Page 1 of 4 123 ... LastLast
Results 1 to 10 of 52

Thread: RT2870 BT4 Guide (working!!!)

Hybrid View

  1. #1
    Junior Member
    Join Date
    Feb 2009
    Posts
    41

    Default RT2870 BT4 Guide (working!!!)

    Ok there have been a slew of threads following me posting my driver, but this is going to be an all encompasing guide answering most questions about getting this chipset working properly with BT4 (or any linux 2.6.27+).

    One thing to keep in mind is you can find an official, better working driver for this chipset from Ralink's website. This driver DOES support monitor mode but DOESN'T support injection. Seeing as how injection is kind of necessary to the point of thats probably why you got Backtrack, this is the answer for you .

    Other things to note: If you are using BT3 and wish to get the card working, you can use the hirte driver located here:
    http://hirte.aircrack-ng.org/rt2870-...-hirte.tar.bz2

    This driver will work perfectly for BT3. If you are using BT3 and it does not work, please follow my instructions below on how to add your device ID to the driver.

    Another note: The rt2870-nemesis driver is simply the hirte driver with the deviceID for a linksys wusb card, so unless you have the card, and are using BT3, its useless.


    On to getting this thing working in BT4beta:

    go here to get my driver rt2870-2.6.28-apocolipse.tar.gz:
    rt2870-2.6.28-apocolipse.tar.gz - FileFactory

    once you get this extract it with your preferred method.


    Section: Editing the rt2870.h file
    This section is important to both BT3 with the hirte driver, and BT4beta with my driver (or any other distro with kernel 2.6.27+).
    The first thing you need to do is open up a terminal, then issue the following commands:

    Code:
    :-$ cd rt2870-2.6.27-apocolipse                   (assuming you are in its parent directory)
    :-$ cd include
    :-$ lsusb
    Bus 001 Device 002: ID 1058:0701 Western Digital Technologies, Inc. 
    Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
    Bus 005 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
    Bus 004 Device 003: ID 046d:c501 Logitech, Inc. Cordless Mouse Receiver
    Bus 004 Device 002: ID 413c:2003 Dell Computer Corp. Keyboard
    Bus 004 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
    Bus 003 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
    Bus 002 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
    Bus 001 Device 002: ID 0E66:0009 Hawking Technologies, Inc   <------The line for my device
    The last line for me is my device, find the deviceID for your device accordingly. The ID is the 8 digit hex address, in my case it is "0E66:0009", yours WILL be different (unless you have a HWUN2 from Hawking Technologies)

    Now we're going to edit the include file to add the new device entry. to do this type:
    (rt2870-2.6.27-apocolipse/include folder still assumed)
    Code:
    :-$  nano rt2870.h
    Now, navigate down in this file untill you see a section that looks like this:
    Code:
    #define RT2870_USB_DEVICES	\
    {	\
    	{USB_DEVICE(0x148F,0x2770)}, /* Ralink */		\
    	{USB_DEVICE(0x148F,0x2870)}, /* Ralink */		\
    	{USB_DEVICE(0x0B05,0x1731)}, /* Asus */			\
    	{USB_DEVICE(0x0B05,0x1732)}, /* Asus */			\
    	{USB_DEVICE(0x0B05,0x1742)}, /* Asus */			\
    	{USB_DEVICE(0x0DF6,0x0017)}, /* Sitecom */		\
    	{USB_DEVICE(0x0DF6,0x002B)}, /* Sitecom */		\
    	{USB_DEVICE(0x0DF6,0x002C)}, /* Sitecom */		\
    	{USB_DEVICE(0x0DF6,0x002D)}, /* Sitecom */		\
    	{USB_DEVICE(0x14B2,0x3C06)}, /* Conceptronic */		\
    	{USB_DEVICE(0x14B2,0x3C28)}, /* Conceptronic */		\
    	{USB_DEVICE(0x2019,0xED06)}, /* Planex Communications, Inc. */		\
    	{USB_DEVICE(0x07D1,0x3C09)}, /* D-Link */		\
    	{USB_DEVICE(0x14B2,0x3C07)}, /* AL */			\
    	{USB_DEVICE(0x050D,0x8053)}, /* Belkin */		\
    	{USB_DEVICE(0x14B2,0x3C23)}, /* Airlink */		\
    	{USB_DEVICE(0x14B2,0x3C27)}, /* Airlink */		\
    	{USB_DEVICE(0x07AA,0x002F)}, /* Corega */		\
    	{USB_DEVICE(0x07AA,0x003C)}, /* Corega */		\
    	{USB_DEVICE(0x07AA,0x003F)}, /* Corega */		\
    	{USB_DEVICE(0x1044,0x800B)}, /* Gigabyte */		\
    	{USB_DEVICE(0x15A9,0x0006)}, /* Sparklan */		\
    	{USB_DEVICE(0x083A,0xB522)}, /* SMC */			\
    	{USB_DEVICE(0x083A,0xA618)}, /* SMC */			\
    	{USB_DEVICE(0x083A,0x7522)}, /* Arcadyan */		\
    	{USB_DEVICE(0x0CDE,0x0022)}, /* ZCOM */			\
    	{USB_DEVICE(0x0586,0x3416)}, /* Zyxel */		\
    	{USB_DEVICE(0x0CDE,0x0025)}, /* Zyxel */		\
    	{USB_DEVICE(0x1740,0x9701)}, /* EnGenius */		\
    	{USB_DEVICE(0x1740,0x9702)}, /* EnGenius */		\
    	{USB_DEVICE(0x0471,0x200f)}, /* Philips */		\
    	{USB_DEVICE(0x14B2,0x3C25)}, /* Draytek */		\
    	{USB_DEVICE(0x13D3,0x3247)}, /* AzureWave */	\
    	{USB_DEVICE(0x083A,0x6618)}, /* Accton */		\
    	{USB_DEVICE(0x15c5,0x0008)}, /* Amit */			\
    	{USB_DEVICE(0x0E66,0x0001)}, /* Hawking */		\
    	{USB_DEVICE(0x0E66,0x0003)}, /* Hawking */		\
    	{USB_DEVICE(0x129B,0x1828)}, /* Siemens */		\
            {}			 /* end marker */	\
    }
    You can see there is already a slew of devices in there, however not EVERY device is present. Look and see if you can find your device ID, the numbers are arranged differently, therefor my "0E66:0009" will look like "0x0E66,0x0009", the preceding 0x is just a marker that the number that follows is base 16, or hexidecimal. You can see on the bottom that there are 2 "Hawking" but neither are my 0009 hawking device, so i'm going to copy one of the entries and make the changes myself. Take a look at how this is done below, remember, copy an ENTIRE line, and make sure the ONLY thing different on the line is your device ID and if you want to be picky, the manufacturer string:
    Code:
    1.
    
    	{USB_DEVICE(0x0E66,0x0001)}, /* Hawking */		\
    	{USB_DEVICE(0x0E66,0x0003)}, /* Hawking */		\
    	{USB_DEVICE(0x129B,0x1828)}, /* Siemens */		\
    
    2.
    
    	{USB_DEVICE(0x0E66,0x0001)}, /* Hawking */		\
    	{USB_DEVICE(0x0E66,0x0003)}, /* Hawking */		\
    	{USB_DEVICE(0x0E66,0x0003)}, /* Hawking */		\
    	{USB_DEVICE(0x129B,0x1828)}, /* Siemens */		\
    
    3. 
    
    
    	{USB_DEVICE(0x0E66,0x0001)}, /* Hawking */		\
    	{USB_DEVICE(0x0E66,0x0003)}, /* Hawking */		\
    	{USB_DEVICE(0x0E66,0x0009)}, /* Hawking */		\
    	{USB_DEVICE(0x129B,0x1828)}, /* Siemens */		\
    Now that this is changed, press ctrl+o to save, ctrl+x to exit.
    Now that your back to the terminal, go up a directory back to the driver dir:
    Code:
    :-$ cd ..
    Now to compile and install the driver:
    Code:
    :-$ sudo make && make install
    you will get a lot of compiler output after that, and it will be installed. If it fails to install, look in the compiler output for any errors, and please post them here and i'll assist in getting them working.

    After compiling and installing, all you need to do is type:
    Code:
    :-$ modprobe rt2870sta
    Then to check if your device is up type:
    Code:
    :-$ iwconfig ra0
    if you see information about your device you're good to go, if you see "ra0 no device present" there's a problem, if there's a problem post your device name, devID, and preferably compiler output here again for assistance.

    Once its up and working, you can edit /etc/modules and add rt2870sta to the list of drivers to add on startup, after that get to pen testing!! congrats you now have injection!!

    EDIT:
    Changed to /etc/modules for loading it on boot, thanks fnord0

  2. #2
    Junior Member Zermelo's Avatar
    Join Date
    Feb 2010
    Posts
    54

    Default Works perfectly with the ALFA AWUS050NH

    Just installed this driver in BT4 for the AWUS050NH, as the hex id was already in the list, no modification was needed, just downloaded the driver, compiled and installed it.

    Worked perfectly after that:





    Good work apocolipse269, as this adapter will no doubt be very popular within the community, you made a lot of people happy.

    I couldn't get it compiled on Intrepid 2.6.27, but I don't have the output right here. I'll try a few more things and get back to you. But a big thanks.

    EDIT: Tried to compile again on Intrepid, no errors. The first time, I don't believe I ran a "make clean" on it, so that might have been the problem. In any case, great work. (Sorry for the big pics, I'll use thumbnails next time, lol).

  3. #3
    Junior Member Jano's Avatar
    Join Date
    Jan 2010
    Posts
    26

    Default

    Hi,
    - With Kernel 2.6.28 on Ubuntu Jaunty, all attacks are supported. (0 to 5)
    - Little problem for connection with Network-Manager. (but recognized with default driver rt2870)
    - To connect to the Internet (wep/wpa) I use the utility "Ralink Wireless Station".
    - Only problem for me, is to change the mac-address, because the card it resets with the original.

    Bye Jano
    Wireless: ALFA-AWUS036H, AWUS050NH, D-Link DWL-G650, D-Link DWL-G122, ZyXel G220, Linksys WUB54GR, Intel PRO/Wireless 3945ABG

  4. #4
    Senior Member fnord0's Avatar
    Join Date
    Jul 2008
    Posts
    144

    Default

    thanks a ton for the guide + the driver apocolipse269! u da man

    one thing of note ::

    Quote Originally Posted by apocolipse269 View Post
    Once its up and working, you can edit /etc/modules.conf and add rt2870sta to the list of drivers to add on startup

    now that BT4 is using debian/ubuntu as it's base distro, you gotta wrassle with a little different file structure as far as modules and startup files as concerned.

    so, in BT4beta the file to edit/update is /etc/modules to tell yr system to load a specific set of modules at boot time - as the /etc/modules.conf is for BT3 and slax/slackware systems (probably other distro's too).

    all in all, EXCELLENT GUIDE. -bookmarked-

    peace-
    fnord0

  5. #5
    Junior Member
    Join Date
    Feb 2009
    Posts
    41

    Default

    Quote Originally Posted by fnord0 View Post
    thanks a ton for the guide + the driver apocolipse269! u da man
    ...
    all in all, EXCELLENT GUIDE. -bookmarked-

    peace-
    fnord0


    i totally gave myself a high five after reading that hahaha

  6. #6
    Junior Member Zermelo's Avatar
    Join Date
    Feb 2010
    Posts
    54

    Default

    A little more news to report, has anyone tried this driver on a 64-bit setup? I did a fresh install of Intrepid on my laptop, but this time 64 bit, however, after I did "airmon-ng stop ra0", "airmon-ng start ra0", and tried "airodump-ng ra0", my system locked up. I tried it again after booting back up and it crashed the system.

    Jano or anyone have you tried them on a 64bit os yet? I'm interested in seeing if it is something unique to my configuration.

  7. #7
    Junior Member
    Join Date
    Feb 2009
    Posts
    41

    Default

    Quote Originally Posted by Zermelo View Post
    A little more news to report, has anyone tried this driver on a 64-bit setup? I did a fresh install of Intrepid on my laptop, but this time 64 bit, however, after I did "airmon-ng stop ra0", "airmon-ng start ra0", and tried "airodump-ng ra0", my system locked up. I tried it again after booting back up and it crashed the system.

    Jano or anyone have you tried them on a 64bit os yet? I'm interested in seeing if it is something unique to my configuration.
    fortunately for you it isn't unique to you. I tested it on my 64 bit ubuntu after writing it and got frequent crashes. I'm currently trying to get in touch with hirte who wrote the origional driver so I can get some information on how to patch the official driver for injection. Untill then you'll have to use bt4 or 32 bit Linux. This is after all the Backtrack4beta forum :P

  8. #8
    Senior Member fnord0's Avatar
    Join Date
    Jul 2008
    Posts
    144

    Thumbs up

    alright... my network card got here last night!
    apocolipse269, this document is right on the money! works for me and my alfa AWUS050NH - many thanks for that... (I didn't even have to mess around with the device ID, as per Zermelo's note)

