zd1211rw
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
zd1211rw [2009/05/18 15:41] – Added notes regarding using the mac80211 version darkaudax | zd1211rw [2011/06/26 17:32] – Update for modern kernels, rearrange stuff. wicher | ||
---|---|---|---|
Line 1: | Line 1: | ||
+ | |||
====== zd1211rw ====== | ====== zd1211rw ====== | ||
+ | authored by sleek | ||
- | **NOTE:** Unless you have an old kernel, consider using the mac80211 version of the driver | + | **Review |
- | This driver supports the zd1211 and the newer zd1211b | + | The ZyDAS zd1211 and zd1211b |
- | In pre-2.6.25 kernels, the older zd1211 chipset only partially supports injection. Any injection | + | The zd1211rw was included in mainline kernel |
- | The new zd1211b chipset | + | The only unsupported function is the fragmentation " |
- | Starting with kernels 2.6.25 and up, both chipsets support injection completely, except for the fragmentation attack, which is still being worked on. This page only deals with pre-2.6.25 kernels, | + | Overall, its a great all-purpose chip to have for wireless auditing and general connectivity. |
- | Bottom line, the Zydas chipset is only recommended for use with the aircrack-ng suite if you have a fairly-recent kernel (2.6.25 or newer), | + | ====== Patching ====== |
+ | To enable injection, we' | ||
- | The zd1211rw driver has been incorporated into the latest | + | ==== Modern |
+ | For modern kernels, good results can be obtained even when sticking closely | ||
- | The following links may be helpful to you to learn more about the driver and which devices are supported by it: | ||
- | * [[http:// | + | === Kernel 2.6.39+ === |
- | * [[http:// | + | See [[http://trac.aircrack-ng.org/ticket/894|ticket 894]] on the bugtracker. |
- | | + | |
- | Some material to help with patching: | + | **1.** cd into your kernel sources |
- | | + | **2.** Apply the patch: |
- | * [[http://wiki.d3xt3r01.tk/index.php/ | + | wget -O - 'http://trac.aircrack-ng.org/ |
- | ===== Patching zd1211rw ===== | + | **3.** Recompile and reload the driver as usual. Refer to your distro' |
- | There are some new patches developed by SuD. They are especially designed for 2.6.24 kernels but the also work on previous versions. The patches are still being tested. | + | === Kernel |
- | Obtain SuD's softmac and zd1211rw patches from here: | + | **1.** cd into your kernel sources |
- | http://www.latinsud.com/pub/ | + | **2.** Apply the patch: |
+ | wget -O - 'http://patches.aircrack-ng.org/zd1211rw-inject+dbi-fix-2.6.26.patch' | ||
- | For zd1211rw, either use aircrack' | + | **3.** Recompile and reload the driver as usual. Refer to your distro' |
+ | ==== Legacy kernels ==== | ||
+ | On old kernels, you need to use the compat-wireless approach. | ||
+ | The most frequent road block you'll stumble upon is compilation errors with compat-wireless. They' | ||
- | This section will describe how to patch your driver for injection. There is quite a bit of variation between distributions so this describe the general steps you must take. You will have to tweak the instructions for your specific distribution and kernel version. | + | === Kernel 2.26.24+ === |
- | You will need to have your kernel headers and full source already installed on your system. See [[zd1211rw# | + | **1.** Go to http:// |
- | Copy contents of **/usr/src/linux/ | + | **2.** Next up, **cd to your /path/to/compat-wireless** directory and download the patch, required for injection: [[http:// |
- | Copy contents of **/ | + | **3.** Apply the patches: |
- | Download and expand the latest version of the aircrack-ng suite to obtain the patches or download the from [[http://patches.aircrack-ng.org/ | + | patch -Np0 -i zd1211rw-inject+dbi-fix-2.6.26.patch. |
+ | patch -Np1 -i mac80211.compat08082009.wl_frag+ack_v1.patch. | ||
+ | patch -Np1 -i channel-negative-one-maxim.patch. | ||
+ | __Note:__ //the **xxxxx-xxxx-xxxx.patch** files must be in your compat-wireles-xxxx-xx-xx directory while patching, otherwise | ||
- | Copy zd1211rw_inject_2.6.23.patch | + | **4.** Patching is complete and we are ready to compile our driver, type **make** for the process to begin and wait for few minutes to complete. |
- | cd / | + | **5.** Barring any errors, next up is installing, **sudo make install** |
- | NOTE: In the following lines, verbose and dry-run | + | **6.** Now that the newly compiled driver is installed, we are ready to use it, but before that we have to unload the old driver by typing **sudo make wlunload** |
- | patch -Np1 --verbose --dry-run -i zd1211rw_inject_2.6.23.patch | + | |
- | If it was OK: | + | **7.** To load the new driver, just type **sudo modprobe zd1211rw** or simply unplug and plug again your USB adapter. Reboot if you're unsure |
- | patch -Np1 --verbose | + | |
- | Copy ieee80211_inject.patch to / | + | **8.** That's it! This concludes the zd1211 injection tutorial. You should now be able to inject. [[injection_test|Test]] your USB device, by setting it to monitor mode (airmon-ng) |
- | patch -Np1 --verbose --dry-run -i ieee80211_inject.patch | + | |
- | If it was OK: | ||
- | patch -Np1 --verbose | ||
- | Recompile the modules: | + | # aireplay-ng -9 mon0 |
+ | 14:39:59 Trying broadcast probe requests... | ||
+ | 14: | ||
+ | 14: | ||
+ | 14: | ||
+ | 14: | ||
+ | 14: | ||
+ | 14: | ||
+ | Voila ;-) | ||
- | cd / | + | Known issues at this point: |
- | make -C / | + | Fragmentation attack is not yet supported. |
- | cd / | + | |
- | make -C / | + | |
- | Now copy the new modules to the / | ||
- | cp / | + | === Kernels 2.6.23 and lower === |
- | cp / | + | |
- | cp / | + | |
- | And finally, rebuild | + | As mentioned above, kernels prior to 2.6.25 (2.6.2**4** with compat-wireless) are shipped with the softmac version of the driver which in its best day supports only half the functions, half the time. In other words, if you're stuck on an ancient kernel, you're pretty much out of luck. Your best bet is to either install a supported kernel, or utilize one of the many Live CDs with pre-configured settings for aircrack-ng. |
- | | + | And if you're absolutely bent on installing the softmac driver on an old kernel, you can try [[http:// |
- | At this point, the simplest method to bring up the new modules live is to reboot your system. | + | ==== Troubleshooting ==== |
- | If you have problems compiling zd1211rw, you can try: | + | === Couldn' |
- | + | ||
- | | + | |
- | | + | |
- | + | ||
- | ===== Installing Fedora kernel headers and source ===== | + | |
- | + | ||
- | These instructions are specific to Fedora. Change **2.6.20-1.2944.fc6** to the particular kernel version you have installed. **uname -r** can help you | + | |
- | + | ||
- | You need these packages already installed: | + | |
- | kernel-headers-2.6.20-1.2944.fc6 | + | |
- | kernel-devel-2.6.20-1.2944.fc6 | + | |
- | + | ||
- | Running the command **rpm -qa | grep kernel** will show which kernel packages are installed. | + | |
- | + | ||
- | If the headers and development packages are not already installed then obtain them from your favourite repository then: | + | |
- | + | ||
- | rpm -ivh kernel-headers-2.6.20-1.2944.fc6.i386.rpm | + | |
- | rpm -ivh kernel-devel-2.6.20-1.2944.fc6.i686.rpm (obtain i586 or i686 depending on your architecture) | + | |
- | + | ||
- | Alternatively, | + | |
- | + | ||
- | Now download and install the full kernel sources if they are not already on your system (This assumes you have downloaded this RPM from your favourite repository). | + | |
- | + | ||
- | rpm -ivh kernel-2.6.20-1.2944.fc6.src.rpm | + | |
- | + | ||
- | Change to the following directory: | + | |
- | + | ||
- | cd / | + | |
- | + | ||
- | Change " | + | |
- | rpmbuild -bp --target=i586 kernel-2.6.spec | + | |
- | + | ||
- | **NOTE**: Change references to versions to your specific version in the next few lines. | + | |
- | + | ||
- | /bin/cp -a / | + | |
- | ln -s / | + | |
- | + | ||
- | ===== Recompiling Kernel with Loadable Modules ===== | + | |
- | + | ||
- | Some kernels incorporate the functionality built into the kernel. | + | |
- | + | ||
- | These are the settings for menuconfig using 2.6.20-gentoo-r7, | + | |
- | + | ||
- | First, change the appropriate items in menuconfig: | + | |
- | + | ||
- | cd / | + | |
- | + | ||
- | make menuconfig | + | |
- | + | ||
- | | + | |
- | then set | + | |
- | < | + | |
- | < | + | |
- | all other module capable IEEE 80211 items will have automatically set themselves to <M> | + | |
- | + | ||
- | Also check that: | + | |
- | | + | |
- | < | + | |
- | + | ||
- | Exit out and save the config | + | |
- | + | ||
- | Now apply the zd1211 and ieee80211 inject patches and recompile/ | + | |
- | + | ||
- | Apply the zd1211 inject and ieee80211 inject patches as per patch instructions but only do the 4 patch -Np1 commands, in gentoo doing the make commands and copying all the files is unnecessary!! | + | |
- | + | ||
- | After the patches are applied, you can now recompile the kernel and modules with the following commands: | + | |
- | + | ||
- | cd /usr/src | + | |
- | make all modules modules_install install | + | |
- | + | ||
- | Wait for it to finish and then reboot your system. | + | |
- | + | ||
- | Lastly, test your drivers and the injection patch. | + | |
- | + | ||
- | ===== Troubleshooting ===== | + | |
- | ===== General ===== | + | |
- | + | ||
- | Use " | + | |
- | + | ||
- | Bus 003 Device 003: ID 157e: | + | |
- | Bus 003 Device 001: ID 0000: | + | |
- | Bus 001 Device 001: ID 0000: | + | |
- | Bus 002 Device 001: ID 0000:0000 | + | |
- | + | ||
- | If your device is not listed then you first need to determine why and correct it. | + | |
- | + | ||
- | Use " | + | |
- | + | ||
- | | + | |
- | | + | |
- | | + | |
- | usb 3-1: reset high speed USB device using ehci_hcd and address 3 | + | |
- | usb 3-1: firmware version 0x4810 and device bootcode version 0x4802 differ | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | + | ||
- | Depending on the error messages in dmesg, take the appropriate action. | + | |
- | + | ||
- | Use " | + | |
- | + | ||
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | + | ||
- | A common problem on new kernels is that the new mac80211 version of the driver gets loaded instead of the older legacy driver covered on this page. The newer driver doesn' | + | |
- | + | ||
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | + | ||
- | If that is the case, and you are having problems with the new driver, then you need to blacklist the modules by editing / | + | |
- | + | ||
- | # | + | |
- | | + | |
- | | + | |
- | + | ||
- | Also ensure that the time stamp on zd1211rw.ko module matches the date and time you compiled it. Otherwise this may mean you are running the wrong version of the module. | + | |
- | (Of course, you might also just update aircrack-ng to 1.0-rc1 or 1.0-svn, and use the unpatched mac80211 driver with it.) | + | |
- | + | ||
- | Note however, that starting with kernel v2.6.25, zd1211rw is only available in the new mac80211 flavor, so you need to use an updated aircrack-ng for it. | + | |
- | + | ||
- | + | ||
- | ===== Couldn' | + | |
If dmesg has an error similar to the following: | If dmesg has an error similar to the following: | ||
Line 224: | Line 103: | ||
- http:// | - http:// | ||
- | - RPM for you distribution. | + | - RPM for you distribution. |
- | ===== Why do I get ioctl(SIOCGIFINDEX) failed ? ===== | + | === Why do I get ioctl(SIOCGIFINDEX) failed ? === |
If you get error messages similar to: | If you get error messages similar to: | ||
Line 233: | Line 112: | ||
* Error message: " | * Error message: " | ||
- | Then [[http:// | + | Then [[faq# |
+ | |||
+ | ===== Feedback ===== | ||
+ | * Instructions and discussion about the zd1211rw in the forum [[http:// | ||
+ |
zd1211rw.txt · Last modified: 2018/03/11 19:04 by mister_x