Page 2 of 2 FirstFirst 12
Results 11 to 19 of 19

Thread: ALFA Network AWUS036H 500mW Wifi USB Adapter -> Packet Injection??? Help

  1. #11
    Member
    Join Date
    Nov 2007
    Posts
    65

    Default

    These are my 2cents,

    im using that network card with BT2 drivers and when i change maccadress im not able to associate with any router, not even fake auth. So forget changeing mac adress and try.

    Hope this helps, i was lost too i jsut found out about this today trying and trying.

    The good news is that BT3 will have a updated kernel and better drivers for this, more stable i hope.

  2. #12
    Junior Member bwise's Avatar
    Join Date
    Nov 2007
    Posts
    69

    Default

    and if you are 2 impatient to wait until bt 3 then you can use the vmware image on aircrack's site . the association works well on that. i am still having problems with fake authentication but i can associate with my router and i don't think it's the drivers problem since that image is using the newest drivers.

  3. #13
    Member
    Join Date
    Mar 2007
    Posts
    204

    Default

    @grikster

    Hey, I'm suing the same card and it works fine for me for injection using the drivers that come wiht bt2, however i cant associate wiht my router, i can crack it just fine fakeauth/inject no problem nice and speedy aswell, but i can not connect to any AP. i get errors when settings the key.

    Upon reading this

    I am now on a mission to research kernel version 2.6.23, as mentioned it contains possibly the best all round driver for the AWUS036H.

    searching the forums directed me to this which pilotsnipes as posted more drivers, i downloaded the newest(01/Oct/2007) and put the modules on my BT2 usb boot to test them out, with these drivers i get 0 results when testing injection. and the same when trying to connect to an AP. maybe i need to do things differently, will try it again when i get home :-/

  4. #14
    Member
    Join Date
    Nov 2007
    Posts
    65

    Default

    merlin051 and bwise thanks for the info, its important to know im not the single one having this problems.

    Well i tried the bwise alternative witch is to download and use a vmware that´s in aircrack ftp its version 3.7 and it comes with rtl8187 module activation that does all for you, then i tried to auth and it worked, i will lets further this, but i know kismet works straight away no need to config it manually and other apps too. Not as sweet as BT but i have to use it till BT3 comes (3days) i hope with nice fix for our card.

  5. #15
    Member
    Join Date
    Mar 2007
    Posts
    204

    Default

    Ok, I got home and did some more testing, and I am pleased to say i have everything working. The below is how i used this card to successfully connect to an AP.


    Firstly download the modules with the new V5 Alfa patch. From here

    Extract the zipfile then place the modules into the bt/modules/ folder either in your ISO or onto your USB stick(I'm using a 2gb USB stick)

    Ok, now unplug your Alfa AWUS036H, then insert your CD/USB then reboot.

    Once BT loads up, login, then startx

    once loaded open up a command prompt. Then type the below code (DO NOT TYPE ITALICS)

    (The MAC change is optional as this method works without it)


    Code:
    cd rtl8187_linux_26.1010.0622.2006/
    make
    sh wlan0up 
    (Error about device not being plugged in)
    plug device in
    sh wlan0up 
    (receive error about file exists)
    ifconfig wlan0 down
    macchanger -m 00:11:22:33:44:55 wlan0
    ifconfig wlan0 up
    iwconfig wlan0 essid mynetwork key 1234567890
    (error about setting encode on wlan0)
    iwconfig wlan0 essid mynetwork key 1234567890
    dhcpcd wlan0
    ping www.google.com
    If the ping is responsive then you have successfully associated with your AP.

    This is the acual window containing all the commands i typed and complete error messages:
    Code:
    bt ~ # cd rtl8187_linux_26.1010.0622.2006/
    bt rtl8187_linux_26.1010.0622.2006 # sh wlan0up
    wlan0: ERROR while getting interface flags: No such device
    bt rtl8187_linux_26.1010.0622.2006 # sh wlan0up
    insmod: error inserting 'ieee80211_crypt-rtl.ko': -1 File exists
    insmod: error inserting 'ieee80211_crypt_wep-rtl.ko': -1 File exists
    insmod: error inserting 'ieee80211_crypt_tkip-rtl.ko': -1 File exists
    insmod: error inserting 'ieee80211_crypt_ccmp-rtl.ko': -1 File exists
    insmod: error inserting 'ieee80211-rtl.ko': -1 File exists
    insmod: error inserting 'r8187.ko': -1 File exists
    bt rtl8187_linux_26.1010.0622.2006 # iwconfig wlan0 mode managed essid "my-network" key 1234567890
    Error for wireless request "Set Encode" (8B2A) :
        SET failed on device wlan0 ; Operation not supported.
    bt rtl8187_linux_26.1010.0622.2006 # iwconfig wlan0 mode managed essid "my-network" key 1234567890
    bt rtl8187_linux_26.1010.0622.2006 # dhcpcd wlan0
    bt rtl8187_linux_26.1010.0622.2006 # ping www.google.com
    PING www.l.google.com (66.249.93.147) 56(84) bytes of data.
    64 bytes from ug-in-f147.google.com (66.249.93.147): icmp_seq=1 ttl=239 time=77.6 ms
    64 bytes from ug-in-f147.google.com (66.249.93.147): icmp_seq=2 ttl=239 time=69.9 ms
    64 bytes from ug-in-f147.google.com (66.249.93.147): icmp_seq=3 ttl=239 time=71.0 ms
    64 bytes from ug-in-f147.google.com (66.249.93.147): icmp_seq=4 ttl=239 time=79.4 ms
    64 bytes from ug-in-f147.google.com (66.249.93.147): icmp_seq=5 ttl=239 time=79.5 ms
    
    --- www.l.google.com ping statistics ---
    5 packets transmitted, 5 received, 0% packet loss, time 3997ms
    rtt min/avg/max/mdev = 69.991/75.544/79.534/4.178 ms
    bt rtl8187_linux_26.1010.0622.2006 #

    And just say for example you want to crack some WEP again, its just as simple as # airmon-ng start wlan0 The device will channel hop by default so remember to lock it to the channel you want to use(airmon-ng start wlan0 11 or iwconfig wlan0 mode monitor channel 11)

    Testing this device with aireplay-ng -9 is showing 100% injection on my AP and a friends infact nailed his wep in less than 3 mins injecting at 350 - 460 ps (64bit)

    Hope this guide helps someone, let me know your comments/problems as it could help me in the future :P

    WPA guide to come when i get more time on my hands.

  6. #16
    Member
    Join Date
    Nov 2007
    Posts
    65

    Default

    Great and simple tut,

    im gonna test it out and i will reply asap. Thanks again

  7. #17
    Just burned his ISO
    Join Date
    Jan 2008
    Posts
    22

    Default

    Quote Originally Posted by merlin051 View Post
    Code:
    bt rtl8187_linux_26.1010.0622.2006 # iwconfig wlan0 mode managed essid "my-network" key 1234567890
    Error for wireless request "Set Encode" (8B2A) :
        SET failed on device wlan0 ; Operation not supported.
    bt rtl8187_linux_26.1010.0622.2006 # iwconfig wlan0 mode managed essid "my-network" key 1234567890
    bt rtl8187_linux_26.1010.0622.2006 # dhcpcd wlan0
    bt rtl8187_linux_26.1010.0622.2006 # ping www dot google dot com
    iwconfig says "Operation not supported" the first time but then you execute the exact same command again and it works the second time? What changed in the meantime? It always tells me "Operation not supported" not just the first time, but the second time and every time thereafter too.

    Oh and the forum says "You are only allowed to post URLs to other sites after you have made 15 posts or more." So I had to mangle the reference GOOGLE, and that even though I was just quoting somebody else's message.

  8. #18
    Just burned his ISO 773451's Avatar
    Join Date
    Jan 2008
    Posts
    23

    Default

    I just got an ALFA AWUS036H about a week ago and I'm having a blast with it. I use Backtrack 3 on VMWare. and it took me a few days to figure out two VERY IMPORTANT THINGS. I think that both of them have everything to do with the fact that VMWare creates some latency that otherwise you might not find(#2) or perhaps is running some daemon that I need to turn off (#1) or maybe the drivers are just wonky on my setup. This thread (//forums.remote-exploit.org/showthread.php?t=9851) suggests that maybe my driver is doing something wrong in the command line interpreter, but I'm not sure.

    1. Associating doesnt work unless I shut down eth0 along with wlan0
    I can't explain why this is, but this sequence of commands produces an error:
    Code:
    airmon-ng stop wlan0
    ifconfig wlan0 down
    iwconfig eth0 ap XX:XX:XX:XX:XX:XX key #####################
    But if I shut down eth0, it works fine every time:
    Code:
    airmon-ng stop eth0
    airmon-ng stop wlan0
    ifconfig eth0 down
    ifconfig wlan0 down
    iwconfig eth0 ap XX:XX:XX:XX:XX:XX key #####################
    dhcpcd wlan0



    2. You have to limit the injection using the -x ### option when using aireplay-ng.
    I haven't experimented enough to find out what the optimal number is, but it's not important. I started at 900 and just lowered it until it stopped working to get to 180.

    for example:
    Code:
    aireplay-ng -2 -a BSSID -h MAC -x 180 wlan0


    Hope this helps someone else. Can anyone explain why it is that Backtrack 3 and VMWare keeps activating my eth0 interface after I've shut it down?

    Best regards,
    773451

    Quote Originally Posted by sergeikolomov View Post
    iwconfig says "Operation not supported" the first time but then you execute the exact same command again and it works the second time? What changed in the meantime? It always tells me "Operation not supported" not just the first time, but the second time and every time thereafter too.

    Oh and the forum says "You are only allowed to post URLs to other sites after you have made 15 posts or more." So I had to mangle the reference GOOGLE, and that even though I was just quoting somebody else's message.
    We’ve heard that a million monkeys at a million keyboards could produce the complete works of Shakespeare; now, thanks to the Internet, we know that is not true. –Robert Wilensky

  9. #19
    Just burned his ISO haqthat's Avatar
    Join Date
    Apr 2008
    Posts
    12

    Default

    Your methods look good, but what is the error message that you receive VERBATIM?

    I highly doubt the output was:

    Quote Originally Posted by Break16 View Post
    packet injection is not successful

    maybe there is a mac filter
    the ap is far away
    my card don't support the injection

Page 2 of 2 FirstFirst 12

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •