zd1211rw
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
zd1211rw [2007/08/24 18:39] – updated to reflect new patch. darkaudax | zd1211rw [2018/03/11 19:04] (current) – Removed unusable instructions mister_x | ||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== | + | ====== |
- | This driver supports the zd1211 and the newer zd1211b chipsets by Zydas. | + | **IMPORTANT NOTE**: |
- | The older zd1211 chipset only partially supports injection. | + | ====== zd1211rw |
- | + | authored by sleek | |
- | The new zd1211b chipset fully supports all functions. | + | |
- | + | ||
- | The zd1211rw driver has been incorporated into the latest kernels. | + | |
- | + | ||
- | The following links may be helpful to you to learn more about the driver and which devices are supported by it: | + | |
- | + | ||
- | * [[http:// | + | |
- | * [[http:// | + | |
- | * [[http:// | + | |
- | + | ||
- | + | ||
- | + | ||
- | ===== Patching | + | |
- | + | ||
- | This section will describe how to patch your driver for injection. | + | |
- | + | ||
- | You will need to have your kernel headers and full source already installed on your system. See [[zd1211rw# | + | |
- | + | ||
- | Copy contents of **/ | + | |
- | + | ||
- | Copy contents of **/ | + | |
- | Download | + | **Review |
- | Copy zd1211rw_inject_2.6.20.patch to **/usr/src/linux/** | + | The ZyDAS zd1211 and zd1211b (//also known as AR5007UG//) chips are one of the most distributed wireless b/g chips in the market. They are also the cheapest, on eBay, you can get one for about 5-6USD shipping included. In the same time, these chips are very stable, with excellent range and sensitivity, |
- | cd / | + | The zd1211rw was included in mainline kernel 2.6.18 as a softmac driver, known to be notoriously unstable and heavily crippled in terms aircrack-ng support. Things turned for the better when the zd1211rw was ported as mac80211 driver since kernel 2.6.25, a move which led the zd1211rw to gain excellent support for injection and monitoring. |
- | NOTE: In the following lines, verbose and dry-run have a double dash in front of them. | + | The only unsupported function is the fragmentation "-5" attack. A bug in the firmware prevents that. The frag attack is not mandatory for the zd1211rw driver to inject or capture packets, it's only one of the many attacks designed to penetrate WEP encryption. |
- | patch -Np1 --verbose --dry-run -i zd1211rw_inject_2.6.22.patch | + | |
- | If it was OK: | + | Overall, its a great all-purpose chip to have for wireless auditing and general connectivity. |
- | patch -Np1 --verbose | + | |
- | Copy ieee80211_inject.patch | + | ====== Patching ====== |
- | | + | To enable injection, we'll have to patch the driver first. |
- | If it was OK: | + | ==== Modern kernels ==== |
- | patch -Np1 --verbose | + | For modern kernels, good results can be obtained even when sticking closely to stock kernels. |
- | **NOTE**: In the following lines, change " | ||
- | cd / | + | === Kernel |
- | make -C / | + | |
- | cd / | + | |
- | make -C / | + | |
- | Now copy the new modules to the / | + | **1.** cd into your kernel sources |
- | cp / | + | **2.** Apply the patch: |
- | | + | |
- | cp / | + | |
- | And finally, rebuild | + | **3.** Recompile and reload |
- | | + | ==== Legacy kernels ==== |
+ | On old kernels, you need to use the compat-wireless approach. | ||
+ | The most frequent road block you'll stumble upon is compilation errors with compat-wireless. They' | ||
- | At this point, the simplest method to bring up the new modules live is to reboot your system. | + | === Kernel 2.26.24+ === |
- | If you have problems compiling zd1211rw, you can try: | + | **1.** Go to http:// |
- | | + | **2.** Next up, **cd to your / |
- | | + | |
- | ===== Installing Fedora kernel headers and source ===== | + | **3.** Apply the patches: |
- | These instructions are specific to Fedora. Change **2.6.20-1.2944.fc6** to the particular kernel version you have installed. **uname -r** can help you determine what is currently installed. | + | patch -Np0 -i zd1211rw-inject+dbi-fix-2.6.26.patch. |
+ | patch -Np1 -i mac80211.compat08082009.wl_frag+ack_v1.patch. | ||
+ | patch -Np1 -i channel-negative-one-maxim.patch. | ||
+ | __Note:__ //the **xxxxx-xxxx-xxxx.patch** files must be in your compat-wireles-xxxx-xx-xx directory while patching, otherwise | ||
- | You need these packages already installed: | + | **4.** Patching is complete and we are ready to compile our driver, type **make** for the process to begin and wait for few minutes to complete. |
- | kernel-headers-2.6.20-1.2944.fc6 | + | |
- | kernel-devel-2.6.20-1.2944.fc6 | + | |
- | Running the command | + | **5.** Barring any errors, next up is installing, **sudo make install** |
- | If the headers and development packages are not already | + | **6.** Now that the newly compiled driver is installed, we are ready to use it, but before that we have to unload the old driver by typing **sudo make wlunload** |
- | rpm -ivh kernel-headers-2.6.20-1.2944.fc6.i386.rpm | + | **7.** To load the new driver, just type **sudo modprobe zd1211rw** |
- | rpm -ivh kernel-devel-2.6.20-1.2944.fc6.i686.rpm (obtain i586 or i686 depending on your architecture) | + | |
- | Alternatively, | + | **8.** That's it! This concludes the zd1211 injection tutorial. You should now be able to inject. [[injection_test|Test]] your USB device, by setting it to monitor mode (airmon-ng) |
- | Now download and install the full kernel sources if they are not already on your system (This assumes you have downloaded this RPM from your favourite repository). | ||
- | | + | |
+ | 14: | ||
+ | 14: | ||
+ | 14: | ||
+ | 14: | ||
+ | 14: | ||
+ | 14: | ||
+ | 14: | ||
+ | Voila ;-) | ||
- | Change to the following directory: | + | Known issues at this point: |
+ | Fragmentation attack is not yet supported. | ||
- | cd / | ||
- | Change " | + | === Kernels |
- | rpmbuild -bp --target=i586 kernel-2.6.spec | + | |
- | **NOTE**: Change references to versions to your specific | + | As mentioned above, kernels prior to 2.6.25 (2.6.2**4** with compat-wireless) are shipped with the softmac |
- | | + | And if you're absolutely bent on installing the softmac driver on an old kernel, you can try [[http://www.zlaten.biz/tmp/zd1211rw-compat.tar.gz|this]] source code. Be warned, you'll be disappointed with the outcome. |
- | ln -s / | + | |
+ | ==== Troubleshooting ==== | ||
- | ===== Recompiling Kernel with Loadable Modules ===== | + | === Couldn' |
- | Some kernels incorporate the functionality built into the kernel. | + | If dmesg has an error similar |
- | These are the settings for menuconfig using 2.6.20-gentoo-r7, changing from kernel built-in to loadable modules for the purposes of these patches. This will likely work as well on other distributions. | + | usb 1-1: Could not load firmware file zd1211/ |
+ | | ||
- | First, change | + | This means you are missing |
- | | + | On some distributions, |
- | + | ||
- | make menuconfig | + | |
- | + | ||
- | | + | |
- | then set | + | |
- | < | + | |
- | < | + | |
- | all other module capable IEEE 80211 items will have automatically set themselves | + | |
- | + | ||
- | Also check that: | + | |
- | | + | |
- | < | + | |
- | + | ||
- | Exit out and save the config | + | |
- | Now apply the zd1211 and ieee80211 inject patches and recompile/ | + | You can obtain |
- | Apply the zd1211 inject and ieee80211 inject patches as per patch instructions but only do the 4 patch -Np1 commands, in gentoo doing the make commands and copying all the files is unnecessary!! | + | |
+ | - RPM for you distribution. | ||
- | After the patches are applied, you can now recompile the kernel and modules with the following commands: | + | === Why do I get ioctl(SIOCGIFINDEX) failed ? === |
- | cd /usr/src | + | If you get error messages similar to: |
- | make && make modules modules_install install | + | |
- | Wait for it to finish and then reboot your system. | + | * Error message: " |
+ | * Error message: " | ||
+ | Then [[faq# | ||
- | Lastly, test your drivers and the injection patch. | + | ===== Feedback ===== |
+ | * Instructions and discussion about the zd1211rw in the forum [[http:// | ||
+ |
zd1211rw.txt · Last modified: 2018/03/11 19:04 by mister_x