Ask Your Question
0

Data packets not captured

asked 2017-12-06 10:44:10 +0000

Karunjhn gravatar image

I am using an Dell Latitude 3480 laptop which comes with the Qualcomm Atheros QCA6174 Wifi card with Ubuntu OS (16.04 Release). When I use it as a sniffer (using wireshark) after enabling monitor mode using airmon-ng, I am only able to get Beacon and Probe response frames (which are the management packets). I am not able to get the data packets in wireshark. I tried sniffing packets from an tcp traffic run between an Netgear AP and a client in 5G network with open-none security. Is this an expected problem with this card? I tried reinstalling the driver and all, but no change. The kernel I use is 4.4.102-0404102-generic. Can someone really help me out?

edit retag flag offensive close merge delete

1 Answer

Sort by » oldest newest most voted
0

answered 2017-12-06 10:51:32 +0000

Bob Jones gravatar image

This chipset is known to have problems with monitor and promiscuous mode under Linux; see, for example,

https://forum.aircrack-ng.org/index.php/topic,1671.msg5591.html#msg5591

You can also search that site for other discussions of this wireless card and they all end in the same thing: get a new card. You can check the kali forum as they have a list of wifi cards that can work with linux, but note that it is often kernel dependent.

edit flag offensive delete link more

Comments

Hi Bob,

Thanks for the quick response. Yea I had seen this discussion before I posted here. I just want to make sure that the issue is specific to this chip before replacing it. If there are any other posts related to this issue, please post here and help me out.

Karunjhn gravatar imageKarunjhn ( 2017-12-06 10:55:25 +0000 )edit

If you find the answer useful, please accept.

Bob Jones gravatar imageBob Jones ( 2017-12-06 11:11:06 +0000 )edit

A google search for QCA6174 monitor mode has lots of hits, and most are very negative regarding this card. For instance,

https://forums.kali.org/showthread.ph...

The places to search are:

Here, especially the old site: https://osqa-ask.wireshark.org/ The airacrack-ng forum, already linked above. They have a search function. Kali Linux forums, with an example link above.

I would recommend a USB adapter for now. The Atheros is likely a PCIe card, so you would need to open your laptop to put a new device in. If you want to replace the card, I have had good luck with packet capture only with Wireshark with the Intel 7265 and 8265 series chips; they do 2.4 and 5 GHz, 2x2 80MHz, SGI and LDPC so they capture a lot. But they have problems with packet injection, so the full suite of aircrack-ng tools may not be available ...(more)

Bob Jones gravatar imageBob Jones ( 2017-12-06 11:20:59 +0000 )edit

Thanks Bob!

Karunjhn gravatar imageKarunjhn ( 2017-12-06 11:45:12 +0000 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2017-12-06 10:44:10 +0000

Seen: 51 times

Last updated: Dec 06