|
Re: [Announce] Kismet + Fully functional WLAN monitor mode for the N900
Did you EVEN read the thread? The author of that site, created this thread with a link to that post and explained it all in the first freaking post.
What is wrong with 90% of the people here? |
Re: [Announce] Kismet + Fully functional WLAN monitor mode for the N900
lxp,
I sent the two files (kismet.log and dmesg.log) to you via private message (so I wouldn't be spamming this thread). The issue I am referring to is certainly reproducible (it happens nearly every time I am at the location which has 7 - 10 Cisco wireless access points and a handful of Wi-Fi clients. Thank you Quote:
|
Re: [Announce] Kismet + Fully functional WLAN monitor mode for the N900
mail_e36,
I found nothing special in your logfiles, can you please send me the pcapdump generated while that Kismet run. (I think best would be to upload it to an oneclick hoster) The only thing I found in your logfile is that you have installed the btscan plugin, but it shouldn't be active regarding the logfiles. Just to be sure, can you try it again after completely uninstalling btscan? For all others I want to note that I haven't tested any of the plugins yet. Does your problem only happen at this location or have it already happened on another place too? What happens if you run Kismet successfully and go to this special place? Maybe we should really talk on IRC so I can ask you some more questions. |
Re: [Announce] Kismet + Fully functional WLAN monitor mode for the N900
Hello lxp,
I apologize about taking so long to respond. Per your instructions, I would like to send you the generated Pcap, but Private Message doesn't allow attachments, please provide your email address via private message to me so I can sedn the file. The problem of seeing a large number of networks listed on the Kismet status (8 - 15) but seeing none of them listed in the active main screen (only the "AutoGroup") is not unique to a specific location, but it does tend to happen more often in a specific location where I have 8 - 12 Cisco wireless access points available. To add another wrench into the mix, sometimes in random locations I start up Kismet and I am able to see no wireless networks at all. The generated Pcap shows nothing. In nearly every case a reboot of the device, and/or toggling wlan0 on and off fixes the issue, albeit temporarily. Please take a look at my private message for the Pcap. These issues came up prior to installing the Btscan plugin. Thank you again. |
Re: [Announce] Kismet + Fully functional WLAN monitor mode for the N900
My monitor mode patch version 2 is now available. It can be downloaded on my blog. Moreover it will be included in the upcoming 2.6.28-maemo35 release of Titan's power kernel.
Changes: * FIX: capture encrypted packets (thanks to hardkorek for reporting the bug) * FIX: reported data rate and channel type |
Re: [Announce] Kismet + Fully functional WLAN monitor mode for the N900
Awesome. Thanks for your work, lxp. It's greatly appreciated.
|
Re: [Announce] Kismet + Fully functional WLAN monitor mode for the N900
lxp
Thankyou for your work on this. As my two day old n900 is back to stock kernel waiting for PR1.2 I haven't tried out your patch or port yet. But once I'm back on titan's kernels your app will be going straight on. |
Re: [Announce] Kismet + Fully functional WLAN monitor mode for the N900
Below I am posting lxp's response (which was via email), in case other N900 Kismet users are experiencing similar issues:
----------------------------- I have analysed your pcap file and in combination to your bug description, I think the problem is due to the driver somehow misconfigures the wl1251's packet filtering in some special cases. My patch doesn't touch that part of the driver because my tests showed it works without modification (for me) so I haven't thought much about it. I think the bug is triggered by either a special network type or parameter of a network you connect to before going into monitor mode. Maybe it is not only caused by a single network but a combination of different networks if you usually use multiple networks before monitor mode. It would be good if you could try to determine the network or even better the parameter itself which causes the problem. At best you would reboot after every network connect + monitor mode test to get a clean state for the next try. I would first suspect ad-hoc networks if you use any because I haven't tested ad-hoc networking yet. If you can determine a network which causes the problem, please tell me the parameters of it: * network type (infrastructure/ad-hoc), * encryption type (open/wep/wpa-psk/wpa eap), * hidden ssid (yes/no) and * power management (full/half/off) Maybe you can also suspect a network parameter for triggering the bug. If you couldn't determine any single network which causes the problem I think I have to build a debug driver for you, so we can tell for sure your problem isn't caused by the packet filtering. |
Re: [Announce] Kismet + Fully functional WLAN monitor mode for the N900
In a different note, I understand that once PR 1.2 is installed we N900 Kismet users will have two choices, either wait for the revised version of Titan's power kernel, or apply lxp's updated monitor mode patch directly to the official PR 1.2 release? I understand that Titan's power kernel must be uninstalled prior to PR 1.2 installation.