    root@bt:~# lsusb -v -s 001:007
    Bus 001 Device 007: ID 148f:2770 Ralink Technology, Corp.
    Device Descriptor:
    bLength 18
    bDescriptorType 1
    bcdUSB 2.00
    bDeviceClass 0 (Defined at Interface level)
    bDeviceSubClass 0
    bDeviceProtocol 0
    bMaxPacketSize0 64
    idVendor 0x148f Ralink Technology, Corp.
    idProduct 0x2770
    bcdDevice 1.01
    iManufacturer 1 Ralink
    iProduct 2 802.11 n WLAN
    iSerial 3 1.0
    bNumConfigurations 1
    Configuration Descriptor:
    bLength 9
    bDescriptorType 2
    wTotalLength 53
    bNumInterfaces 1
    bConfigurationValue 1
    iConfiguration 0
    bmAttributes 0x80
    (Bus Powered)
    MaxPower 450mA
    Interface Descriptor:
    bLength 9
    bDescriptorType 4
    bInterfaceNumber 0
    bAlternateSetting 0
    bNumEndpoints 5
    bInterfaceClass 255 Vendor Specific Class
    bInterfaceSubClass 255 Vendor Specific Subclass
    bInterfaceProtocol 255 Vendor Specific Protocol
    iInterface 5 1.0
    Endpoint Descriptor:
    bLength 7
    bDescriptorType 5
    bEndpointAddress 0x81 EP 1 IN
    bmAttributes 2
    Transfer Type Bulk
    Synch Type None
    Usage Type Data
    wMaxPacketSize 0x0200 1x 512 bytes
    bInterval 0
    Endpoint Descriptor:
    bLength 7
    bDescriptorType 5
    bEndpointAddress 0x01 EP 1 OUT
    bmAttributes 2
    Transfer Type Bulk
    Synch Type None
    Usage Type Data
    wMaxPacketSize 0x0200 1x 512 bytes
    bInterval 0
    Endpoint Descriptor:
    bLength 7
    bDescriptorType 5
    bEndpointAddress 0x02 EP 2 OUT
    bmAttributes 2
    Transfer Type Bulk
    Synch Type None
    Usage Type Data
    wMaxPacketSize 0x0200 1x 512 bytes
    bInterval 0
    Endpoint Descriptor:
    bLength 7
    bDescriptorType 5
    bEndpointAddress 0x03 EP 3 OUT
    bmAttributes 2
    Transfer Type Bulk
    Synch Type None
    Usage Type Data
    wMaxPacketSize 0x0200 1x 512 bytes
    bInterval 0
    Endpoint Descriptor:
    bLength 7
    bDescriptorType 5
    bEndpointAddress 0x04 EP 4 OUT
    bmAttributes 2
    Transfer Type Bulk
    Synch Type None
    Usage Type Data
    wMaxPacketSize 0x0200 1x 512 bytes
    bInterval 0
    Device Qualifier (for other device speed):
    bLength 10
    bDescriptorType 6
    bcdUSB 2.00
    bDeviceClass 0 (Defined at Interface level)
    bDeviceSubClass 0
    bDeviceProtocol 0
    bMaxPacketSize0 64
    bNumConfigurations 1
    Device Status: 0x0000
    (Bus Powered)
    root@bt:~# modinfo rt2870sta
    filename: /lib/modules/2.6.28.1/kernel/drivers/net/wireless/rt2870sta.ko
    description: RT2870 Wireless Lan Linux Driver
    author: Paul Lin <paul_lin@ralinktech.com>
    license: GPL
    alias: usb:v129Bp1828d*dc*dsc*dp*ic*isc*ip*
    alias: usb:v0E66p0009d*dc*dsc*dp*ic*isc*ip*
    alias: usb:v0E66p0003d*dc*dsc*dp*ic*isc*ip*
    alias: usb:v0E66p0001d*dc*dsc*dp*ic*isc*ip*
    alias: usb:v15C5p0008d*dc*dsc*dp*ic*isc*ip*
    alias: usb:v083Ap6618d*dc*dsc*dp*ic*isc*ip*
    alias: usb:v13D3p3247d*dc*dsc*dp*ic*isc*ip*
    alias: usb:v14B2p3C25d*dc*dsc*dp*ic*isc*ip*
    alias: usb:v0471p200Fd*dc*dsc*dp*ic*isc*ip*
    alias: usb:v1740p9702d*dc*dsc*dp*ic*isc*ip*
    alias: usb:v1740p9701d*dc*dsc*dp*ic*isc*ip*
    alias: usb:v0CDEp0025d*dc*dsc*dp*ic*isc*ip*
    alias: usb:v0586p3416d*dc*dsc*dp*ic*isc*ip*
    alias: usb:v0CDEp0022d*dc*dsc*dp*ic*isc*ip*
    alias: usb:v083Ap7522d*dc*dsc*dp*ic*isc*ip*
    alias: usb:v083ApA618d*dc*dsc*dp*ic*isc*ip*
    alias: usb:v083ApB522d*dc*dsc*dp*ic*isc*ip*
    alias: usb:v15A9p0006d*dc*dsc*dp*ic*isc*ip*
    alias: usb:v1044p800Bd*dc*dsc*dp*ic*isc*ip*
    alias: usb:v07AAp003Fd*dc*dsc*dp*ic*isc*ip*
    alias: usb:v07AAp003Cd*dc*dsc*dp*ic*isc*ip*
    alias: usb:v07AAp002Fd*dc*dsc*dp*ic*isc*ip*
    alias: usb:v14B2p3C27d*dc*dsc*dp*ic*isc*ip*
    alias: usb:v14B2p3C23d*dc*dsc*dp*ic*isc*ip*
    alias: usb:v050Dp8053d*dc*dsc*dp*ic*isc*ip*
    alias: usb:v14B2p3C07d*dc*dsc*dp*ic*isc*ip*
    alias: usb:v07D1p3C09d*dc*dsc*dp*ic*isc*ip*
    alias: usb:v2019pED06d*dc*dsc*dp*ic*isc*ip*
    alias: usb:v14B2p3C28d*dc*dsc*dp*ic*isc*ip*
    alias: usb:v14B2p3C06d*dc*dsc*dp*ic*isc*ip*
    alias: usb:v0DF6p002Dd*dc*dsc*dp*ic*isc*ip*
    alias: usb:v0DF6p002Cd*dc*dsc*dp*ic*isc*ip*
    alias: usb:v0DF6p002Bd*dc*dsc*dp*ic*isc*ip*
    alias: usb:v0DF6p0017d*dc*dsc*dp*ic*isc*ip*
    alias: usb:v0B05p1742d*dc*dsc*dp*ic*isc*ip*
    alias: usb:v0B05p1732d*dc*dsc*dp*ic*isc*ip*
    alias: usb:v0B05p1731d*dc*dsc*dp*ic*isc*ip*
    alias: usb:v148Fp2870d*dc*dsc*dp*ic*isc*ip*
    alias: usb:v148Fp2770d*dc*dsc*dp*ic*isc*ip*
    depends:
    vermagic: 2.6.28.1 SMP mod_unload 486
    parm: mac:rt28xx: wireless mac addr (charp)

