mo8Zomo0
commented
6 years ago Did you look at a dmesg, I also have a BC (here 2835, some ALFA USB device) and that crashes for some reason as it looks:
[ 2652.769268] ------------[ cut here ]------------ [ 2652.769329] WARNING: CPU: 2 PID: 5296 at drivers/net/wireless/ralink/rt2x00/rt2x00config.c:199 rt2x00lib_config+0x2ac/0x2f4 [rt2x00lib] [ 2652.769335] Modules linked in: cmac bnep hci_uart nfnetlink_queue nfnetlink_log nfnetlink bluetooth ecdh_generic appletalk psnap llc ax25 pps_ldisc pps_core cdc_acm brcmfmac brcmutil snd_bcm2835(C) snd _pcm snd_timer snd arc4 rt2800usb rt2800lib rt2x00usb rt2x00lib mac80211 cfg80211 rfkill crc_ccitt fixed uio_pdrv_genirq uio ip_tables x_tables ipv6 [ 2652.769498] CPU: 2 PID: 5296 Comm: kismet_cap_linu Tainted: G WC 4.14.30-v7+ #1102 [ 2652.769504] Hardware name: BCM2835 [ 2652.769534] [<8010fff8>] (unwind_backtrace) from [<8010c260>] (show_stack+0x20/0x24) [ 2652.769553] [<8010c260>] (show_stack) from [<8076e124>] (dump_stack+0xd4/0x118) [ 2652.769571] [<8076e124>] (dump_stack) from [<8011da74>] (warn+0xf8/0x110) [ 2652.769585] [<8011da74>] (warn) from [<8011db5c>] (warn_slowpath_null+0x30/0x38) [ 2652.769629] [<8011db5c>] (warn_slowpath_null) from [<7f28c304>] (rt2x00lib_config+0x2ac/0x2f4 [rt2x00lib]) [ 2652.769702] [<7f28c304>] (rt2x00lib_config [rt2x00lib]) from [<7f28b6c8>] (rt2x00mac_config+0x50/0x78 [rt2x00lib]) [ 2652.769969] [<7f28b6c8>] (rt2x00mac_config [rt2x00lib]) from [<7f1b9a98>] (ieee80211_hw_config+0x74/0x39c [mac80211]) [ 2652.770382] [<7f1b9a98>] (ieee80211_hw_config [mac80211]) from [<7f1d904c>] (ieee80211_set_monitor_channel+0x10c/0x110 [mac80211]) [ 2652.770812] [<7f1d904c>] (ieee80211_set_monitor_channel [mac80211]) from [<7f12d3c4>] (cfg80211_set_monitor_channel+0x78/0x1a8 [cfg80211]) [ 2652.771191] [<7f12d3c4>] (cfg80211_set_monitor_channel [cfg80211]) from [<7f111724>] (nl80211_set_channel+0xf4/0x2b0 [cfg80211]) [ 2652.771565] [<7f111724>] (nl80211_set_channel [cfg80211]) from [<7f113a80>] (nl80211_set_wiphy+0x2c4/0x9a0 [cfg80211]) [ 2652.771765] [<7f113a80>] (nl80211_set_wiphy [cfg80211]) from [<806b6950>] (genl_rcv_msg+0x21c/0x42c) [ 2652.771784] [<806b6950>] (genl_rcv_msg) from [<806b5a2c>] (netlink_rcv_skb+0xd0/0xf0) [ 2652.771800] [<806b5a2c>] (netlink_rcv_skb) from [<806b6724>] (genl_rcv+0x34/0x44) [ 2652.771816] [<806b6724>] (genl_rcv) from [<806b5190>] (netlink_unicast+0x190/0x254) [ 2652.771831] [<806b5190>] (netlink_unicast) from [<806b55e4>] (netlink_sendmsg+0x2c8/0x350) [ 2652.771849] [<806b55e4>] (netlink_sendmsg) from [<80657c84>] (sock_sendmsg+0x24/0x34) [ 2652.771865] [<80657c84>] (sock_sendmsg) from [<80658418>] (_sys_sendmsg+0x1cc/0x1f4) [ 2652.771880] [<80658418>] (___sys_sendmsg) from [<80659194>] (sys_sendmsg+0x50/0x80) [ 2652.771896] [<80659194>] (__sys_sendmsg) from [<806591dc>] (SyS_sendmsg+0x18/0x1c) [ 2652.771914] [<806591dc>] (SyS_sendmsg) from [<80108080>] (ret_fast_syscall+0x0/0x28) [ 2652.771923] ---[ end trace ae7aa15df7998f0d ]---
Hello, the broadcom-wl driver supports monitor mode. Yet I can't find a way to get it to work with kismet. It's just a matter of setting
1to/proc/brcm_monitor0. That creates aprism0interface. It works with aircrack-ng. I've tried setting kismet source to bothprism0and the actual interface.And yes, broadcom-wl driver is the ONLY driver I can use, since I have a crappy BCM4352...
Thanks.
EDIT: Injection doesn't work and it's got the channel -1 issue. But still it should be able to see APs on channel 1.