Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

Sorry Guest, you are banned from posting and sending personal messages on this forum.

This ban is not set to expire.

[peterfarge]

Hello Forum,

I have a USB Awus036h (with RTL8187 chipset) and a In-build wifi chipset. I want to test my wlan. I can set both wlan cards in monitor mode and catch handshakes. The In-build wifi card catches immediately my handshake if I connect my android phone. If I open a web page, the #data counter goes straight up. It only sees very few foreign wlans. The Awus036h catches the handshake of my phone only every 10th try. The #data packet counter stays at a very low level if a open a web page. On the other hand I can see much more foreign APs.

All devices are in the same room without obstacles. I'm using Debian Jessie with the generic 3.16.0-4-amd64 kernel. My guess is that I have to patch the kernel driver? Because in the Kali forum they say that the generic kernel filters packets that are not designated for my machine.

Can some give my a hint how I could get my Awus036h running?

Edit: I have downloaded Kali and started a live session from a usb stick. With this drivers, the Awus036h devices catches the handshakes immediately. So it is a driver issue.


Thanks a lot

Peter

[misterx]

Kali has one patch and it doesn't do what you say. It has to do with not waiting for ACKs: http://patches.aircrack-ng.org/mac80211.compat08082009.wl_frag+ack_v1.patch

Any reason you're using such an old version of the kernel and an old version of debian? Chances are that the issue is due to a bug in the driver that was resolved later on.

[peterfarge]

I have upgraded Debian to Stretch. I had packet dependency problems as expected. I'm no fan of this procedure, if the machine is running, I dont want to make big changes Anyway, the Alfa adapter cant catch handshakes.

I made a mistake: In the USB Live Kali distro are the wlan adapters exchanged. wlan0 is here the external Alfa adapter and wlan1 is the inbuild Intel3160 adapter. I thought the Alfa works here, but in reality I was using the Intel adapter. So it seems its not a driver problem. I have tried exchanging the usb cable to the Alfa adapter, but it made the problem worse. If I open a web page on my smartphone the Alfa adapter counts 160 packets, while the inbuild Intel adapter counts 4500 packets. If I do a wireshark analysis of the Alfa capture and filter for the eapol packets, it captures sometimes nothing, sometimes only the third eapol messages. The other three eapol packets are always missing.  The Intel adapter nearly always captures all 4 eapol messages. If I connect a laptop to may ap, the alfa can sometimes catch this handshake. But never the smartphone handshake.

[robertkjonesjr]

Are you sure this isn't a modulation issue?  The wifi adapters have very different capabilities:

https://wikidevi.com/wiki/Intel_Dual_Band_Wireless-AC_3160_(3160NGW)
https://wikidevi.com/wiki/ALFA_Network_AWUS036H

For testing, dumb-down the AP to 802.11bg only and see if the comparison improves.

[misterx]

And regarding the intel adapter being seen as wlan1, it's probably due to the order the detection is done. A way around it is to plug the USB adapter later on.

[peterfarge]

I'm using a OpenWRT router. In the settings I can only select the 802.11g+n band. You are thinking the router uses the 5GHz band? No, it is fixed to channel 11 in the 2.4GHz band. The Alfa is in monitor mode and it sees the router and the smartphone and it can catch some data packets, but the eapol packets are always incomplete.

The Alfa is ~5 years old. I used it the first months after buying extensively and then it was put on a shelf, because its unhandy to transport. Could it be that the device hardware is dimmed somehow? Though I can establish a normal internet connection through the Alfa. The antenna was always connected and if I remove it, I cant see any scratches in the golden screw/nut. So no reflections. I can exchange the antenna with one of the routers antennas, but the reception stays. No improvement, no visible decline. Is it possible to test the device packet reception somehow? In the faq you have a buying section and the Awus036h is still on top. So its still the best card out there. And this dimmed behavior is not normal? (I'm thinking to buy a new wifi card...)

Edit: I'm using no VM. I killed the disturbing processes with airmon-ng check kill. Additionally I installed kali 2018.8 on the laptop within another partition and made a apt-get update & upgrade. The problem with the Alfa remains.

[misterx]

When setting to g+n, most recent devices being 802.11n, will connect using that mode, which is not visible to the AWUS because it is 802.11b/g only.

It's unlikely that hardware would break if left unused.

[peterfarge]

I have updated my OpenWRT router from Barrier Breaker to Chaos Calmer. Instead of Band I have a Combobox labeled Mode. I can switch between N and legacy. I'm guessing that legacy means 802.11 b/g/a, because then a bandwidth of 40MHz isnt possible anymore. So now its the other way around: I needed 6 tries switching wlan on/off to catch the handshake with the inbuild intel adapter, but the Alfa Awus036h catches the complete handshake on every second try. But the data packets problem stays: If I start airodump in the same second and open a webpage in my smartphone, the alfa catches 376 data packets (306 beacons) and the inbuild intel card catches 1044 data packets (434 beacons).

Because of the data rate (MB column), I can see if its a 802.11b or 802.11g network, but how can I see that its a 802.11n network? I can find any info in iwlist wlan1 scan either. How can I recognize a 802.11n network?

[misterx]

If you have aircrack-ng 1.2, it should be pretty obvious with rates that are different from b/g rates 1,2,5.5,11, 24, 36,48,54.

802.11b would be 1,2,5.5,11 and 802.11g also supports 24, 36,48,54.