Issue: ALFA AWUS036H WPA Handshake!

[MassAppeal]

I havent tried the Pre-Built VM Download yet with this because of the lag issue with it, but no doubt it will probably work because ive noticed a lot of differences between the ISO & The Downloadable VM

Specs
VMware 7.0, Downloaded the ISO Image and created my VM
Dell Laptop Latitude D620 512mb Ram | 30GB HD | Dual Core 1.8Ghz
Also tied my PC 4GB Ram | 1TB HD | Dual Core 2.8Ghz

My VM actually works better by the way on my laptop... which is weird.

Info
This device will not capture a WPA Handshake or Deauth properly.

Tested my rt73 TP-Link TL-WN321G & It works perfectly for Deauth & WPA Handshake Capture

Ive done the same steps for both my TP-Link & My ALFA

Code:

ifconfig wlan0 down
iwconfig wlan0 mode monitor
ifconfig wlan0 up
airodump-ng wlan0
airodump-ng -c 11 -w test --bssid bssid wlan0
aireplay-ng --deauth 5 -a AP MAC -c Client MAC wlan0

The ALFA will only Deauth if you use the --deauth 0 switch to make it indefinate but still wont capture the Handshake as the client re-authenticates. With rt73 you only need 5 max to deauth and as soon as you refresh a page it captures the WPA Handshake.

BT4 Final ISO comes with the mac80211 drivers and aparantly they are not as stable as ieee80211

Now from what ive read the BT4 Pre-Built Downloadable VM Image must be using ieee80211 because i can change power settings under iwpriv were as on the ISO i cannot.

And on the Pre-Built VM Image i have cracked WEP, so injection is fine on that... im wondering if this is the case should i blacklist mac80211 & go with ieee80211

I hope i can move forward with this, because i just bought the ALFA Card =P

Source http://www.aircrack-ng.org/doku.php?...ee80211_stacks

[muts]

BT includes both the mac802.11 (r8187) and ieee802.11 (rtl8187) versions of the 8187 driver. Both worked for me in a testing environment.
Try chaning between the drivers and test with the old ones, see how it works out for you.

[MassAppeal]

Ok im getting some funny results.

Setup#1

My Laptop
Internal Wifi 1490 Card - Connected to Router upstairs
ALFA Card running in BT

Upstairs
Netgear Router 54mb
Dads Laptop

I changed the way i go into monitor mode

Code:

airmon-ng start wlan0
ifconfig mon0 down
macchanger -A mon0
ifconfig mon0 up
airodump-ng mon0
airodump-ng -w test -c 11 --bssid 00:14:6C:9E:1F:8E mon0
aireplay-ng --deauth <Tried (1),(5),(10)&(0)> -a 00:14:6C:9E:1F:8E -c <My 1490 Mac>

That works perfectly... as soon as i re-authenticate i get the WPA key, It comes even quicker when i refresh a web browser in windows.

What stumps me is this,

Code:

aireplay-ng --deauth <Tried (1),(5),(10)&(0)> -a 00:14:6C:9E:1F:8E -c <Dads MAC>

I can deauth him but it takes about 5min for the Handshake to come through, compared to 10seconds whe i deauth myself.

I can see his packets stop & data stop then start back up again. I just find it odd that it takes such a long time to come through. Which may have been my problem in the first place.

Its as if its to far away or something... i mean the signal is -35 to 45... surely thats good enough. I have the ALFA Card with a 5db antenna...

EDIT

Have just tested this theory... and it is to far away... i thought surely the ALFA Card would do it but it doesnt... it only goes about 10m through walls. line of sight outside is ok for about 20m from what ive tested so far.