    usb 1-8: new high speed USB device using ehci_hcd and address 7
    usb 1-8: configuration #1 chosen from 1 choice
    rtusb init --->
    === pAd = f8ca3000, size = 491248 ===
    <-- RTMPAllocAdapterBlock, Status=0
    MAC: 00,31,2E,xx,xx,xx
    MAC: 00,31,2E,xx,xx,xx
    usbcore: registered new interface driver rt2870
    all looks fine and dandy, until I get here ::

    root@bt:~# iwconfig
    lo no wireless extensions.

    eth0 no wireless extensions.

    Warning: Driver for device ra0 has been compiled with an ancient version
    of Wireless Extension, while this program support version 11 and later.
    Some things may be broken...


    ra0 RT2870 Wireless ESSID:"" Nickname:""
    Mode:Auto Frequency=2.412 GHz
    Link Quality:0 Signal level:0 Noise level:113
    Rx invalid nwid:0 invalid crypt:0 invalid misc:0
    let me note that monitor mode seems to work fine, I can inject packets... all seems fine, but I don't like that warning in iwconfig... does anyone getthat warning? (Zermelo) I have so far failed miserably at recompiling the wireless extensions... any suggestions? *feel free to PM me* I'd love to chat with someone who may be able to help (( my attempts are dying with references to /bin/sh --- i've tred to delete that, and re-symlink it to /bin/bash, etc, etc... no luck ))

    thanks sooo much for this tutorial and driver, i be loving it... hooray injection!
    'see the fnords!'

  9. #9
    Just burned his ISO
    Join Date
    Jun 2009
    Posts
    1

    Default

    Is there any chance that this modified (enhanced imho) driver will be sent upstream?

  10. #10
    Just burned his ISO
    Join Date
    Jun 2009
    Posts
    2

    Default

    1st post, apologies in advance!

    this is all good, i got this driver working for my Belkin F5D8053 in BT4. thanks for that.

    iwconfig reports the RT2870 driver fine.

    unfortunately...

    query 1:
    when i run "airmon-ng start ra0" i get
    interface: ra0
    chipset: Ralink 2560 PCI
    driver: rt2500 (monitor mode enabled)

    is this normal? i was expecting more RT2870 responses.

    query 2:
    when i run "airodump-ng ra0" i seem to get very patchy results. my target network is on chan 11, but i don't get any results for chan 11, just 1-6. i also get quite a few "Invalid truesize" errors. googling suggests these can be ignored, but is this indicating another problem?

    query 3:
    when i run "airodump-ng -c 6 -b <bssid> -w <filename> ra0" with a relevant bssid and filename, i get "channel range already given" and weird results from channels 1-6 along with the Invalid truesize errors. which seems a bit weird?

    query 4:
    when i run "airmon-ng stop ra0" the kernel seems to crash. which i'm desperately guessing might be something to do with the rt2500/2560/2870 conflict above.

    i'm a noob so apologies if some/all above problems are in the wrong thread, but any pointers would be appreciated.

    let me know if i should supply more info.

    i'm guessing that the belkin antenna is just terrible and i should buy one of these nice alfa adaptors instead. is this a reasonable conclusion?

Page 1 of 4 123 ... LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •