aircrack-ng / rtl8812au

RTL8812AU/21AU and RTL8814AU driver with monitor mode and frame injection
GNU General Public License v2.0
3.56k stars 781 forks source link

Does not support IEEE 802.11w (Protected Management Frames) #58

Closed samiux closed 5 years ago

samiux commented 6 years ago

I am using Kali Linux 2017.3 with latest update. My rtl8812au cannot connect to the router that is set to "required" for Protected Management Frames (IEEE 802.11w).

I have checked the source code and it is enabled when compile.

kimocoder commented 6 years ago

Jupp. working on that issue along with some other minor stuff. I'll leave a note when it's pushed & ready.

kimocoder commented 6 years ago

Try updating with "git pull", build/install the updated driver and check if the IEEE 802.11w support works now. Thanks

samiux commented 6 years ago

Since the MAC address of my rtl8812au dongle always changing, I cannot test it on my ARP spoofing protected network.

samiux commented 6 years ago

The Kali Linux 2017.3 with latest update caused all wireless network interfaces with random MAC address on every plug in and reboot.

I tested this feature with Ubuntu Gnome 16.04.3. It cannot connect to the Protected Management Frames enabled (Required) router (ASUS RT-AC88U).

kimocoder commented 6 years ago

Ok. I will also do some test on this in some weeks, currently busy with the 8814au efuse. Thanks for reporting back.

kimocoder commented 6 years ago

Nuked the 802.11w + adaptivity support for now. Kernel v4.15 + 8814au EFUSE prioritized and 802.11w code is missing at this point anyway. Closed

kimocoder commented 6 years ago

@samiux I think I've got a fix for this issue. any chance you may to some test after i pushed it?

samiux commented 6 years ago

@kimocoder

I can test the driver at any time. :)

kimocoder commented 6 years ago

Ok. Gimme few days then

kcdtv commented 6 years ago

Since the MAC address of my rtl8812au dongle always changing, I cannot test it on my ARP spoofing protected network.

Disable that in network manager, or even better: Remove the fucked up network manager and use wpa-supplicant. System-d, newtork-manager and GNOME: same craziness. saying so this not a bad feature... but network manager sucks.

kimocoder commented 6 years ago

The driver actually have a switch for changing automaticly, it has been turned off not long ago since the driver should not do this at all.

In the README there's a note on how to switch of the Network-Manager random MAC switch But there is some problems in the 802.11w codes anyway, pushing a patch over the weekend and we'll see if the support will be in place.

kcdtv commented 6 years ago

The driver actually have a switch for changing automaticly, it has been turned off not long ago sine the driver should not do this at all.

I did not notice that as I am OK with this feature and have it enabled anyway. Saying so you are absolutely right: The driver shouldn't do that automatically and you were right in taking away this behavior. Good luck with the patches and thanks again for al your work :smiley_cat:

kimocoder commented 6 years ago

@samiux pushed a patch for PMF / 802.11w. try cloning the repo and test the 802.11w when your available.

flip the switch of "CONFIG_80211W" to "y" in the Makefile and it should be good to go.

the patch may be seen here

samiux commented 6 years ago

@kimocoder

Compile successful but the AP cannot be connected when the "required" is enabled.

samiux commented 6 years ago

@kimocoder

It cannot be connected via NetworkManager as the AP is dimmed.

It cannot be connected via wpa_supplicant.conf with the following error messages when the AP is set to IEEE802.11w=required or capable:

wpa_supplicant[8092]: wlan1: WPA: Failed to configure IGTK to the driver wpa_supplicant(8092): wlan1: RSN: Failed to configure IGTK

Meanwhile, the RX/TX have a lot of packet drop of the wlan1.

kimocoder commented 6 years ago

Hmmmm.... will look at it soon again

kimocoder commented 6 years ago

@samiux could you test 802.11W on the v5.2.20 branch?

samiux commented 6 years ago

@kimocoder

Branch v5.2.20 has been tested. The SSID is dimmed out and cannot be connected.

kimocoder commented 6 years ago

Ok. Thanks alot for testing sir!

kimocoder commented 5 years ago

IEEE802.11w support is dropped as it's not needed anyway