Alfa AWUS050NH + rt2x00 from compat-wireless

[sanarothe]

hi. after a couple days of compiling and installing different drivers, I've gotten my usb AWUS050NH running. I cannot, however, inject (aireplay sends a bunch of requests, then gives me a list of possible reasons for failure.)
The default rt2800sta driver is blacklisted and unloaded: rt2800usb can see aps, was getting packets, but simply fails on injection. I've searched all around and looked through full threads, but I can't seem to find out how to get it working. Any help is very appreciated. >.>

Some output:

Code:

# aireplay-ng --test wlan0
03:53:31  Trying broadcast probe requests...
03:53:33  No Answer...
03:53:33  Found 1 AP

03:53:33  Trying directed probe requests...
03:53:33  00:1B:2F:E1:F2:72 - channel: 9 - 'Sherman'
03:53:39   0/30:   0%

Code:

aireplay-ng --test mon0
03:53:16  Trying broadcast probe requests...
03:53:17  Injection is working!
03:53:18  Found 1 AP

03:53:18  Trying directed probe requests...
03:53:18  00:1B:2F:E1:F2:72 - channel: 9 - 'Sherman'
03:53:18  Ping (min/avg/max): 1.349ms/6.128ms/27.039ms Power: 66.68
03:53:18  28/30:  93%

Code:

lsmod | grep rt
rt2800usb              37068  0
rt2x00usb               9836  1 rt2800usb
rt2x00lib              37100  2 rt2800usb,rt2x00usb
led_class               3408  1 rt2x00lib
input_polldev           3124  1 rt2x00lib
mac80211              212820  2 rt2x00usb,rt2x00lib
cfg80211               85836  2 rt2x00lib,mac80211
rfkill_backport        16992  1 cfg80211
gameport                9976  1 snd_ens1371
parport_pc             24068  1
parport                30444  2 lp,parport_pc
rtc_cmos               10124  0
rtc_core               15848  1 rtc_cmos
rtc_lib                 2380  1 rtc_core
agpgart                29384  1 intel_agp

[itsme]

Can I assume that the BT4 final and the AWUS050NH will work with the drivers and directions posted here?

[lupin]

Can I assume that the BT4 final and the AWUS050NH will work with the drivers and directions posted here?

Assume away. A better approach however would be to test it. Or ask in the new BackTrack forums if anyone else has tested it.

[itsme]

Well I had searched all over and this thread was the most current and most successful post on the subject.
So I went ahead and purchased it!
I am using BT4 Final (ISO installed) in a VM with USB pass thru.
Dexxra instructions worked!!! Thanks.
The first page instructions did not
I would add the new instruction point to the 1st page to get the ralink drivers from their site and the link doesn't work anymore.
I surfed to hxxp://w w w.ralinktech.com./license_us.php?n=2&p=1&t=U0wyRnpjMlYwY3k4eU1EQTVMe kF6THpNeEwyUnZkMjVzYjJGa056Z3hNamt4TURjd09TNTZhWEE 5UFQxU1ZESTROekJmUm1seWJYZGhjbVZmVmpnPUM%3D
Also, I got an error about usbnet being in use after the make unload.
I rebooted, ran make unload again before startx and it worked.
FYI, Light should be solid not blinking
ifconfig shouldn’t have a Ra0
iwconfig should already have a single interface, say "wlan0".

[msenoz]

@archangel.amael: I was thinking about doing that before I threw up my post, but I knew somewhere, somehow someone would copy the commands line by line and ask why they were not working.

Anyways, here is how I installed everything for my Alfa AWUS050NH on my BackTrack 4 Pre Release persistent USB stick. Make sure to replace the hxxp's with http's in the wget commands!

First I updated the IW package following Jano's tutorial and taking some backup advice from fnord0's guide:

Code:

mv /usr/bin/iw /usr/sbin/OLDiw--OGbt4beta
wget hxxp://wireless.kernel.org/download/iw/iw-0.9.18.tar.bz2
tar jxvf iw-0.9.18.tar.bz2
cd iw-0.9.18
make
make install
cp -p iw /usr/sbin

Make sure to double check that IW updated properly!

Code:

iw --version
iw version 0.9.18

Next, I installed the rt2870sta firmware directly from RealTek's website (The link is posted by fnord0 on the first page of this thread and is titled "Ralink corp. | Linux"). You will get some weird errors unzipping this file as mentioned by fnord0, but it does seem to be working perfectly fine:

Code:

unzip RT2870_Firmware_V8.zip
mv RT2870_Firmware_V8/rt2870.bin /lib/firmware
# Double check that the firmware was properly moved
ls -al /lib/firmware/rt2870.bin

This next part requires a little bit of knowledge from the user(s) and understanding which wireless drivers they actually have loaded. Generally, if you think you don't have any wireless drivers loaded and running and "rmmod mac80211" returns an error and lists dependencies, those are probably the drivers that are currently loaded and you will probably want to blacklist and unload those drivers temporarily for the compat wireless install. After I did this, I installed the compat wireless package suggested by Jano:

Code:

rmmod mac80211

echo "blacklist mac80211" | tee -a /etc/modprobe.d/blacklist
echo "blacklist rt2870sta" | tee -a /etc/modprobe.d/blacklist
echo "blacklist rt2800usb" | tee -a /etc/modprobe.d/blacklist

wget hxxp://download.aircrack-ng.org/drivers/compat-wireless-aircrack-alfa036h-050nh.tar.bz2
tar jxvf compat-wireless-aircrack-alfa036h-050nh.tar.bz2
cd compat-wireless-aircrack-alfa036h-050nh
make clean
make
make install
make unload

After the compat wireless package finished compiling and installing I loaded up the new rt2800usb driver:

Code:

modprobe rt2800usb

And voila, I had a working rt2800usb driver that works completely with aircrack-ng, kismet, and all the other devices I use for my wireless penetration tests. Again, "works completely" as far as I have tested and can tell. The only thing that is semi-annoying is that the rt2800usb driver does *NOT* work for actually connecting to an AP directly for an internet connection. For that, you have to unload the rt2800usb driver and load the rt2870sta driver that is pre-installed with BT4.

Also, if you want to change the MAC address while using the rt2870sta driver, you cannot use macchanger. I have been looking for a solution everywhere to get macchanger working with this driver, but have come up empty handed. However, you can edit /etc/modeprobe.d/options and change the MAC address by using a new "option":

Code:

nano /etc/modprobe.d/options
# Add the following line at the bottom and change "MAC Address" to the mac address you want! 
# ie; options rt2870sta mac="01:23:45:67:89:AB"
options rt2870sta mac="MAC Address"
ifconfig ra0 down
rmmod rt2870sta
modprobe rt2870sta

Code:

# ifconfig ra0
ra0       Link encap:UNSPEC  HWaddr 01-23-45-67-89-AB
          inet6 addr: fe80::ee65:59ff:feaa:5db0/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:5472 errors:0 dropped:0 overruns:0 frame:0
          TX packets:80 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:822994 (822.9 KB)  TX bytes:6640 (6.6 KB)

You can easily bash script that for convenience if you really wanted to.

I would like to thank fnord0 and Jano for their great tutorials on this subject. If anything I posted helps you, don't bother thanking me, thank them!

EDIT: Oops, just realized I forgot to add a link to Jano's tutorial!
hxxp://forum.aircrack-ng.org/index.php?topic=5755.0

fnord0's is located, well, on the first page of this thread.

Dexxra, thanks for the great tutorial, do you know whether this tutorial works for Awus036nh adapter which has rt3070 chip and ID 148f:3070