LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - General (http://www.linuxquestions.org/questions/linux-general-1/)
-   -   Broadcom BCM4328 wireless adapter not supporting Monitor mode using WL and b44 (http://www.linuxquestions.org/questions/linux-general-1/broadcom-bcm4328-wireless-adapter-not-supporting-monitor-mode-using-wl-and-b44-703160/)

Aleks` 02-08-2009 01:11 PM

Broadcom BCM4328 wireless adapter not supporting Monitor mode using WL and b44
 
A friend of mine has a Dell XPS1530 lappy that has a broadcom bcm4328 wireless adapter. I tried installing kismet on it so I can scan for wireless network in range. I configured it with the source driver as bcm43xx in kismet.conf and complained that the driver didn't support monitor mode. It uses the proprietary 'wl' kernel module to operate but kismet can't use the 'wl' module and it says the same error. I tried unloding the wl and b44 modules and loding the b43 driver but then the adapter stoped working. I searched on the net a bit and found out that kisment doesn't work with the prorpietary drivers for that card.

Any help on how to re/configure kismet, install some module that enables monitor mode on the card and also works with kismet ?

Thanks in advance.

Drakeo 02-08-2009 10:47 PM

are you one of those student trying to do monitor with broadcom chips. this is so old. wow hacking Mass denial of service. ethical hacking just come out and say it. I have done this with every card I owned. if you can learn one thing a wifi card is a radio receiver and sender plus a net card. mmmmmmm sound tough not really old stuff. here get an A if you do this. And to rememeber this is for ethical reasons. you want injection why so you can monitor the out put of wifi router to get the keys. so tell your professor with out injection there is no need for monitor. unless he is looking at what his own router is sending to whom. why inject so I can make a false mac address and watch a router give up it's keys trying to connect. kismet not me command line and have fun

professorkhronos 04-30-2010 12:19 PM

Enabling monitor mode on bcm4328
 
Hi,

I use 2 drivers when I can.... wl for just internet browsing and ndiswrapper-1.55 with the bcmmon patch for monitor mode.
For the monitor mode,

1) go to this site: seclists.org/fulldisclosure/2008/Nov/506
2) download bcmmon.tar.bz2 (which includes the bcmwl5.inf, bcmwl5.sys, and bcmmon.diff files), then
3) download ndiswrapper-1.55 from the sourceforge site. Then,
4) copy bcmmon.diff in the bcmmon.tar.bz2 file to the ndiswrapper-1.55 directory.
5) Run "patch -p2 < ./bcmmon.diff" in the ndiswrapper-1.55 directory
6) Compile the code for ndiswrapper, then load the ndiswrapper module in ndiswrapper-1.55/driver with "insmod ./ndiswrapper.ko" + load the inf file into ndiswrapper with "ndiswrapper -i bcmwl5.inf"
7) Download the aircrack-ng 1.1 source code
8) go to src/osdep/ in the aircrack-ng source tree and edit linux.c with ViM
9) comment out lines 164-175 and 1405-1409 (these lines make up the function is_ndiswrapper() and the "exit if ndiswrapper" code.).
10) Compile aircrack-ng with make

11) Congratulations, you have a working monitor mode with bcm4328 on linux. Now you can use "airodump-ng -w dumpfile wlan0" to capture 802.11 frames in monitor mode.

Note:

There is some flakyness with the signal level readings pulled off the card. They are much larger than you would expect (by about 100).

The antenna on the xps m1530 is really nice (hyperband multi-antenna), so you should be able to get a good signal on a few different access points in the area.

--
ProfessorKhronos

jiballs 10-15-2010 10:27 AM

hey thanks for the post. i did all of this but when i tried to goto monitor mode this is what i get

jiballx@jiballx-laptop:~$ sudo airmon-ng stop wlan0
[sudo] password for jiballx:


Interface Chipset Driver

wlan0 Unknown ndiswrapper (MONITOR MODE NOT SUPPORTED)
(monitor mode disabled)

jiballx@jiballx-laptop:~$ sudo airmon-ng start wlan0


Found 5 processes that could cause trouble.
If airodump-ng, aireplay-ng or airtun-ng stops working after
a short period of time, you may want to kill (some of) them!

PID Name
1001 NetworkManager
1015 wpa_supplicant
1033 avahi-daemon
1035 avahi-daemon
1446 dhclient


Interface Chipset Driver

wlan0 Unknown ndiswrapper (MONITOR MODE NOT SUPPORTED)


jiballx@jiballx-laptop:~$



so please i do i get the ndiswrapper into monitor mode

jiballs 10-15-2010 10:31 AM

i tried all of this.but when i tried to get into monitor mode, this was what i got


jiballx@jiballx-laptop:~$ sudo airmon-ng stop wlan0
[sudo] password for jiballx:


Interface Chipset Driver

wlan0 Unknown ndiswrapper (MONITOR MODE NOT SUPPORTED)
(monitor mode disabled)

jiballx@jiballx-laptop:~$ sudo airmon-ng start wlan0


Found 5 processes that could cause trouble.
If airodump-ng, aireplay-ng or airtun-ng stops working after
a short period of time, you may want to kill (some of) them!

PID Name
1001 NetworkManager
1015 wpa_supplicant
1033 avahi-daemon
1035 avahi-daemon
1446 dhclient


Interface Chipset Driver

wlan0 Unknown ndiswrapper (MONITOR MODE NOT SUPPORTED)


jiballx@jiballx-laptop:~$

so can anyone tell me how to configure the "ndiswrapper" into monitor mode...a billion thanks in advance

Hangdog42 10-15-2010 10:59 AM

From the ndiswrapper FAQ:


Quote:

Is master mode or promiscuous mode supported?

No! NDIS doesn’t support Master/Repeater/Monitor modes. The only modes supported are Ad-Hoc and Managed. Note that some drivers may support features that are not in NDIS e.g., showing signal noise and possibly Master mode, but they are proprietary and no documentation available for them, so such features won’t be supported by ndiswrapper. Some settings don't work!

Drakeo 10-16-2010 03:39 AM

in 2009 I posted above. since then the rules of this format have been clarified for me.
we stay away from this subject all together. This is not what this format is about.
Monitor check this thread and close it.

jiballs 10-16-2010 12:22 PM

thanks for that.
i have completely uninstall ndiswrapper form synaptic and deleted the blacklist conf in /ect/modprobe.d/ but my wireless interface (eth1)refused to show up using ifconfig and/or iwconfig. please how do i get this fixed.can anyone help me with this? thanks in advance

jiballs 10-16-2010 12:47 PM

please can someone tell me how to bring back my eth1. cos after removing ndiswrapper, i cant find it when i issued "ifconfig"

Hangdog42 10-16-2010 03:31 PM

What chipset do you have? I know that there is some confusion around whether or not 4328 is a chipset or is an ID assigned to a specific type of 4321 chipsets. The 4321 does work with the sta driver and it might work with b43 if you also install firmware. All of theses (sta and firmware) almost certainly firmware available via synaptic.

jiballs 10-16-2010 05:14 PM

it's a BCM4312 when i type lspci and 14e4:4315 when i typed lspci -nn. and i also noticed that under system>administration>hardware drivers when i tried to activate the broadcom sta wireless driver but when i tried to activate it says installation faile check /var/log/jockey.log this i dont understand

jiballs 10-16-2010 06:22 PM

4315 but it also shows in hardware drivers that the driver is activated but currently not in use and that's giving me headache and i cant even see the eth1 in ifconfig or iwconfig.please help

Hangdog42 10-17-2010 07:22 AM

Quote:

4315 but it also shows in hardware drivers that the driver is activated but currently not in use and that's giving me headache and i cant even see the eth1 in ifconfig or iwconfig.please help
Lets just take this one step at a time. Have you installed sta? If so, how did you do it? I'm not trying to be a pain here, but if the basics aren't done, nothing else matters. If you have installed it, please post the output of lsmod and we can see if it is loading or if there is a potential conflict.

Drakeo 10-17-2010 08:42 AM

you will see the bcm4321 is not supported by the b43 in the kernel. You did right you installed the b43 STA driver. you will have to edit you /etc/modprobe.d/blacklist and add b43.ko this should be done automatically in Ubuntu when installing. The STA Module is still experimental. so you if you still have some issues with it cuttin out and slow data rate. you may want to go with a ndisswraper and use the W$ driver,
That is a last resort. you will have scan mode but never monitor mode.
here is some data here!
http://linuxwireless.org/en/users/Drivers/b43




B


b

sebat33 02-27-2011 12:45 PM

ndiswrapper is useless
 
u cant make ndiswrapper work proper., because it is just a wrapper
download from this page drivers for linux .,or etc.
wireless.kernel.org/en/users/Download/stable/#compat-wireless_2.6.38_stable_releases
page and do this:
copy drivers to root;
go to terminal;write this:<cd (driver folder name)>;than write;sudo make install; - and then will install drivers;and than load
your drivers(im my case like this;sudo athload ath5k:
and DONE:everything should work, it works for me,MONITOR MODE ENABLED,use backtrack with wcard or Wusb,it depends which wcard u have or usb, u must find the wright drivers
enjoy


All times are GMT -5. The time now is 04:46 PM.