'Wrong radiotap header version' in airodump when injecting using patched zd1211rw driver

[anonymous]

When using build ver 284 with the patched version of the zd1211rw driver on a Zyxel G220 USB stick (zd1211b chipset) airodump alone works fine. Packet injection appears to work, however it causes airodump to (almost) immediately crash with an error 'wrong radiotap header version' and stop collecting ivs. aireplay still continues to work, however. This error is repeatable.

[hirte]

this is fixed in svn airodump, use the current version of airodump too, not just the patch

[anonymous]

Still not working - double-checked that I was using the latest SVN airodump and not the distro version. Which version of the driver should the patch be used on, the kernel one or the latest patched (there is a monitor mode fix that I haven't installed yet). Other possibility is maybe it's to do with zd1211 vs zd1211b????? Seems a bit odd if so...

I'll try re-making a new SVN download, but not hopeful...

[anonymous]

rebuild didn't work. Any transmit activity with aireplay-ng (fake auth or transmit) causes instant crash of airodump. Aireplay can run in-situ with aireplay before it captures anything to retransmit, however.

[hirte]

are we talking about 0.9-dev or 0.7 svn? cause i fixed it in 0.7...

[anonymous]

The version I have downloaded and compiled is revision 286 dated 9 Apr 2007

[anonymous]

from the SVN tree, that is

[hirte]

there are 2 branches in svn, first is in svn/trunk and second is in svn/branch/0.9-dev

[anonymous]

Definately 0.7 - the version file says so

[anonymous]

I'd just like to check on this which patches I should be applying...

I have applied ieee80211_inject and zd1211rw_inject_2.6.20 on a base backtrack 2 image (kernel 2.6.20). Both patched and compiled OK.

Also that I should be using the softmac version of the driver (this was released with the kernel) rather than the zd1211-mac80211 development version.

[anonymous]

Lol, ignore me being a Linux noob - Checked out the .c file myself and saw the only reference was commented out completely so looked into it further - it was loading my distro version before my newly compiled version, so a make -install sorted it out.

[latinsud]

I have got that error too, with hostap (iirc). It looks to me that there is a race condition between setting up monitor mode with radiotap and start sniffing.

[hirte]

Like i said, it should be fixed in both branches, due to the changed behaviour if a non radiotap frame is received in radiotap header mode. Befor r259 airodump-ng printed the 'Wrong radiotap header version' error and returned. Now airodump-ng just ignores such frames and continues with the next.

So this error message isn't even compiled into the binary anymore, there connot be such an error in current svn.