Thursday, January 10, 2008

Putting Atheros chipset cards into monitor mode

As I have explained, I do not have an atheros card, and therefore I cannot guarantee the accuracy of what I am about to write.But here goes:

The Atrheros cards use a driver called MADWIFI (Multiband Atheros Driver for WIFI). The way it works is that each modem gets a master interface with names like wifi0, wifi1... Then the are VAPs, or virtual access points that we interact with. In order to get the modem into monitor mode we must first get rid of all the managed mode VAPs.

Type : iwconfig

You will see your card as ath0 in manged mode. In order to stop that VAP we must use a utility call wlanconfig.

Type : wlanconfig ath0 destroy

Now if run iwconfig you should not see your ath0 VAP anymore. Now we have to create a new VAP in monitor mode. Here's how:

Type : wlanconfig ath0 create wlandev wifi0 wlanmode monitor

Now when you run iwconfig you should see your ath0 VAP in monitor mode.

Now to make sure ath0 is 'UP' (as explained in the previous post)

Type : ifconfig ath0 up

Now if you run ifconfig you should see your ath0 VAP in the 'UP' postion.

Thank you to a sweet guy on forums.remote-exploit.org who posted a link to part of a great book regarding using Wireshark. I got this information from that book. Enjoy.

We are just about ready to start using airodump now.

3 comments:

Tai said...

How about using
airmon-ng start wifi0

it creates ath1 in monitor mode for my WAG511

Anonymous said...

I think airmon-ng is a Ubuntu (12.04) command...

kubitux said...

airmon-ng is part of the aircrack-ng package. You can install it from many GNU/Linux distribution

Contact Form