RTL

[bugsyb]

What is your airgeddon version?

9.22 & 9.23 tested

What is your Linux O.S. and which version?

Parrot 4.6

Which is the chipset of your wireless card?

RTL8814AU - supported by Airmon

Describe the issue and the steps to reproduce it

Airgeddon reports on start:
2. wlan0 // 2.4Ghz, 5Ghz // Chipset: Realtek Semiconductor Corp. RTL8814AU 802.11a/b/g/n/ac
Only to report later:
***************************** airgeddon main menu ****************************** There is a problem with the selected interface. Redirecting you to script exit Press [Enter] key to continue...
Card can be put in Monitor mode without issue.

`#iwconfig
wlan0 IEEE 802.11b ESSID:"" Nickname:"WIFI@REALTEK"
Mode:Monitor Frequency:2.457 GHz Access Point: Not-Associated
Sensitivity:0/0
Retry:off RTS thr:off Fragment thr:off
Encryption key:off
Power Management:off
Link Quality=0/100 Signal level=-100 dBm Noise level=0 dBm
Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0
Tx excessive retries:0 Invalid misc:0 Missed beacon:0

airodump -i wlan0
CH 3 ][ Elapsed: 30 s ][ 2019-10-04 21:40

BSSID PWR Beacons #Data, #/s CH MB ENC CIPHER AUTH ESSID

[cut]
34:11:9A:11:aa:4A -83 1 0 0 12 270 WPA2 CCMP PSK sas
38:11:89:11:aa:A8 -84 4 0 0 9 130 WPA2 CCMP PSK WdGara
24:11:20:11:aa:3A -84 2 0 0 11 130 WPA2 CCMP PSK ABWer

BSSID STATION PWR Rate Lost Frames Probe

(not associated) 3C:BD:3E:xx:xx:xx -77 0 - 1 8 3
(not associated) DC:A4:CA:xx:xx:xx -77 0 - 1 0 4 asd
(not associated) DA:A1:19:xx:0F:xx -77 0 - 1 0 3
38:11:89:11:aa:05 D8:5D:E2:xx:xx:xx -71 0e- 0e 0 366
38:F8:89:11:aa:05 B8:BB:AF:xx:xx:xx -73 0e- 1e 0 18
38:F8:89:11:aa:A8 9C:E6:5E:xx:xx:xx -83 0 - 6 0 3
`

Problematic is most probably iwconfig output:
### RTL8814AU wlan1 unassociated Nickname:"<WIFI@REALTEK>" Mode:Managed Frequency=2.412 GHz Access Point: Not-Associated Sensitivity:0/0 Retry:off RTS thr:off Fragment thr:off Encryption key:off Power Management:off Link Quality=0/100 Signal level=0 dBm Noise level=0 dBm Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0 Tx excessive retries:0 Invalid misc:0 Missed beacon:0

#### RTL8188CUS wlan0 IEEE 802.11 Mode:Master Tx-Power=20 dBm Retry short limit:7 RTS thr:off Fragment thr:off Power Management:on

[OscarAkaElvis]

Another one ding ding ding!!! Did you researched a little bit before opening an issue? I know the answer, NO! you can see tons of issues talking about the same stuff:

#304
#296
#259
#242
etc etc

Always the same song regarding rtl88xx chipsets... Please read the Wiki:
https://github.com/v1s1t0r1sh3r3/airgeddon/wiki/Cards-and-Chipsets

Closing as duplicate.

[bugsyb]

@OscarAkaElvis with all the respect - research was done and have seen earlier answers.
Yet, the world moved on and it was stated that problem was due to lack of support for Monitoring mode from aircrack side.
For this reason airodump console dump was provided.

Granted tha rtl8814au is not covering mac80821 as per aircrack aircrack-ng/rtl8812au#417 but is it required for majority of airgeddon functionality?
If more adapters are available would that be still required?

For playbooks like evil-twin - with two interfaces - it should be possible to use rtl8814au. It's antenna gain can't be missed (two antennas) hence the need for support.

Which 2.4 & 5GHz available on the market would you recommend?
To avoid RTFM type of answers it has been checked and Amazon or other types do not show anything on offer (amazon, ebay, etc.). Google doesn't bring good results (one shop was shown but doesn't seem to be up to date re their stock).

Therefore if there's a way to have a workaround to use other interfaces - it would be grant.

I've been eyeing on Panda PAU09 but couldn't find any references re how it works.

Believe me not - prior raising this one proper research was done and no good results obtained.

