[kismac] Re: Passive scanning on Intel Macs?

  • From: Geoffrey Kruse <gkruse@xxxxxxxxxxxxxx>
  • To: kismac@xxxxxxxxxxxxx
  • Date: Sun, 5 Mar 2006 16:40:55 -0700

You would have to modify /Sources/WaveDrivers/ WaveDriverAriportExtreme.m before you compile. I will be committing this change in the next couple of days.

Geoff
On Mar 5, 2006, at 8:13 AM, Aldenwoods wrote:

Where are these scripts located?
I also discovered that the Apple.AirportBrcm4311 is located in the / System/Library/Extensions/IO80211Family.kext/Contents/PlugIns/
I have updated the APMonitor mode = Yes.


Thanks



On Mar 4, 2006, at 6:48 PM, themacuser wrote:

You have to also modify the script in KisMAC to kextload, kextunload -b com.apple.driver.AppleAirPortBrcm4311 instead of com.apple.AirPort2 as well.
On 04/03/2006, at 2:42 PM, Aldenwoods wrote:


Just changed the key in Info.plist to <yes> for APMonitor mode, rebooted and I now get the following.

"Could not load Monitor Mode for Airport Extreme. Drivers were not found."

On Mar 3, 2006, at 5:51 PM, Geoffrey Kruse wrote:

Not yet, passive will not be possible on the mac book pro fro some time. One could theoretically do passive scanning on an iMac now if they were to manually put their card into monitor mode. There is a key in the Info.plist inside the airport kext called APMonitor mode. If you set this to true and reboot, you might be able to do a passive scan.

Geoff
On Mar 3, 2006, at 1:59 PM, Jonathan Burns wrote:

Any update on this?
Just wondering if you were able to get it working?

On 2/25/06, themacuser <themacuser@xxxxxxxxx> wrote:
I convinced someone with an Intel mac to give me the results of those
3 commands.


I'll get the logs on x9.ath.cx in a minute.

Here's the ioreg -l listing of the airport. (note that i removed the
SSID and MAC to protect his privacy).


Now, the interesting lines are:
"CFBundleIdentifier" = "com.apple.driver.AppleAirPortBrcm4311"

It's not com.apple.AppleAirPort2 any more, so update the scripts.

"APMonitorMode" = No

Theoretically, this would mean that if we reload it with this
changed, it CAN do monitor mode!

"IOModel" = "Wireless Network Adapter (802.11 a/b/g)"

802.11a support :)

"APValidChannels" =
(1,2,3,4,5,6,7,8,9,10,11,12,13,36,40,44,48,52,56,60,64,100,104,10 8,112,1
16,120,124,128,132,136,140,149,153,157,161,165)


Damn 802.11a and it's extensive array of channels - how slow are you
going to have to drive to scan THAT lot. Might as well try and get
lid closed running support again so we can warwalk.



| | | +-o AirPortPCI_MM <class AirPortPCI_MM, registered,
matched, active, busy 0, retain count 8>
| | | | {
| | | | "IOPacketFilters" =
{"IOEthernetWakeOnLANFilterGroup"=0,"IONetworkFilterGroup"=275}
| | | | "IOClass" = "AirPortPCI_MM"
| | | | "IOLinkSpeed" = 54000000
| | | | "CFBundleIdentifier" =
"com.apple.driver.AppleAirPortBrcm4311"
| | | | "IOProbeScore" = 0
| | | | "IOMinPacketSize" = 64
| | | | "IOMatchCategory" = "IODefaultMatchCategory"
| | | | "IONameMatched" = "pci14e4,4312"
| | | | "IONameMatch" =
("pci14e4,4311","pci14e4,4312","pci14e4,4324")
| | | | "IOSelectedMedium" = "00000080"
| | | | "IOLocale" = "Worldwide"
| | | | "IOGeneralInterest" = "IOCommand is not
serializable"
| | | | "IOVendor" = "Apple"
| | | | "IOActiveMedium" = "00000080"
| | | | "Power Management protected data" =
"{ theNumberOfPowerStates = 3, version 1, power state 0 =
{ capabilityFlags 00000000, outputPowerCharacter 00000000,
inputPowerRequirement 00000000, staticPower 0, unbudgetedPower 0,
powerToAttain 0, timeToAttain 25000, settleUpTime 0, timeToLower
25000, settleDownTime 0, powerDomainBudget 0 }, power state 1 =
{ capabilityFlags 0000b000, outputPowerCharacter 00000000,
inputPowerRequirement 00000400, staticPower 40, unbudgetedPower 0,
powerToAttain 0, timeToAttain 25000, settleUpTime 0, timeToLower
25000, settleDownTime 0, powerDomainBudget 0 }, power state 2 =
{ capabilityFlags 0000f000, outputPowerCharacter 00000000,
inputPowerRequirement 00000002, staticPower 0, unbudgetedPower 0,
powerToAttain 0, timeToAttain 25000, settleUpTime 0, timeToLower
25000, settleDownTime 0, powerDomainBudget 0 }, aggressiveness = 0,
myCurrentState = 2, parentsCurrentPowerFlags = 00000002,
maxCapability = 2 }"
| | | | "IOMACAddress" = <001451xxxxxx>
| | | | "Power Management private data" = "{ this
object = 02050400, interested driver = 02110d00, interested driver =
02050400, driverDesire = 0, deviceDesire = 2, ourDesiredPowerState =
2, previousRequest = 2 }"
| | | | "APFeatures" = 1
| | | | "APCurrentSSID" = "<REMOVED>"
| | | | "IOProviderClass" = "IOPCIDevice"
| | | | "IOMediumDictionary" = {"00000080"=
{"Type"=128,"Speed"=11000000,"Index"=0,"Flags"=0}}
| | | | "IOModel" = "Wireless Network Adapter (802.11
a/b/g)"
| | | | "IOFirmwareVersion" = "100.9 (3.120.28.3)"
| | | | "IOFeatures" = 0
| | | | "APMonitorMode" = No
| | | | "APCurrentChannel" = 6
| | | | "IOLinkStatus" = 3
| | | | "APCountryCode" = "XA"
| | | | "IOMaxPacketSize" = 1518
| | | | "APValidChannels" =
(1,2,3,4,5,6,7,8,9,10,11,12,13,36,40,44,48,52,56,60,64,100,104,10 8,112,1
16,120,124,128,132,136,140,149,153,157,161,165)
| | | | }















Other related posts: