Hi Guys,
A few years ago @alzhao posted a reply to someone asking for a list of routers which supported Monitor Mode:
Here is the list:
USB150
AR150
AR300M
AR750
AR750s
Not supported
MT300N-V2
Would it be possible to get an updated list? I know that Flint, for example, has moved from using propriatory wifi drivers to OpenWrt ones which may (or may not) enable Monitor Mode.
Many thanks
Ades
Didnāt test yet but I guess these models support monitor mode
AX1800 (4.x firmware)
AXT1800
A1300
Many thanks for the quick reply!
Iāll have a crack at installing some Plug-Ins on my Slate AX tonight. More laterā¦
Regards
Ades
Hey! Did you end up testing monitor mode on the slate ax? Would love to know if this is supported, want an upgrade from my little AR300 for wireless pen testing.
Update for anyone interested ā ended up just buying a Slate AX (GL-AXT1800) to test it myself and monitor mode and the entire suite of aircrack-ng programs seems to be working well.
For anyone wants to try this, these are the shell commands I used:
opkg update install
opkg install airmon-ng
opkg install aircrack-ng
airmon-ng check kill
airmon-ng
youāll see a list of the deviceās interfaces that can be used, for the AXT1800 these are wlan0 for the 5GHz radio and wlan1 for the 2.4 GHz radio. Once put in monitor mode any connected devices will disconnect so make sure to chose the interface youāre not connected to. Iām using the 2.4 GHz radio in this example.
airmon-ng start wlan1
airodump-ng wlan1mon
youāll see a list of all the MAC addresses of the access points in range of your router and their network info, and below that a list of the āstationsā or devices connected to them. If you want to save this info and only monitor one specific access point, add -w and ābssid with the bssid of the AP you want to monitor.
Hope this helps.
You beat me to it! Sorry for not replying sooner but work has got in the way. I confirm all of the above! It was really easy to set up and use. I may look at adding additional storage for the dumps.
I did this exact same thing. If anyone is wondering, you can add external storage to extroot (how I have it on the AR300) and write your files to the root directory if youāll be leaving the external storage connected to the router at all times, or keep your storage device portable and add the file directory location to write to in the command after -w and before the file name, ie:
airodump-ng -w /tmp/mountd/disk1_part1/DUMP1 -c 1 wlan1mon
In that example, Iām monitoring channel 1 on the AXT1800ās 2.4 GHz radio and writing the captured data files, named DUMP1, to a connected USB device called disk1_part1.
I did not need to modify or install any packages in order to mount the drive, it was automatically mounted to /tmp/mountd when I connected it. To find out where your device is mounted, use the commands:
opkg install block-mount
block info
this will display all storage devices and their mount locations. You might not need to install block-mount, canāt remember if that comes pre installed or not.
I have a AX1800 here and Iām having some issues with getting packets in in monitor mode. Instructions have been followed as above.
Firmware is 4.2.1, so up to date.
After installing airmon-ng, Iām asked to get lsusb.
root@GL-AXT1800:~# airmon-ng
Please install lsusb from your distro's package manager.
root@GL-AXT1800:~#
This is sorted with:
opkg install usbutils
I run
airmon-ng check kill
I start wlan1 (2.4GHz) in monitor mode:
root@GL-AXT1800:~# airmon-ng
PHY Interface Driver Chipset
phy0 wlan0 ath11k Not pci, usb, or sdio
phy1 wlan1 ath11k Not pci, usb, or sdio
root@GL-AXT1800:~# airmon-ng start wlan1 1
Found 3 processes that could cause trouble.
Kill them using 'airmon-ng check kill' before putting
the card in monitor mode, they will interfere by changing channels
and sometimes putting the interface back in managed mode
3644 root 5132 S /usr/sbin/wpa_supplicant -n -s -g /var/run/wpa_supplicant/global
4567 root 1172 S udhcpc -p /var/run/udhcpc-eth0.pid -s /lib/netifd/dhcp.script -f -t 0 -i eth0 -x hostname:GL-AXT1800
4701 nobody 1916 S avahi-daemon: running [GL-AXT1800.local]
30588 root 1240 R grep wpa_action\|wpa_supplicant\|wpa_cli\|dhclient\|ifplugd\|dhcdbd\|dhcpcd\|udhcpc\|NetworkManager\
PHY Interface Driver Chipset
phy0 wlan0 ath11k Not pci, usb, or sdio
phy1 wlan1 ath11k Not pci, usb, or sdio
(mac80211 monitor mode vif enabled for [phy1]wlan1 on [phy1]wlan1mon)
(mac80211 station mode vif disabled for [phy1]wlan1)
root@GL-AXT1800:~#
I start airodump-ng - there are at least 10 APs and lots of clients on channel 1 round here:
airodump-ng --channel 1 wlan1mon
And I get something in airodump-ng, but not what is happening:
Any ideas?
Try installing pciutils as well, from what I remember there are pci based chips in the Slate AX as well as usb ones. Does running besside-ng yield any results?
Off the bat, it looks like at least one of the processes running on the AXT-1800 is getting in the way of airodump reading the information, probably something running on the glinet side. You can see the same 4 processes running before and after running āairmon-ng check killā. Try disabling all add-on features and making sure there arenāt any extra bridge networks in LuCi (often created by the VPN plug ins).
FWIW, I now use an AR750 for pen testing and āborrowingā neighboring WiFi networks when traveling. Itās much smaller and consumes far less power meaning it lasts way longer on my battery packs, and still plenty fast for streaming, even on wireguard.
