Closed marc-y-marc closed 5 years ago
gpotter2
commented
5 years ago Thanks for the very complete report !
I see that you figured out the conf.use_pcap yourself. If libpcap can't send packets, we probably won't be able to support it :/
I don't know how the aircrack driver works, for instance if special calls should be used. Maybe you could ask there.
Maybe retry against master ? It has dropped the need to have pcapy, pypcap... install, but I don't except it to fix anything :/
guedou
commented
5 years ago This RPI as embedded Wi-Fi. Did you select the correct interface while trying to inject packets?
What is the output of conf.iface and conf.routes ?
marc-y-marc
commented
5 years ago Thanks for both replies! @gpotter2 : is there a way to test what's wrong with libpcap? And is there a specific version of libpcap i need? Sometimes the raspbian repo can be very outdated. Currently on libpcap0.8-dev. E.g. is it possible to send a raw packet without scapy so i can test that part of the chain? I'll try against the master and let you know if it changes anything.
edit: see below -> i tried to add it to my Python evt using Pip. It get's a newer version but results remain.
@guedou : yes - i selected the correct one. wlan0 is the onboard, wlan1 and wlan2 are my external which are in monitor mode.
conf.iface = wlan1 (i changed my code a bit after your comment so i dont use iface=wlan1 but conf.iface=wlan1 from now on)
Below the full config:
ASN1_default_codec = <ASN1Codec BER[1]> AS_resolver = <scapy.as_resolvers.AS_resolver_multi object at 0x7582e970> BTsocket = <BluetoothRFCommSocket: read/write packets on a connected L2CAP... L2listen = <L2ListenSocket: read packets at layer 2 using Linux PF_PACKET ... L2socket = <L2Socket: read/write packets at layer 2 using Linux PF_PACKET ... L3socket = <L3PacketSocket: read/write packets at layer 3 using Linux PF_P... L3socket6 = functools.partial(<L3PacketSocket: read/write packets at layer ... USBsocket = None auto_crop_tables = True auto_fragment = 1 cache_iflist = {} checkIPID = 0 checkIPaddr = 1 checkIPinIP = True checkIPsrc = 1 check_TCPerror_seqack = 0 color_theme =
commands = IPID_count : Identify IP id values classes in a list of packets... contribs = {} crypto_valid = True crypto_valid_advanced = True crypto_valid_recent = True debug_dissector = 0 debug_match = 0 debug_tls = 0 default_l2 = <class 'scapy.packet.Raw'> dot15d4_protocol = None emph = <Emphasize []> ethertypes = </etc/ethertypes - 3 elements> except_filter = '' extensions_paths = '.' fancy_prompt = True geoip_city = None histfile = '/root/.scapy_history' iface = 'wlan1' iface6 = 'lo' interactive = False interactive_shell = '' ipv6_enabled = True l2types = 0x0 -> Loopback (Loopback) 0x1 <- Dot3 (802.3) 0x1 <-> Ether (E... l3types = 0x3 -> IP (IP) 0x800 <-> IP (IP) 0x806 <-> ARP (ARP) 0x86dd <->... layers = Packet : <member 'name' of 'Packet' objects> NoPayload : <membe... load_layers = ['bluetooth', 'bluetooth4LE', 'dhcp', 'dhcp6', 'dns', 'dot11',... logLevel = 30 manufdb = </usr/share/wireshark/manuf - 36220 elements> mib = <MIB - 343 elements> min_pkt_size = 60 neighbor = Ether -> IPv6 Dot3 -> SNAP Ether -> ARP Ether -> IP Dot3 -> IP ... netcache = arp_cache: 0 valid items. Timeout=120s in6_neighbor: 0 valid it... noenum = <Resolve []> padding = 1 padding_layer = <class 'scapy.packet.Padding'> prog = display = 'display' dot = 'dot' hexedit = 'hexer' ifconfig = 'i... promisc = 1 prompt = '>>> ' protocols = </etc/protocols - 56 elements> raw_layer = <class 'scapy.packet.Raw'> raw_summary = False recv_poll_rate = 0.05 resolve = <Resolve []> route = Network Netmask Gateway Iface Output IP Metric 0.0.0.0 0.0.0.0 ... route6 = Destination Next Hop Iface Src candidates Metric fe80::/64 :: w... services_tcp = </etc/services-tcp - 316 elements> services_udp = </etc/services-udp - 217 elements> session = '' sniff_promisc = 1 stats_classic_protocols = [<class 'scapy.layers.inet.TCP'>, <class 'scapy.la... stats_dot11_protocols = [<class 'scapy.layers.inet.TCP'>, <class 'scapy.laye... stealth = 'not implemented' temp_files = [] teredoPrefix = '2001::' teredoServerPort = 3544 use_bpf = False use_dnet = False use_npcap = False use_pcap = False use_pypy = False use_winpcapy = False verb = 2 version = '2.4.3rc1' warning_threshold = 5 wepkey = ''
marc-y-marc
commented
5 years ago Now looking at it... the strange thing is that use_pcap is set to False while in my code i explicitly set it to True.