[xpz3]

@bugsyb, a plugin system for airgeddon is currently under development. Check the plugins_system branch.
To see if you can sort the issue with your chipset, you can do two things

1. Wait for plugin system development to complete and let someone come up with a plugin that fixes the problem with rtl88xx chipsets.
2. You can clone the branch and try to develop a plugin to solve this issue. You need to start modifying the function check_interface_mode()

[OscarAkaElvis]

Ok don't worry. I must admit sometimes I can be a "rude" admin. It is because the high quantity of the received messages.

Yeah I posted (as issue) regarding this new plugins system which maybe could be of your interest: #308

Sorry but I don't have previous references for PAU09 card. Maybe if you finally buy it could be a good point if you were so kind to inform to us about if is working with airgeddon for you.

[xpz3]

PAU09 users rt2800usb driver. So it will work

[bugsyb]

@OscarAkaElvis - granted, no worries and thanks for help.
@xpz3 cool - I'll get one then. :)

Re dirty patching, below is my dirty one to go around couple of details, didn't get everything working, but might be a good start if one wants to get it implemented.

The key in processing output was:
`- mode=$(iwconfig "${1}" 2> /dev/null | grep Mode: | awk '{print $4}' | cut -d ':' -f 2)

• mode=$(iwconfig "${1}" 2> /dev/null | grep Mode: | sed -n -e 's/^.Mode:Monitor.`

The rest is just result of me getting through some preliminary warnings.

For evil twin scenario, rtl8814au is generally speaking good candidate (dual antenna) and if options would include to use it as the hostapd one it could solve do the trick. Use the less powerful to propagate de-auth and use the one with stronger antennas used for hostapd. That means the need for two wifi adapters, but could be acceptable workaround.
I'll need to test further if it works correctly to be an AP and perform de-auth - feeling is this part might not work as requires virtual interfaces lacking on current rtl8814au? This is me not being very certain as am pretty new to the subject of how this scenario is performed.
The other workaround - manual one I did was to use the other wifi dongle to perform everything and launch manually hostapd with modified parameters to match rtl8814au if name whilst getting killed the one automatically started.

The only reason why I'm after rtl8814au is that it is really difficult to find a working wifi adapter with 2.4G&5G coverage, not to say the ac standard (though this is of a lesser of a need, as doesn't play a role in the scenarios, does it?)

Below is just proof of concept.
Formatting below somehow didn't work - tried to fix it couple of times without luck.

`--- airgeddon.sh.orig 2019-10-05 20:01:07.883642716 +0200
+++ airgeddon.sh 2019-10-05 13:13:37.303794049 +0200
@@ -805,7 +805,8 @@

debug_print

• mode=$(iwconfig "${1}" 2> /dev/null | grep Mode: | awk '{print $4}' | cut -d ':' -f 2)
  +# mode=$(iwconfig "${1}" 2> /dev/null | grep Mode: | awk '{print $4}' | cut -d ':' -f 2)

• mode=$(iwconfig "${1}" 2> /dev/null | grep Mode: | sed -n -e 's/^.Mode:Monitor./Mode:Monitor/p'| cut -d ':' -f 2)

  current_iface_on_messages="${1}"

@@ -833,7 +834,8 @@
iwcmd="iwconfig ${1} ${iwcmdfix} > /dev/null 2> /dev/null"
eval "${iwcmd}"

• lazy super dirty workaround

• return $?

• #return $?
• return 0
  }

#Create a list of interfaces associated to its macs
@@ -4750,13 +4752,13 @@
echo
language_strings "${language}" 115 "read"
select_interface

• else

•   check_interface_mode "${interface}"
  

•   if [ "${ifacemode}" = "(Non wifi card)" ]; then
  

•   	language_strings "${language}" 42 "blue"
  

•   else
  

•   	language_strings "${language}" 514 "blue"
  

•   fi
  

• # lazy and super dirty workaround
  

• #else

•   #check_interface_mode "${interface}"
  

•   #if [ "${ifacemode}" = "(Non wifi card)" ]; then
  

•   #	language_strings "${language}" 42 "blue"
  

•   #else
  

•   #	language_strings "${language}" 514 "blue"
  

•   #fi
  

  fi
  }

@@ -12871,6 +12873,7 @@
if [ "${iwversion}" -lt 30 ]; then
iwcmdfix=" 2> /dev/null | grep Mode: "
fi

• return 0
  }

#Set hashcat parameters based on version`

[OscarAkaElvis]

Ding ding ding!!! your dreams come true: https://github.com/OscarAkaElvis/airgeddon-plugins