| Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision |
| zd1211rw [2008/04/19 01:53] – darkaudax | zd1211rw [2010/09/04 06:58] – fixed typo hatake_kakashi |
|---|
| ====== zd1211rw ====== | ====== zd1211rw ====== |
| | |
| | **NOTE:** Unless you have an old kernel, consider using the mac80211 version of the driver and follow [[zd1211rw-mac80211|these instructions]]. It is a much simpler way to obtain injection capability. |
| |
| This driver supports the zd1211 and the newer zd1211b chipsets by Zydas. Atheros has acquired Zydas and renamed this chipset to AR5007UG. | This driver supports the zd1211 and the newer zd1211b chipsets by Zydas. Atheros has acquired Zydas and renamed this chipset to AR5007UG. |
| |
| The older zd1211 chipset only partially supports injection. Any injection which requires the device to receive a packet does not work correctly. So the fake authentication, chopchop, and fragmentation attacks plus injection testing do not work. Other basic functions such as monitor mode and the remaining attacks work. | In pre-2.6.25 kernels, the older zd1211 chipset only partially supports injection. Any injection which requires the device to receive a packet does not work correctly. So the fake authentication, chopchop, and fragmentation attacks plus injection testing do not work. Other basic functions such as monitor mode and the remaining attacks work. |
| |
| The new zd1211b chipset only partially supports injection. Monitor mode and injection testing works. Assuming you use a MAC address already associated with an AP, normal injection and chopchop attack works. Fake authentication and the fragmentation attacks do not work although some people have reported limited success. Perhaps this depends on the revision level of the chipset. | The new zd1211b chipset only partially supports injection. Monitor mode and injection testing works. Assuming you use a MAC address already associated with an AP, normal injection and chopchop attack works. Fake authentication and the fragmentation attacks do not work although some people have reported limited success. Perhaps this depends on the revision level of the chipset. |
| |
| Bottom line, the zydas chipset is NOT recommended for use with the aircrack-ng suite due to the large number of problems with it. There are simply too many problems associated with the driver and the specific wireless devices. | Starting with kernels 2.6.25 and up, both chipsets support injection completely, except for the fragmentation attack, which is still being worked on. This page only deals with pre-2.6.25 kernels, for newer ones, see [[zd1211rw-mac80211]]. |
| | |
| | Bottom line, the Zydas chipset is only recommended for use with the aircrack-ng suite if you have a fairly-recent kernel (2.6.25 or newer), due to the large number of problems with it. There are simply too many problems associated with the driver and the specific wireless devices. (Most of these problems are fixed by the mac80211-based driver in kernels 2.6.25 and up.) |
| |
| The zd1211rw driver has been incorporated into the latest kernels. So you will have to patch the kernel source to obtain injection support. This is described below in detail. | The zd1211rw driver has been incorporated into the latest kernels. So you will have to patch the kernel source to obtain injection support. This is described below in detail. |
| * [[http://zd1211.wiki.sourceforge.net/|ZyDAS ZD1211 802.11b/g USB WLAN chipset Linux drivers Wiki]] | * [[http://zd1211.wiki.sourceforge.net/|ZyDAS ZD1211 802.11b/g USB WLAN chipset Linux drivers Wiki]] |
| * [[http://www.linuxwireless.org/en/users/Drivers/zd1211rw/devices|Supported Zydas ZD1211 devices]] | * [[http://www.linuxwireless.org/en/users/Drivers/zd1211rw/devices|Supported Zydas ZD1211 devices]] |
| | |
| | Some material to help with patching: |
| | |
| | * [[http://forum.aircrack-ng.org/index.php?topic=5334.0|Tutorial: Injection with ZyDAS 1211 and 1211b (zd1211)]] |
| | * [[http://wiki.d3xt3r01.tk/index.php/ZD1211rw_with_patches_for_aircrack-ng|ZD1211rw with patches for aircrack-ng]] |
| |