marc-y-marc
commented
5 years ago I tried adding libpcap to my Python environment, so not using apt-get but:
sudo python3 -m pip install libpcap
No difference, the use_pcap value remains False.
I do think we are on to something here.
edit: if i set use_pypy = True this actually works. So the real issue is that i can't set use_pcap to True
gpotter2
commented
5 years ago @marc-y-marc conf.use_pcap remains True only if it actually worked.
Have you turned off the warnings ? It will display one when it fails.
If you hop in into a scapy shell, and try it, what do you get ?
If the issue is something like "pcapy not installed", please retry against master
marc-y-marc
commented
5 years ago I did not turn of warnings, so its weird that it did not show me any. Anyway, i hopped into the scapy shell using sudo pyhton3 -m scapy.
i got:
>>> conf.use_pcap = True
ERROR: Unable to import any of the pcap modules: No module named 'pcapy'/No module named 'pcap'
WARNING: No pcap provider available ! pcap won't be usedSo now i managed to resolve that issue in 2 ways:
Now i can change the conf.use_pcap without errors :-)
The problem however that i cannot transmit packets is still there. See next post.
marc-y-marc
commented
5 years ago When i added the 'monitor=True' to sendp() it gives me the following:
Master branch:
Traceback (most recent call last):
File "./wifi-beacons.py", line 38, in <module>
sendp(frame, monitor=True, iface=conf.iface, inter=0.100, loop=1)
File "/usr/local/lib/python3.5/dist-packages/scapy/sendrecv.py", line 342, in sendp
socket = socket or conf.L2socket(iface=iface, *args, **kargs)
File "/usr/local/lib/python3.5/dist-packages/scapy/arch/pcapdnet.py", line 314, in __init__
monitor=monitor)
File "/usr/local/lib/python3.5/dist-packages/scapy/arch/pcapdnet.py", line 261, in <lambda>
open_pcap = lambda *args, **kargs: _PcapWrapper_winpcap(*args, **kargs)
File "/usr/local/lib/python3.5/dist-packages/scapy/arch/pcapdnet.py", line 207, in __init__
raise OSError("Could not activate the pcap handler")
OSError: Could not activate the pcap handler
Back to 2.4.3rc1 sort of the same:
File "./wifi-beacons.py", line 37, in <module>
sendp(frame, iface=conf.iface, monitor=True, inter=0.100, loop=1)
File "/usr/local/lib/python3.5/dist-packages/scapy/sendrecv.py", line 334, in sendp
socket = socket or conf.L2socket(iface=iface, *args, **kargs)
File "/usr/local/lib/python3.5/dist-packages/scapy/arch/pcapdnet.py", line 472, in __init__
self.ins = open_pcap(iface, MTU, self.promisc, 100, monitor=monitor) # noqa: E501
File "/usr/local/lib/python3.5/dist-packages/scapy/arch/pcapdnet.py", line 417, in <lambda>
open_pcap = lambda *args, **kargs: _PcapWrapper_pcapy(*args, **kargs) # noqa: E501
File "/usr/local/lib/python3.5/dist-packages/scapy/arch/pcapdnet.py", line 375, in __init__
raise OSError("Could not activate the pcap handler") # noqa: E501
OSError: Could not activate the pcap handler
I also see the sockets have changed in my config object, so that part seems to function now.
ASN1_default_codec = <ASN1Codec BER[1]>
AS_resolver = <scapy.as_resolvers.AS_resolver_multi object at 0x741484f0>
BTsocket = <BluetoothRFCommSocket: read/write packets on a connected L2CAP...
L2listen = <L2pcapListenSocket: read packets at layer 2 using libpcap>
L2socket = <L2pcapSocket: read/write packets at layer 2 using only libpcap>
L3socket = <L3pcapSocket: read/write packets at layer 3 using only libpcap>
L3socket6 = functools.partial(<L3pcapSocket: read/write packets at layer 3 ...
USBsocket = None
OK - I just tried to use a diffrent library (pypcap) - so i uninstalled pcapy - and i got an error from this library that gave some more detail then the pcapy library.
Error using pypcap
Traceback (most recent call last):
File "./wifi-beacons.py", line 37, in <module>
sendp(frame, iface=conf.iface, monitor=True, inter=0.100, loop=1)
File "/usr/local/lib/python3.5/dist-packages/scapy/sendrecv.py", line 334, in sendp
socket = socket or conf.L2socket(iface=iface, *args, **kargs)
File "/usr/local/lib/python3.5/dist-packages/scapy/arch/pcapdnet.py", line 472, in __init__
self.ins = open_pcap(iface, MTU, self.promisc, 100, monitor=monitor) # noqa: E501
File "/usr/local/lib/python3.5/dist-packages/scapy/arch/pcapdnet.py", line 323, in <lambda>
open_pcap = lambda *args, **kargs: _PcapWrapper_pypcap(*args, **kargs) # noqa: E501
File "/usr/local/lib/python3.5/dist-packages/scapy/arch/pcapdnet.py", line 290, in __init__
self.pcap = pcap.pcap(device, snaplen, promisc, immediate=1, timeout_ms=to_ms, rfmon=monitor) # noqa: E501
File "pcap.pyx", line 231, in pcap.pcap.__init__
OSError: Activateing packet capture failed. Error returned by packet capture library was b'wlan0: SIOCGIWPRIV: Argument list too long'
mattmart3
commented
5 years ago Same issue here. I am using an AWUS036ACH adapter with the same chipset and driver reported by @marc-y-marc . The injection test with aireplay-ng works but on USB2.0 only. Injection also works with the mdk3 tool (tested in beacon flood mode). With scapy I have no error reported by the script which starts fine but I see no beacon frames captured from another adapter.
Environment
I have tested the same example script used by @marc-y-marc
Here's the output:
###[ RadioTap dummy ]###
version = 0
pad = 0
len = None
present = None
notdecoded= ''
###[ 802.11-FCS ]###
subtype = 8
type = Management
proto = 0
FCfield =
ID = 0
addr1 = ff:ff:ff:ff:ff:ff
addr2 = 22:22:22:22:22:22
addr3 = 33:33:33:33:33:33
SC = 0
fcs = None
###[ 802.11 Beacon ]###
timestamp = 0
beacon_interval= 100
cap = ESS+privacy
###[ 802.11 Information Element ]###
ID = SSID
len = 8
info = 'testSSID'
###[ 802.11 Information Element ]###
ID = RSNinfo
len = None
info = '\x01\x00\x00\x0f\xc2\xac\x02\x02\x00\x00\x0f\xc2\xac\x04\x00\x0f\xc2\xac\x02\x01\x00\x00\x0f\xc2\xac\x02\x00\x00'
Hexdump of frame:
0000 00 00 08 00 00 00 00 00 80 00 00 00 FF FF FF FF ................
0010 FF FF 22 22 22 22 22 22 33 33 33 33 33 33 00 00 ..""""""333333..
0020 00 00 00 00 00 00 00 00 64 00 11 00 00 08 74 65 ........d.....te
0030 73 74 53 53 49 44 30 1C 01 00 00 0F C2 AC 02 02 stSSID0.........
0040 00 00 0F C2 AC 04 00 0F C2 AC 02 01 00 00 0F C2 ................
0050 AC 02 00 00 F0 48 B8 7C .....H.|
Press enter to start
..............................................................................^CHere's the config:
ASN1_default_codec = <ASN1Codec BER[1]>
AS_resolver = <scapy.as_resolvers.AS_resolver_multi object at 0x7f429d2ad828>
BTsocket = <BluetoothRFCommSocket: read/write packets on a connected L2CAP...
L2listen = <L2ListenSocket: read packets at layer 2 using Linux PF_PACKET ...
L2socket = <L2Socket: read/write packets at layer 2 using Linux PF_PACKET ...
L3socket = <L3PacketSocket: read/write packets at layer 3 using Linux PF_P...
USBsocket = None
auto_crop_tables = True
auto_fragment = 1
cache_iflist = {}
cache_in6_getifaddr = []
cache_ipaddrs = {}
checkIPID = 0
checkIPaddr = 1
checkIPinIP = True
checkIPsrc = 1
check_TCPerror_seqack = 0
color_theme = <NoTheme>
commands = IPID_count : Identify IP id values classes in a list of packets...
contribs = {}
crypto_valid = False
crypto_valid_advanced = False
crypto_valid_recent = False
debug_dissector = 0
debug_match = 0
debug_tls = 0
default_l2 = <class 'scapy.packet.Raw'>
dot15d4_protocol = None
emph = <Emphasize []>
ethertypes = </etc/ethertypes - 31 elements>
except_filter = ''
extensions_paths = '.'
fancy_prompt = True
geoip_city = None
histfile = '/root/.scapy_history'
iface = 'eno1'
iface6 = 'lo'
interactive = False
interactive_shell = ''
ipv6_enabled = True
l2types = 0x0 -> Loopback (Loopback) 0x1 <- Dot3 (802.3) 0x1 <-> Ether (E...
l3types = 0x3 -> IP (IP) 0x800 <-> IP (IP) 0x806 <-> ARP (ARP) 0x86dd <->...
layers = Packet : <member 'name' of 'Packet' objects> NoPayload : <membe...
load_layers = ['bluetooth', 'bluetooth4LE', 'dhcp', 'dhcp6', 'dns', 'dot11',...
logLevel = 30
manufdb = </usr/share/wireshark/manuf - 36837 elements>
mib = <MIB - 343 elements>
min_pkt_size = 60
neighbor = Ether -> LLC Dot3 -> LLC Dot3 -> SNAP Ether -> Dot1Q Ether -> A...
netcache = arp_cache: 0 valid items. Timeout=120s in6_neighbor: 0 valid it...
noenum = <Resolve []>
padding = 1
padding_layer = <class 'scapy.packet.Padding'>
prog = display = 'display' dot = 'dot' hexedit = 'hexer' ifconfig = 'i...
promisc = 1
prompt = '>>> '
protocols = </etc/protocols - 135 elements>
raw_layer = <class 'scapy.packet.Raw'>
raw_summary = False
recv_poll_rate = 0.05
resolve = <Resolve []>
route = Network Netmask Gateway Iface Output IP Metric 0.0.0.0 0.0.0.0 ...
route6 = Destination Next Hop Iface Src candidates Metric ::1/128 :: lo ...
services_tcp = </etc/services-tcp - 5810 elements>
services_udp = </etc/services-udp - 5462 elements>
session = ''
sniff_promisc = 1
stats_classic_protocols = [<class 'scapy.layers.inet.TCP'>, <class 'scapy.la...
stats_dot11_protocols = [<class 'scapy.layers.inet.TCP'>, <class 'scapy.laye...
stealth = 'not implemented'
temp_files = []
teredoPrefix = '2001::'
teredoServerPort = 3544
use_bpf = False
use_dnet = False
use_npcap = False
use_pcap = False
use_pypy = False
use_winpcapy = False
verb = 2
version = '2.4.2'
warning_threshold = 5
wepkey = ''However, the same script is working fine with another adapter TL-WN722N (ath9k_htc driver). The scapy configuration printed out before the sendp instruction is exactly the same.
marc-y-marc
commented
5 years ago @matteomartelli : I see you are running on 2.4.2. Can you install the master branch of scapy? Or install pypcap using pip? I see in your config:
use_pcap = False
The script should set it to True but it fails if you dont have pypcap or the latest master which doesnt need it anymore.
mattmart3
commented
5 years ago I have just tested with the latest version from master (2.4.3rc1.dev223) and I have the same issue. I also tried installing pypcap and nothing changed. Running the script from the scapy shell I noticed that use_pcap is correctly set to True. Still, my other adapter works fine, thus I believe the issue is related to something more deeper and closer to the raw socket and the driver. @marc-y-marc is it fixed for you? Do you see your injected beacons?
marc-y-marc
commented
5 years ago Ok @matteomartelli - No, i'm having the same issue and really hope we can figure a way to make it work with some help of the dev's. It could be an issue with the driver, just not sure how to proceed as aircrack-ng is working correctly. Could also be related to pypcap or libpcap.
guedou
commented
5 years ago Can you share frames that you are able to capture with the sniff() function?
marc-y-marc
commented
5 years ago @guedou : sure, see below screenshot. I used sniff('wlan0', prn=lambda x: x.summary()).
Hope this helps!
marc-y-marc
commented
5 years ago @guedou : i also made a screenshot of a single packet more detailed. See below.
marc-y-marc
commented
5 years ago I just performed a full reinstall of my raspberry. Instead of using Raspbian i switched to Ubuntu server. Same results:
Traceback (most recent call last):
File "./wifi-beacons.py", line 37, in <module>
sendp(frame, iface=conf.iface, inter=0.100, loop=1, monitor=True)
File "/usr/local/lib/python3.6/dist-packages/scapy/sendrecv.py", line 334, in sendp
socket = socket or conf.L2socket(iface=iface, *args, **kargs)
File "/usr/local/lib/python3.6/dist-packages/scapy/arch/pcapdnet.py", line 472, in __init__
self.ins = open_pcap(iface, MTU, self.promisc, 100, monitor=monitor) # noqa: E501
File "/usr/local/lib/python3.6/dist-packages/scapy/arch/pcapdnet.py", line 417, in <lambda>
open_pcap = lambda *args, **kargs: _PcapWrapper_pcapy(*args, **kargs) # noqa: E501
File "/usr/local/lib/python3.6/dist-packages/scapy/arch/pcapdnet.py", line 375, in __init__
raise OSError("Could not activate the pcap handler") # noqa: E501
OSError: Could not activate the pcap handler
I also updated to master branch. Same error.
marc-y-marc
commented
5 years ago I check the return value of ‘pcap.activate’ which is returned from libpcap. Libpcap returns ‘-1’ which stands for ‘generic error’.
gpotter2
commented
5 years ago TBH, you will most likely have more luck if you ask either on the driver's page or on libpcap than here.
On the networking side, apart from all the detection & cross platforming, we don't do much apart from calling either Python/ioctl/Libpcap :/
However please stick up to the master branch. We had some issues related with RadioTap decoding, that were only fixed quite recently.
marc-y-marc
commented
5 years ago @gpotter2 : I think you are right.
I discovered today that injection (airepaly-ng --test) does not work when the adapter is in monitor mode. It only works when it is 'managed' or 'auto'. This is probably the source of the problem and needs to be fixed first before anything else.
I'm rebuilding drivers etc now and will report back when i have some news for those also having the same problem.
marc-y-marc
commented
5 years ago Ladies and gentlemen, we've got him!
There seems to be an issue with the 5.3.4 branch (and up) of the driver: https://github.com/aircrack-ng/rtl8812au
when libpcap needs to PCAP_SET_RFMON to 1 it just doenst PCAP_ACTIVATE() anymore and results in error code -1.
I went back to the 5.2.20 driver and everything worked again! Not sure if related but i did not use the dkms installer. I also used ifconfig and iwconfig instead of ip link and iw dev (which is in the manual).
@matteomartelli : hope this also fixes your issue!
Ps my packet is still 'mallformed' but i can now actually receive it from another adapter. Will tweak to scapy code to make sure its not malformed.
mattmart3
commented
5 years ago @marc-y-marc yes it's working for me too! Thank you for having shared your findings. I reinstalled the driver after editing the AUR package PKGBUILD script to point it to the 5.2.20 branch of the git repository. So this is my setup right now:
About the malformed packet I had the same issue. First make sure you correctly set up the binary string of the information elements: since you are using python 3 you have to place a 'b' character before the string (https://stackoverflow.com/questions/55589199/why-scapy-added-c2-byte-in-dot11-element-infomation). Also I guess that there is some isssue with that specific example because I still see malformed beacons with it but if I try to replay a beacon which is similar to a beacon I captured over the air it works fine :
netSSID = 'TESTNET' #Network name here
dot11 = Dot11(type=0, subtype=8, addr1='ff:ff:ff:ff:ff:ff',
addr2='22:22:22:22:22:22', addr3='22:22:22:22:22:22')
beacon = Dot11Beacon(cap='ESS+privacy+res12')
essid = Dot11Elt(ID='SSID',info=netSSID, len=len(netSSID))
rates = Dot11Elt(ID=1, info=(b"\x12\x98\x24\x30\x48\x60\x6c"))
dsset = Dot11Elt(ID='DSset', info=(b"\x01")) #channel
tim = Dot11Elt(ID='TIM', info=(b"\x00\x02\x01\x00"))
country = Dot11Elt(ID='Country', info=(b"\x55\x53\x00\x01\x0b\x17"))
erpinfo = Dot11Elt(ID=42, info=(b"\x02"))
rsn = Dot11Elt(ID='RSNinfo', info=(b"\x01\x00\x00\x0f\xac\x04\x01\x00\x00\x0f\xac\x04\x01\x00\x00\x0f\xac\x02\x28\x00"))
qbss = Dot11Elt(ID=11, info=(b"\x11\x00\x82\xa7\x61"))
unknown = Dot11Elt(ID=54, info=(b"\x85\x54\x00"))
ht_caps = Dot11Elt(ID='HTCapabilities', info=(b"\x2c\x19\x03\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"))
ht_info = Dot11Elt(ID=61, info=(b"\x0b\x08\x05\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"))
extcaps = Dot11Elt(ID='ExtendendCapatibilities', info=(b"\x01\x10\x08\x00\x00\x00\x00\x00"))
frame = RadioTap()/dot11/beacon/essid/rates/dsset/tim/country/erpinfo/rsn/qbss/unknown/ht_caps/ht_info/extcaps
frame.show()
print("\nHexDump of frame:")
hexdump(frame)The injected beacons with that custom frame are not marked as malformed by Wireshark. Still, my Android device does not list it but maybe it's because there is some mismatch between the injected capabilities and what my device is capable of. I would first try to replay one beacon of an AP listed by your other adapters exactly as it is. Then you may try to craft it. I hope this helps and thank you again for your feedback.
EDIT: After some adaptation to the frame I currently have the beacon listed on my Android smartphone adapter too.
First I am in Italy so I changed the Country Information Element from US to IT to match my country as the smartphone might have rejecteted that beacon due to some regulatory filter. Also, since I was injecting on channel 40 (5GHz) I added the maximum transmit power for channel 40 into the Country IE and changed the DSset element to 0x28 (channel 40). At last I removed the erpinfo information element too as it shouldn't make much sense for the 5GHz band:
dsset = Dot11Elt(ID='DSset', info=(b"\x28")) #updated channel
country = Dot11Elt(ID='Country', info=(b"\x49\x54\x00\x28\x0b\x17")) #updated country
frame = RadioTap()/dot11/beacon/essid/rates/dsset/tim/country/rsn/qbss/unknown/ht_caps/ht_info/extcaps #removed erpinfoThanks @matteomartelli, i've managed to make it appear on my phone now as well. I followed your instruction regarding the 'b' character. The only layers i needed to make it work were:
RadtioTap()/Dot11FCS/Dot11Beacon/Dot11Elt
Dot11FCS = Dot11FCS(type=0, subtype=8, addr1='ff:ff:ff:ff:ff:ff',
addr2='22:22:22:22:22:22', addr3='33:33:33:33:33:33')
Dot11Beacon = Dot11Beacon(cap='ESS+privacy')
Dot11Elt = Dot11Elt('id='SSID', info='TESTNET', len=len('TESTNET'))I kind of figured out that adding more layers was not requried.
kimocoder
commented
5 years ago @rofl0r this may be interesting? PCAP error we faced
rofl0r
commented
5 years ago when libpcap needs to PCAP_SET_RFMON to 1 it just doenst PCAP_ACTIVATE() anymore and results in error code -1.
check dmesg output. the driver has some debug code which could produce clues.
dagf2101
commented
4 years ago I confirm, injection still not working(for scapy) on rtl8812au branches >= 5.3
Worst thing is that the latest kali driver (realtek-rtl88xxau-dkms) is crashing on boot.
Fortunately, branch 5.2 is working for kali 2019.4
kimocoder
commented
4 years ago Don't know if Kali pushed the latest commit, the kernel v5.3 support patch. I'll check
kimocoder
commented
4 years ago I'll notify Kali, its working on kernel v5.3 here, I'll tag a new dkms string. Will check injection also first.
kimocoder
commented
4 years ago Injection om branch v5.3.4 is working fine.
dagf2101
commented
4 years ago Aireplay Works but not scapy, you need to test injection with scapy and check if you received the beacon/packet on a other device.
Brief description
The issue is that Scapy does not send any packets. No errors appear. I've tried 2 examples (beacons + answering machine) and both do not seem to work. Receiving in scapy works.
My adapter does support monitor mode & injection. If i run aireplay-ng and i perform a death attack or any other option, i can see the broadcasted packets using my second adapter as sniffer.
Environment
How to reproduce
Example 1: Beacons
I tried to play with the conf.use_pcap=True and the sendp(monitor=True). However they don't seem to have any influence.
Actual result
Expected result
Expected that the packetis sent using wlan1 - so it can be sniffed with wlan2 operating both on the same channel. However they are not broadcasted. No error occurs when i pressed enter to start the transmit.