Panic in AHDEMO mode (was: net-mgmt/aircrack-ng on FreeBSD
7+/call for testing)
Bernhard Schmidt
bschmidt at freebsd.org
Mon Oct 3 12:22:21 UTC 2011
On Mon, Oct 3, 2011 at 01:31, Paul B. Mahol <onemda at gmail.com> wrote:
> On 10/2/11, Jakub Lach <jakub_lach at mailplus.pl> wrote:
>> Dnia 2 pazdziernika 2011 12:17 Adrian Chadd <adrian at freebsd.org> napisal/(a):
>>
>>> Well, "whether we care" still is drawing a line between users and
>>> developers here, right? :)
>>>
>>> It's not that I don't care, it's just that I don't have the time. If
>>> y'all want to sort it out, then that means "you care", and suddenly
>>> someone cares. :)
>>>
>>> So there's three of you there at least who are interested and one of
>>> you has given a patch. Let me know how it goes. :)
>>>
>>>
>>>
>>> Adrian
>>
>> I understand that you don't have time (I'm not either
>> idle) and in no way was that pointed to you, by
>> "not care" I was meaning that compared to number of
>> people complaining that aircrack-ng does not work, a
>> minuscule (one on ports list) tried aircrack-ng after
>> patching. (results similar to Lyubomir Grigorov).
>>
>> For now, it looks that if_ath is problematic either way,
>> and we are waiting for someone with (possibly) if_bwn
>> to ensure patching was beneficial at all/step in right
>> direction.
>>
>> I personally want to take ahdemo support of if_ath out
>> of equation presently, unless somebody feels capable
>> of investigating it on their own.
>>
>> (I'm using if_ath too, and airodump both in monitor/ahdemo
>> works, but with aircrack situation is same as before).
>
> I tested bwn injection in ahdemo long ago (and bwn have not changed at
> all from that time on CURRENT).
>
> There is one caveat with bwn driver:
>
> The interface (wlan0 from bwn0) must be set to UP with ifconfig.
> Setting it with aireplay/airodump may result in kernel panic but
> usually you will just get blank output from aireplay/airodump.
Correct. I'd even go further, the interface has not only to be "up" it
must also not be scanning. As in, if you do
ifconfig wlan0 create .. wlanmode ahdemo
ifconfig wlan0 up
It will start a scan immediately and because of the missing
configuration never ever stop scanning as long as there is no open
network available. This is because it fails to create a BSS without a
SSID being configured and tries to find one to connect to. To
workaround this, provide enough information for the interface to go
into RUN state
ifconfig wlan0 create.. wlanmode ahdemo
ifconfig wlan0 ssid foobar channel 1 up
and wait for it to go in RUN state before using any other utility.
This at least works for the wlaninject utility, the aircrack case is
something else, it needs more work, either not playing with the
interface flags at all, or waiting until the interface is in
appropriate state.
Honestly, I get the intention behind not allowing to inject frames in
monitor mode, but why ahdemo is used is beyond me. At least the
current ahdemo functionality is not that useful for any kind of
injection.
--
Bernhard
More information about the freebsd-wireless
mailing list