Card Back into Managed Mode? ====
Line 230: Line 204:
  
 X is the monitor interface number - 0 unless you run multiple monitoring interfaces simultaneously. X is the monitor interface number - 0 unless you run multiple monitoring interfaces simultaneously.
 +
 +==== Debugging issues ====
 +
 +airmon-ng has two options to show more information,​ which can be useful when reporting or debugging issues.
 +
 +=== --verbose flag ===
 +
 +It gives information about the system as well as details about the wireless card.
 +
 +  root@kali:​~#​ airmon-ng --verbose
 +  ​
 +  No LSB modules are available.
 +  Distributor ID: Kali
 +  Description:​ Kali GNU/Linux Rolling
 +  Release:​ 2019.1
 +  Codename:​ n/​a
 +  ​
 +  Linux kali 4.19.0-kali4-amd64 #1 SMP Debian 4.19.28-2kali1 (2019-03-18) x86_64 GNU/Linux
 +  Detected VM using lspci
 +  This appears to be a VMware Virtual Machine
 +  If your system supports VT-d, it may be possible to use PCI devices
 +  If your system does not support VT-d, you can only use USB wifi cards
 +  ​
 +  K indicates driver is from 4.19.0-kali4-amd64
 +  V indicates driver comes directly from the vendor, almost certainly a bad thing
 +  S indicates driver comes from the staging tree, these drivers are meant for reference not actual use, BEWARE
 +  ? indicates we do not know where the driver comes from... report this
 +  ​
 +  ​
 +  X[PHY]Interface Driver[Stack]-FirmwareRev Chipset Extended Info
 +  ​
 +  K[phy1]wlan0 ath9k_htc[mac80211]-1.4 Qualcomm Atheros Communications AR9271 802.11n mode managed
 +
 +In this case, the following additional informatio can be seen:
 +  - Detailed information about the Linux distribution as well as kernel version
 +  - System is a virtual machine (and detailed information about supported features)
 +  - Detailed driver information (kernel, vendor driver, staging or unknown source), wireless stack, current operating mode and firmware version
 +
 +=== --debug flag ===
 +
 +It  will give the same information as verbose and add more details: ​
 +
 +  root@kali:​~#​ airmon-ng --debug
 +  ​
 +  /bin/sh -> /​usr/​bin/​dash
 +  ​
 +  SHELL is GNU bash, version 5.0.3(1)-release (x86_64-pc-linux-gnu)
 +  Copyright (C) 2019 Free Software Foundation, Inc.
 +  License GPLv3+: GNU GPL version 3 or later <​http://​gnu.org/​licenses/​gpl.html>​
 +  ​
 +  This is free software; you are free to change and redistribute it.
 +  There is NO WARRANTY, to the extent permitted by law.
 +  ​
 +  No LSB modules are available.
 +  Distributor ID: Kali
 +  Description:​ Kali GNU/Linux Rolling
 +  Release:​ 2019.1
 +  Codename:​ n/​a
 +  ​
 +  Linux kali 4.19.0-kali4-amd64 #1 SMP Debian 4.19.28-2kali1 (2019-03-18) x86_64 GNU/Linux
 +  Detected VM using lspci
 +  This appears to be a VMware Virtual Machine
 +  If your system supports VT-d, it may be possible to use PCI devices
 +  If your system does not support VT-d, you can only use USB wifi cards
 +  ​
 +  K indicates driver is from 4.19.0-kali4-amd64
 +  V indicates driver comes directly from the vendor, almost certainly a bad thing
 +  S indicates driver comes from the staging tree, these drivers are meant for reference not actual use, BEWARE
 +  ? indicates we do not know where the driver comes from... report this
 +  ​
 +  ​
 +  X[PHY]Interface Driver[Stack]-FirmwareRev Chipset Extended Info
 +  ​
 +  getStack mac80211
 +  getBus usb
 +  getdriver() ath9k_htc
 +  getchipset() Qualcomm Atheros Communications AR9271 802.11n
 +  BUS = usb
 +  BUSINFO = 0CF3:9271
 +  DEVICEID = 
 +  getFrom() K
 +  getFirmware 1.4
 +  K[phy1]wlan0 ath9k_htc[mac80211]-1.4 Qualcomm Atheros Communications AR9271 802.11n mode managed
 +
 +Additional information:​
 +  - Shell name and version
 +  - Debug information regarding the wireless adapter and loaded driver
  
 ===== Usage Troubleshooting ===== ===== Usage Troubleshooting =====
  
-==== General ​====+==== Madwifi-ng ​====
 Quite often, the standard scripts on a linux distribution will setup ath0 and or additional athX interfaces. ​ These must all be removed first per the instructions above. ​ Another problem is that the script set fields such as essid, nickname and encryptions. ​ Be sure these are all cleared. Quite often, the standard scripts on a linux distribution will setup ath0 and or additional athX interfaces. ​ These must all be removed first per the instructions above. ​ Another problem is that the script set fields such as essid, nickname and encryptions. ​ Be sure these are all cleared.
  
airmon-ng.1440367003.txt.gz · Last modified: 2015/08/23 23:56 by mister_x