Thanks |
Re: [Announce] Kismet + Fully functional WLAN monitor mode for the N900
titan's power35 and up, incorporate the new patch.
|
Re: [Announce] Kismet + Fully functional WLAN monitor mode for the N900
I do understand that Titan's Power35 and up will incorporate the new patch, but my question is:
If I am currently running Titan's Power Kernel, do I have to downgrade back to the Nokia kernel to upgrade from PR 1.1 to PR 1.2? After I upgrade to PR 1.2 can I immediately upgrade to the latest Titan Power Kernel, or do I have to wait for Titan to incorporate PR 1.2 into his kernel? I realize this is not the ideal audience for this question, but I think the N900 Kismet users are more knowledgeable on these things than the regular N900 users :) |
Re: [Announce] Kismet + Fully functional WLAN monitor mode for the N900
Quote:
Quote:
(Source: http://talk.maemo.org/showthread.php?p=676177) |
Re: [Announce] Kismet + Fully functional WLAN monitor mode for the N900
Quote:
|
Re: [Announce] Kismet + Fully functional WLAN monitor mode for the N900
I have delayed my response since I wanted to test the N900 Kismet application with PR 1.2.
I installed PR 1.2 after doing a complete re-flashof the device, after that I installed the latest Power Kernel from Titan. I have done several reboots and so far Kismet seems to be working properly, I don't have the problem I had before with everything getting autogrouped. I will continue to test this for a few days to see the outcome before having you go through any more work by writing a debug driver or anything else. The only issue I've encountered so far is after I properly exit Kismet I get a message saying "Kismet is Shutting Down" on xterm but it never drop me back to the prompt unless I press Control C. Thanks, Quote:
|
Re: [Announce] Kismet + Fully functional WLAN monitor mode for the N900
Quote:
If anyone else experiences similar problems with PR1.2 and a recent power kernel, please tell me. Quote:
|
Re: [Announce] Kismet + Fully functional WLAN monitor mode for the N900
Help me pleaseeee,
The file "/opt/kismet/etc/kismet.conf" doesn`t exist for me. :( |
Re: [Announce] Kismet + Fully functional WLAN monitor mode for the N900
Quote:
If you are really sure that the config file doesn't exist, I would recommend to try uninstalling and reinstalling the kismet package through the program manager. But remember if you can run the kismet server and it doesn't complain about a missing kismet.conf, then it does exist and you only couldn't find it. |
Re: [Announce] Kismet + Fully functional WLAN monitor mode for the N900
Thanks for the reply, but I installed and reinstalled and not working.
Kismet.conf file does not exist. http://img715.imageshack.us/img715/2...reenshot58.png And the server doesn`t work too. http://img63.imageshack.us/img63/994/screenshot65.png I have PR1.2 and the latest Titan`s kernel 2.6.28.10power37. :( |
Re: [Announce] Kismet + Fully functional WLAN monitor mode for the N900
Thank you for all.
A friend sent me the file "kismet.conf" and now it works. |
Re: [Announce] Kismet + Fully functional WLAN monitor mode for the N900
Quote:
If someone else has the same problem, please tell me. Maybe there is a problem with PR 1.2 and the Kismet package. |
Re: [Announce] Kismet + Fully functional WLAN monitor mode for the N900
lxp,
As an update to my last post, since flashing my N900 and upgrading to PR 1.2 I no longer experience the the 'Autogrouping everything' problem. The problem was likely linked to my highly modified instance of PR 1.1. On a different note, what is your opinion on these Kismet plugins which have recently popped up for the N900 Kismet application? Have you tried any of them, have you had any luck with them? Thanks again Quote:
|
Re: [Announce] Kismet + Fully functional WLAN monitor mode for the N900
Quote:
kismet-plugin-autowep - Calculate WEP key for one specific access point type Useful if you have a supported ap in range. See http://xkyle.com/2009/03/03/verizon-...ey-calculator/ kismet-plugin-btscan - Active Bluetooth scanning I am pretty sure btscan will badly influence the wlan scanning results as it does ACTIVE bluetooth scanning. kismet-plugin-dot15d4 - Support for 802.15.4 low-power network sensors, ... Useless without special scanning hardware. Moreover the plugin seems to be incomplete. kismet-plugin-ptw - Tries to brouteforce the WEP key for networks in range (using aircrack-ng code) I think that plugin will cause enormous battery drain because of the high cpu usage. kismet-plugin-spectools - Displays wireless spectrum discovered by spectrum analysers like the Wi-Spy (tm Metageek) Useless without special scanning hardware. |
Re: [Announce] Kismet + Fully functional WLAN monitor mode for the N900
Just wanted to chime in here, for some reason offline mode is being enabled when kismet is invoked. I'm not sure if it's the server or the client.
This shouldn't happen. |
Re: [Announce] Kismet + Fully functional WLAN monitor mode for the N900
Quote:
That hack is needed because wlancond interferes with monitor mode. Completely stopping and starting wlancond is error-prone, so I have decided to use the offline mode way. The only problem I am aware of until now is if you exit Kismet through the X button it wouldn't restore the wlancond status. You should exit it using Ctrl+C as a workaround of that problem. I also expect monitor mode will break if you manually change online/offline mode while using Kismet. |
Re: [Announce] Kismet + Fully functional WLAN monitor mode for the N900
GSM is dropped out for me. I'll do some more testing and report back
|
Re: [Announce] Kismet + Fully functional WLAN monitor mode for the N900
hi
to do a handsake with n900 asuming thet you have clients on the network you need injetion? i capture a .cap with one handshake but i got not passfrase in dictionari ( i use password.lst feom aircrack and password.lst from jack the reapper) i do somting wrong or is just becose injection is not working with n900? |
Re: [Announce] Kismet + Fully functional WLAN monitor mode for the N900
Live injection without association does NOT work with the WL1251. Seems to be an issue with tertiary firmware AND drivers. Wait a while.
|
Re: [Announce] Kismet + Fully functional WLAN monitor mode for the N900
Hello everyone,
It appears I spoke too soon in my previous posting when I said there is no problem under PR 1.2. Indeed all the same problems I had with my customized PR 1.1 have now come back with PR 1.2 (I did a completely fresh flash of everything on my N900, not an upgrade from PR 1.1), including the problem which "AutoGroups" everything came back. Additionally, at times when I start up Kismet it cannot even bind to the wireless interface, with the console reading "capture source 'wlan0' doesn't appear to use the set_prismhdr i control". Selecting "Close Console Window" persistently shows zero visible networks in areas of high network concentrations. Sometimes a reboot resolves the problem, more often a reboot does not resolve the problem. I am running Power Kernel 2.6.28.10power37, dated May 26th 2010. Do we suspect this to be a driver issue? Has any experience similar issues? Quote:
|
Re: [Announce] Kismet + Fully functional WLAN monitor mode for the N900
Looks promising, but is it safe to use this app on Titans V37 on FW 1.2 already? Thanks in advance for a reply.
|
Re: [Announce] Kismet + Fully functional WLAN monitor mode for the N900
For more information, I have recently updated to the newest Power Kernel from the previous version, it is very possible that the problem with Kismet started showing up after upgrading to the latest Power Kernel (Power Kernel 2.6.28.10power37).
Here is the basic timeline (if it is of any help:) I installed PR 1.2 the day it was released, installed the newest available Power Kernel, and things were running smoothly, Kismet was working well. About a week after PR 1.2 is released Titan released his new version of the Power Kernel, I upgraded to it, and didn't check Kismet for a while. I finally had some time to try Kismet and I started experiencing the previously stated problems with Kismet. This would lead me to suspect the new Power Kernel causing the issue to come back, but this is more of a hypothesis than a fact. Is anyone running the latest Power Kernel 2.6.28.10power37 with the latest Kismet, do you experience problems? Thanks Quote:
|
Re: [Announce] Kismet + Fully functional WLAN monitor mode for the N900
hi
kismet cand capture handsake data pack? |
Re: [Announce] Kismet + Fully functional WLAN monitor mode for the N900
Kismet will capture any and all traffic "on the wire". Data, beacons, management frames, including wpa handshakes if they take place.
|
Re: [Announce] Kismet + Fully functional WLAN monitor mode for the N900
thank you!
i try to capture some data but no luck with handshakes. i will try some more. |
Re: [Announce] Kismet + Fully functional WLAN monitor mode for the N900
Quote:
Quote:
I'll try it right now... and it worked, first try. Maybe you should try returning to stock frequencies/voltages and see if that helps. |
Re: [Announce] Kismet + Fully functional WLAN monitor mode for the N900
no problem with power kernel 2.6.28.10power37 so far
|
Re: [Announce] Kismet + Fully functional WLAN monitor mode for the N900
Hello
I run 2.6.28.10power37 kernel overklocked ideal to 700 MHz. Also have PR1.2 and latest kismet. I have to run as root, when I do I see many networks and packets coming on them. Diff between you and me I have never ran an older power kernel and never reflashed. |
Re: [Announce] Kismet + Fully functional WLAN monitor mode for the N900
Ok as requested by lxp, I hereby report my findings on kismet with almost latest stuff.
PR1.2 firmware: flashed without using OTA method. eMMC remains stock. kernel: 2.6.28.10power37. No other kernel hack patches added on. wireless power management: off (disabled completely via wlancond with settings from one AP profile). The issue seems to be with bluetooth co-existance. I originally had my bluetooth turned on but in hidden mode and the results from both kismet and airodump-ng only showed probes (along with autogroup probe under kismet) but no APs except when I physically raised the height of the n900 I was only able to pick up one or two (along with physically rotating n900). However whilst constantly on the move I was not able to pick up any APs only probes. The issue was later solved by turning off bluetooth completely which resulted in perfectly working kismet along with airodump-ng. Thanks again to lxp (lxp1 on #kismet at irc.freenode.net) for the help :) (edit) It was interesting to note however, during bluetooth module being turned on and set to hidden mode, the wireless module device being in managed mode (not monitor mode), it was able to pick up far more APs with active probing. (/edit) |
Re: [Announce] Kismet + Fully functional WLAN monitor mode for the N900
tuxsavvy,
It seems like you have solved my mystery! Indeed when I test Kismet with Bluetooth DISABLED it seems to run perfectly, but when Bluetooth is on (even in "hidden mode") I only get probes. I certainly agree the problem is with Bluetooth and Kismet co-existence. While this would be great to fix, we can certainly live with turning off Bluetooth before running Kismet. Lxp should document this, though. Thanks! Quote:
|
Re: [Announce] Kismet + Fully functional WLAN monitor mode for the N900
Lxp,
If you find a few minutes free you may want to update your website to reflect the below information. Knowing this would have saved me tons of time :) Quote:
|
Re: [Announce] Kismet + Fully functional WLAN monitor mode for the N900
Quote:
A big thanks to tuxsavvy who greatly helped solving this problem. |
| All times are GMT. The time now is 07:04. |
vBulletin® Version 3.8.8