Results 1 to 8 of 8

Thread: Kismet Weirdness

  1. #1
    Member
    Join Date
    May 2007
    Posts
    202

    Default Kismet Weirdness

    Ok, so..... I got kismet to work once - patted myself on the back, rebooted the laptop, and now I can't get it to work again.

    I'm either missing a step that I didn't miss last time, or something's gone wrong somewhere - if someone could spare the time to help me out I'd be grateful.

    So, here's where I'm at:

    Code:
    ifconfig
    Gives me:

    Code:
    ath0      Link encap:UNSPEC  HWaddr 00-21-63-A3-67-90-04-00-00-00-00-00-00-00-00-00
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:0 errors:0 dropped:0 overruns:0 frame:0
              TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:0
              RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
    
    eth0      Link encap:Ethernet  HWaddr 00:13:77:B2:9F:76
              inet addr:192.168.1.215  Bcast:192.168.1.255  Mask:255.255.255.0
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:611 errors:0 dropped:0 overruns:0 frame:0
              TX packets:583 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:1000
              RX bytes:576092 (562.5 KiB)  TX bytes:95456 (93.2 KiB)
              Interrupt:17 Memory:f0200000-0
    
    lo        Link encap:Local Loopback
              inet addr:127.0.0.1  Mask:255.0.0.0
              UP LOOPBACK RUNNING  MTU:16436  Metric:1
              RX packets:527 errors:0 dropped:0 overruns:0 frame:0
              TX packets:527 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:0
              RX bytes:63702 (62.2 KiB)  TX bytes:63702 (62.2 KiB)
    
    wifi0     Link encap:UNSPEC  HWaddr 00-21-63-A3-67-90-00-00-00-00-00-00-00-00-00-00
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:0 errors:0 dropped:0 overruns:0 frame:0
              TX packets:311 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:280
              RX bytes:0 (0.0 b)  TX bytes:14306 (13.9 KiB)
              Interrupt:20
    Code:
    iwconfig
    Code:
    lo        no wireless extensions.
    
    eth0      no wireless extensions.
    
    wifi0     no wireless extensions.
    
    ath0      IEEE 802.11g  ESSID:""  Nickname:""
              Mode:Monitor  Frequency:2.437 GHz  Access Point: 00:21:63:A3:67:90
              Bit Rate:0 kb/s   Tx-Power:18 dBm   Sensitivity=1/1
              Retry:off   RTS thr:off   Fragment thr:off
              Encryption key:off
              Power Management:off
              Link Quality=0/70  Signal level=-95 dBm  Noise level=-95 dBm
              Rx invalid nwid:0  Rx invalid crypt:0  Rx invalid frag:0
              Tx excessive retries:0  Invalid misc:0   Missed beacon:0
    Code:
    bt / # wlanconfig ath0 destroy
    bt / # airmon-ng start wifi0
    
    
    Interface       Chipset         Driver
    
    wifi0           Atheros         madwifi-ng
    ath0            Atheros         madwifi-ng VAP (parent: wifi0) (monitor mode enabled)
    
    bt / # cat /usr/local/etc/kismet.conf | grep source=
    bt / #
    This seems to show that there's no source set up in the kismet.conf, so we add one:
    Code:
    source=madwifi_g,wifi0,Atheros
    So now:
    Code:
    bt / # cat /usr/local/etc/kismet.conf | grep source=
    source=madwifi_g,wifi0,Atheros
    I'm fairly sure that all I did at this point last time was to run kismet from the command line with no switches, when I try this kismet runs fine apart from the fact that it doesn't seem to now be capturing any packets.

    When I get fed up of waiting (I've left it up to 30 minutes and it captures nothing) I end with a Shift+Q.

    If anybody could double check what I've got above I'd be grateful. I'm fairly sure that I'm close, I just don't know what step I've missed that I obviously didn't miss last time.

    Thanks guys

  2. #2
    Member
    Join Date
    May 2007
    Posts
    202

    Default

    More weirdness.....

    Every time I run kismet it seems to add another source (identical to the others) to the list:

    Code:
    bt ~ # cat /usr/local/etc/kismet.conf | grep source=
    source=madwifi_g,wifi0,Atheros
    source=madwifi_g,wifi0,Atheros
    source=madwifi_g,wifi0,Atheros

  3. #3
    Member
    Join Date
    May 2007
    Posts
    202

    Default

    Ok, scratch that.

    Code:
    bt ~ # cat /usr/local/etc/kismet.conf |grep source=
    bt ~ #
    No sources.....

    Code:
    bt ~ # airmon-ng
    
    
    Interface       Chipset         Driver
    
    wifi0           Atheros         madwifi-ng
    ath0            Atheros         madwifi-ng VAP (parent: wifi0)
    Card not in monitor mode.....