| ===== Patching zd1211rw ===== | ===== Patching zd1211rw ===== |
| There are some new patches developed by SuD. They are especially designed for 2.6.24 kernels but the also work on previous versions. The patches are still being tested. So any feedback would be especially valued. | There are some new patches developed by SuD. They are especially designed for 2.6.24 kernels but the also work on previous versions. The patches are still being tested. So any feedback would be especially valued. |
| |
| Obtain SuD's softmac and zd1211rw patches from here: | Obtain SuD's softMAC and zd1211rw patches from here: |
| |
| http://www.latinsud.com/pub/ | http://www.latinsud.com/pub/ |
| |
| For zd1211rw, either use aircrack's 2.6.23 zydas patch, or SuD's zd1211rw 2.6.24.4 patch. | For zd1211rw, either use aircrack's 2.6.23 zydas patch, or SuD's zd1211rw 2.6.24.4 or 2.6.25 patch. |
| |
| |
| This section will describe how to patch your driver for injection. There is quite a bit of variation between distributions so this describe the general steps you must take. You will have to tweak the instructions for your specific distribution and kernel version. It assumes a reasonable level of unix knowledge and experience. If you don't have this, ask a friend to help you out. If you can't follow these instructions then you should not be messing with your kernel. Don't post to the [[http://forum.tinyshell.be/|Forum]] asking for detailed instructions. | This section will describe how to patch your driver for injection. There is quite a bit of variation between distributions so this describe the general steps you must take. You will have to tweak the instructions for your specific distribution and kernel version. It assumes a reasonable level of unix knowledge and experience. If you don't have this, ask a friend to help you out. If you can't follow these instructions then you should not be messing with your kernel. Don't post to the [[http://forum.aircrack-ng.org/|Forum]] asking for detailed instructions. |
| |
| You will need to have your kernel headers and full source already installed on your system. See [[zd1211rw#installing_fedora_kernel_headers_and_source|Installing Fedora kernel headers and sources]] below for how to do this on Fedora. | You will need to have your kernel headers and full source already installed on your system. See [[zd1211rw#installing_fedora_kernel_headers_and_source|Installing Fedora kernel headers and sources]] below for how to do this on Fedora. |
| patch -Np1 --verbose -i ieee80211_inject.patch | patch -Np1 --verbose -i ieee80211_inject.patch |
| |
| **NOTE**: In the following lines, change "2.6.20-1.2944.fc6" to match your particular system. | Recompile the modules: |
| |
| cd /usr/src/linux/drivers/net/wireless/zd1211rw | cd /usr/src/linux/drivers/net/wireless/zd1211rw |
| make -C /lib/modules/2.6.20-1.2944.fc6/build/ M=`pwd` modules | make -C /lib/modules/`uname -r`/build/ M=`pwd` modules |
| cd /usr/src/linux/net/ieee80211 | cd /usr/src/linux/net/ieee80211 |
| make -C /lib/modules/2.6.20-1.2944.fc6/build/ M=`pwd` modules | make -C /lib/modules/`uname -r`/build/ M=`pwd` modules |
| |
| Now copy the new modules to the /lib/modules tree to be used. | Now copy the new modules to the /lib/modules tree to be used. |
| |
| cp /usr/src/linux/drivers/net/wireless/zd1211rw/zd1211rw.ko /lib/modules/2.6.20-1.2944.fc6/kernel/drivers/net/wireless/zd1211rw/zd1211rw.ko | cp /usr/src/linux/drivers/net/wireless/zd1211rw/zd1211rw.ko /lib/modules/`uname -r`/kernel/drivers/net/wireless/zd1211rw/zd1211rw.ko |
| cp /usr/src/linux/net/ieee80211/*.ko /lib/modules/2.6.20-1.2944.fc6/kernel/net/ieee80211/ | cp /usr/src/linux/net/ieee80211/*.ko /lib/modules/`uname -r`/kernel/net/ieee80211/ |
| cp /usr/src/linux/net/ieee80211/softmac/*.ko /lib/modules/2.6.20-1.2944.fc6/kernel/net/ieee80211/softmac/ | cp /usr/src/linux/net/ieee80211/softmac/*.ko /lib/modules/`uname -r`/kernel/net/ieee80211/softmac/ |
| |
| And finally, rebuild the module dependencies. | And finally, rebuild the module dependencies. |
| /bin/cp -a /usr/src/redhat/BUILD/kernel-2.6.20/linux-2.6.20.i586/* /usr/src/kernels/2.6.20-1.2944.fc6-i586/ | /bin/cp -a /usr/src/redhat/BUILD/kernel-2.6.20/linux-2.6.20.i586/* /usr/src/kernels/2.6.20-1.2944.fc6-i586/ |
| ln -s /usr/src/kernels/2.6.20-1.2944.fc6-i586 /usr/src/linux | ln -s /usr/src/kernels/2.6.20-1.2944.fc6-i586 /usr/src/linux |
| |
| |
| ===== Recompiling Kernel with Loadable Modules ===== | ===== Recompiling Kernel with Loadable Modules ===== |
| |
| Some kernels incorporate the functionality built into the kernel. If you want to change the zd1211rw and ieee802.11 to loadable modules, the following describes how to do this. The source of this note is this [[http://tinyshell.be/aircrackng/forum/index.php?topic=1658.msg8736#msg8736|thread]] in the forum. | Some kernels incorporate the functionality built into the kernel. If you want to change the zd1211rw and ieee802.11 to loadable modules, the following describes how to do this. The source of this note is this [[http://forum.aircrack-ng.org/index.php?topic=1658.msg8736#msg8736|thread]] in the forum. |
| |
| These are the settings for menuconfig using 2.6.20-gentoo-r7, changing from kernel built-in to loadable modules for the purposes of these patches. This will likely work as well on other distributions. | These are the settings for menuconfig using 2.6.20-gentoo-r7, changing from kernel built-in to loadable modules for the purposes of these patches. This will likely work as well on other distributions. |
| |
| cd /usr/src | cd /usr/src |
| make && make modules modules_install install | make all modules modules_install install |
| |
| Wait for it to finish and then reboot your system. | Wait for it to finish and then reboot your system. |
| |
| Lastly, test your drivers and the injection patch. | Lastly, test your drivers and the injection patch. |
| |
| |
| ===== Troubleshooting ===== | ===== Troubleshooting ===== |
| |
| ===== General ===== | ===== General ===== |
| |
| ieee80211_crypt 10112 1 ieee80211 | ieee80211_crypt 10112 1 ieee80211 |
| |
| A common problem on new kernels is that the new mac80211 version of the driver gets loaded instead of the older legacy driver covered on this page. If that is the case, then you need to blacklist the modules by editing /etc/modprobe.d/blacklist and add the following then reboot: | A common problem on new kernels is that the new mac80211 version of the driver gets loaded instead of the older legacy driver covered on this page. The newer driver doesn't need any patches and has better injection support, but it requires aircrack-ng 1.0 beta, and doesn't work with 0.9 or earlier. The new driver can be identified by an lsmod output that looks like this: |
| | |
| | Module Size Used by |
| | zd1211rw 67204 0 |
| | mac80211 229108 1 zd1211rw |
| | cfg80211 27528 1 mac80211 |
| | |
| | If that is the case, and you are having problems with the new driver, then you need to blacklist the modules by editing /etc/modprobe.d/blacklist and add the following, and reboot: |
| |
| #zd1211rw wireless drivers | #zd1211rw wireless drivers |
| blacklist zd1211rw_mac80211 | blacklist zd1211rw_mac80211 |
| |
| Also ensure that the time stamp on zd1211.ko module matches the date and time you compiled it. Otherwise this may mean you are running the wrong version of the module. | Also ensure that the time stamp on zd1211rw.ko module matches the date and time you compiled it. Otherwise this may mean you are running the wrong version of the module. |
| | (Of course, you might also just update aircrack-ng to 1.0-rc1 or 1.0-svn, and use the unpatched mac80211 driver with it.) |
| | |
| | Note however, that starting with kernel v2.6.25, zd1211rw is only available in the new mac80211 flavor, so you need to use an updated aircrack-ng for it. |
| |
| |
| * Error message: "ioctl(SIOCGIFINDEX) failed: No such device" | * Error message: "ioctl(SIOCGIFINDEX) failed: No such device" |
| |
| Then [[http://aircrack-ng.org/doku.php?id=faq#why_do_i_get_ioctl_siocgifindex_failedno_such_device|See this FAQ entry]]. | Then [[faq#why_do_i_get_ioctl_siocgifindex_failedno_such_device|See this FAQ entry]]. |
| |
