airmon-ng
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
airmon-ng [2015/08/24 00:08] – monX interfaces are deprecated mister_x | airmon-ng [2022/02/09 00:34] (current) – [Description] slightly improved mister_x | ||
---|---|---|---|
Line 1: | Line 1: | ||
====== Airmon-ng ====== | ====== Airmon-ng ====== | ||
===== Description ===== | ===== Description ===== | ||
- | This script can be used to enable monitor mode on wireless interfaces. It may also be used to go back from monitor mode to managed mode. Entering the airmon-ng command without parameters will show the interfaces status. | + | This script can be used to enable monitor mode on wireless interfaces. It may also be used to kill network managers, or go back from monitor mode to managed mode. Entering the airmon-ng command without parameters will show the interfaces status. |
===== Usage ===== | ===== Usage ===== | ||
Line 111: | Line 111: | ||
If you want to use ath0 (which is already used): | If you want to use ath0 (which is already used): | ||
- | airmon-ng stop ath0 | + | |
And the system will respond: | And the system will respond: | ||
Line 131: | Line 131: | ||
You can see ath0 is gone. | You can see ath0 is gone. | ||
- | To start ath0 in monitor mode: airmon-ng start wifi0 | + | To put wifi0 in monitor mode: |
+ | |||
+ | | ||
System responds: | System responds: | ||
Line 178: | Line 180: | ||
To determine the current channel, enter " | To determine the current channel, enter " | ||
- | |||
- | ==== BSSIDs with Spaces, Special Characters ==== | ||
- | |||
- | See this [[faq# | ||
==== How Do I Put My Card Back into Managed Mode? ==== | ==== How Do I Put My Card Back into Managed Mode? ==== | ||
Line 206: | Line 204: | ||
X is the monitor interface number - 0 unless you run multiple monitoring interfaces simultaneously. | X is the monitor interface number - 0 unless you run multiple monitoring interfaces simultaneously. | ||
+ | |||
+ | ==== Debugging issues ==== | ||
+ | |||
+ | airmon-ng has two options to show more information, | ||
+ | |||
+ | === --verbose flag === | ||
+ | |||
+ | It gives information about the system as well as details about the wireless card. | ||
+ | |||
+ | root@kali: | ||
+ | | ||
+ | No LSB modules are available. | ||
+ | Distributor ID: Kali | ||
+ | Description: | ||
+ | Release: | ||
+ | Codename: | ||
+ | | ||
+ | Linux kali 4.19.0-kali4-amd64 #1 SMP Debian 4.19.28-2kali1 (2019-03-18) x86_64 GNU/Linux | ||
+ | Detected VM using lspci | ||
+ | This appears to be a VMware Virtual Machine | ||
+ | If your system supports VT-d, it may be possible to use PCI devices | ||
+ | If your system does not support VT-d, you can only use USB wifi cards | ||
+ | | ||
+ | K indicates driver is from 4.19.0-kali4-amd64 | ||
+ | V indicates driver comes directly from the vendor, almost certainly a bad thing | ||
+ | S indicates driver comes from the staging tree, these drivers are meant for reference not actual use, BEWARE | ||
+ | ? indicates we do not know where the driver comes from... report this | ||
+ | | ||
+ | | ||
+ | X[PHY]Interface Driver[Stack]-FirmwareRev Chipset Extended Info | ||
+ | | ||
+ | K[phy1]wlan0 ath9k_htc[mac80211]-1.4 Qualcomm Atheros Communications AR9271 802.11n mode managed | ||
+ | |||
+ | In this case, the following additional information can be seen: | ||
+ | - Detailed information about the Linux distribution as well as kernel version | ||
+ | - System is a virtual machine (and detailed information about supported features) | ||
+ | - Detailed driver information (kernel, vendor driver, staging or unknown source), wireless stack, current operating mode and firmware version | ||
+ | |||
+ | === --debug flag === | ||
+ | |||
+ | It will give the same information as verbose and add more details: | ||
+ | |||
+ | root@kali: | ||
+ | | ||
+ | /bin/sh -> / | ||
+ | | ||
+ | SHELL is GNU bash, version 5.0.3(1)-release (x86_64-pc-linux-gnu) | ||
+ | Copyright (C) 2019 Free Software Foundation, Inc. | ||
+ | License GPLv3+: GNU GPL version 3 or later < | ||
+ | | ||
+ | This is free software; you are free to change and redistribute it. | ||
+ | There is NO WARRANTY, to the extent permitted by law. | ||
+ | | ||
+ | No LSB modules are available. | ||
+ | Distributor ID: Kali | ||
+ | Description: | ||
+ | Release: | ||
+ | Codename: | ||
+ | | ||
+ | Linux kali 4.19.0-kali4-amd64 #1 SMP Debian 4.19.28-2kali1 (2019-03-18) x86_64 GNU/Linux | ||
+ | Detected VM using lspci | ||
+ | This appears to be a VMware Virtual Machine | ||
+ | If your system supports VT-d, it may be possible to use PCI devices | ||
+ | If your system does not support VT-d, you can only use USB wifi cards | ||
+ | | ||
+ | K indicates driver is from 4.19.0-kali4-amd64 | ||
+ | V indicates driver comes directly from the vendor, almost certainly a bad thing | ||
+ | S indicates driver comes from the staging tree, these drivers are meant for reference not actual use, BEWARE | ||
+ | ? indicates we do not know where the driver comes from... report this | ||
+ | | ||
+ | | ||
+ | X[PHY]Interface Driver[Stack]-FirmwareRev Chipset Extended Info | ||
+ | | ||
+ | getStack mac80211 | ||
+ | getBus usb | ||
+ | getdriver() ath9k_htc | ||
+ | getchipset() Qualcomm Atheros Communications AR9271 802.11n | ||
+ | BUS = usb | ||
+ | BUSINFO = 0CF3:9271 | ||
+ | DEVICEID = | ||
+ | getFrom() K | ||
+ | getFirmware 1.4 | ||
+ | K[phy1]wlan0 ath9k_htc[mac80211]-1.4 Qualcomm Atheros Communications AR9271 802.11n mode managed | ||
+ | |||
+ | Additional information: | ||
+ | - Shell name and version | ||
+ | - Debug information regarding the wireless adapter and loaded driver | ||
===== Usage Troubleshooting ===== | ===== Usage Troubleshooting ===== | ||
- | ==== General | + | ==== Madwifi-ng |
Quite often, the standard scripts on a linux distribution will setup ath0 and or additional athX interfaces. | Quite often, the standard scripts on a linux distribution will setup ath0 and or additional athX interfaces. | ||
Line 339: | Line 424: | ||
mon0: ERROR while getting interface flags: No such device | mon0: ERROR while getting interface flags: No such device | ||
- | This means you have an old version of airmon-ng installed. Upgrade to at least v1.0-rc1. | + | This means you have an old version of airmon-ng installed. Upgrade to at least v1.0-rc1. |
==== check kill fails ==== | ==== check kill fails ==== | ||
Line 371: | Line 456: | ||
| | ||
See also http:// | See also http:// | ||
+ | |||
+ | ==== ERROR adding monitor mode interface: command failed: Operation not supported (-95) ==== | ||
+ | |||
+ | It is known to happen on the Raspberry Pi, when using [[airmon-ng]]. When that happens, the following can be seen in dmesg: | ||
+ | |||
+ | brcmfmac: brcmf_vif_add_validate: | ||
+ | brcmfmac: brcmf_vif_add_validate: | ||
+ | brcmfmac: brcmf_cfg80211_add_iface: | ||
+ | |||
+ | There may be instances of the following in dmesg as well prior to the above output: | ||
+ | |||
+ | brcmfmac: brcmf_vif_add_validate: | ||
+ | brcmfmac: brcmf_mon_add_vif: | ||
+ | brcmfmac: brcmf_mon_add_vif: | ||
+ | brcmfmac: brcmf_cfg80211_get_channel: | ||
+ | |||
+ | Even though dmesg says the interface is already in monitor mode and "iw dev wlan0 info" confirms it is, [[airodump-ng]] will fail and report the interface data linktype is Ethernet. This is a bug in the driver and/or firmware, and the workaround is to reboot the system or to reload the driver: | ||
+ | |||
+ | rmmod brcmfmac | ||
+ | modprobe brcmfmac |
airmon-ng.1440367704.txt.gz · Last modified: 2015/08/24 00:08 by mister_x