    Code:
    bt ~ # airmon-ng stop ath0
    
    
    Interface       Chipset         Driver
    
    wifi0           Atheros         madwifi-ng
    ath0            Atheros         madwifi-ng VAP (parent: wifi0) (VAP destroyed)
    
    bt ~ # airmon-ng start wifi0
    
    
    Interface       Chipset         Driver
    
    wifi0           Atheros         madwifi-ng
    ath0            Atheros         madwifi-ng VAP (parent: wifi0) (monitor mode enabled)
    
    bt ~ #
    Card in monitor mode.....

    Code:
    bt ~ # cat /usr/local/etc/kismet.conf |grep source=
    source=madwifi_g,wifi0,Atheros
    Now we have a source.....

    I take it airmon-ng is adding a source for me? How nice of it.....

    Still doesn't explain why I can't get kismet to see any traffic though

  4. #4
    Member
    Join Date
    May 2007
    Posts
    202

    Default

    Hmmm, ok.

    Apologies for continually posting in (and therefore bumping) my own topic, I'm just dumping my findings here as I go along - it should help me the next time I hit this problem (hopefully) and it should also help anybody else that gets the same issue (provided I get it sorted that is ).

    So, I rebooted again and did the following:

    Code:
    bt ~ # ifconfig
    ath0      Link encap:Ethernet  HWaddr 00:21:63:A3:67:90
              UP BROADCAST NOTRAILERS RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:0 errors:0 dropped:0 overruns:0 frame:0
              TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:0
              RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
    
    eth0      Link encap:Ethernet  HWaddr 00:13:77:B2:9F:76
              inet addr:192.168.1.215  Bcast:192.168.1.255  Mask:255.255.255.0
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:1 errors:0 dropped:0 overruns:0 frame:0
              TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:1000
              RX bytes:64 (64.0 b)  TX bytes:0 (0.0 b)
              Interrupt:17 Memory:f0200000-0
    
    lo        Link encap:Local Loopback
              inet addr:127.0.0.1  Mask:255.0.0.0
              UP LOOPBACK RUNNING  MTU:16436  Metric:1
              RX packets:0 errors:0 dropped:0 overruns:0 frame:0
              TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:0
              RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
    
    wifi0     Link encap:UNSPEC  HWaddr 00-21-63-A3-67-90-00-00-00-00-00-00-00-00-00-00
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:191 errors:0 dropped:0 overruns:0 frame:49
              TX packets:187 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:280
              RX bytes:20678 (20.1 KiB)  TX bytes:8602 (8.4 KiB)
              Interrupt:20
    
    bt ~ # ifconfig ath0 down
    bt ~ # airmon-ng stop ath0
    
    
    Interface       Chipset         Driver
    
    wifi0           Atheros         madwifi-ng
    ath0            Atheros         madwifi-ng VAP (parent: wifi0) (VAP destroyed)
    
    bt ~ # airmon-ng start wifi0
    
    
    Interface       Chipset         Driver
    
    wifi0           Atheros         madwifi-ng
    ath0            Atheros         madwifi-ng VAP (parent: wifi0) (monitor mode enabled)
    
    bt ~ #kismet
    This time everything worked fine.

    So I came out of kismet using Shift+Q, and then started kismet again and it's still working fine.

    I'll have a go in a minute and see if it survives a reboot.....

  5. #5
    My life is this forum Barry's Avatar
    Join Date
    Jan 2010
    Posts
    3,817

    Default

    Make sure you don't have a non-monitor vap associated to wifi0. I usually do a wlanconfig ath(whatever) destroy before I start kismet. The start-kismet script in BT3 will create a vap for itself, usually kis(something).
    Of course, if you really wanted to have some fun, go to Wal-Mart late at night and ask the greeter if they could help you find trashbags, roll of carpet, rope, quicklime, clorox and a shovel. See if they give you any strange looks. --Streaker69

  6. #6
    Junior Member
    Join Date
    Sep 2008
    Posts
    32

    Default

    Have you tried the command "start-kismet-ng" ?

    -- Tom

  7. #7
    Senior Member secure_it's Avatar
    Join Date
    Feb 2010
    Location
    在這兩者之間 BackTrack是4 FwdTrack4
    Posts
    854

    Post

    Quote Originally Posted by Barry View Post
    Make sure you don't have a non-monitor vap associated to wifi0. I usually do a wlanconfig ath(whatever) destroy before I start kismet. The start-kismet script in BT3 will create a vap for itself, usually kis(something).
    it creates kis0 and you after running kismet if you quit it improperly the kis0 interface will be still there and you can use airodump-ng or aircrack-ng with that interface.e.g.
    airodump-ng kis0 (it reports different signal power when compare to normal interface like airodump-ng wifi0)

  8. #8
    Member
    Join Date
    May 2007
    Posts
    202

    Default

    Thanks for the replies guys.

    I now appear to be able to get kismet running successfuly, now my problem is that I'm not getting many IVs when I try to conduct the attacks.

    That's a different problem for a different day (and thread) though - more research needed methinks

    Thanks again

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •