daily pastebin goal

how to setup your alfa awus036h usb wifi with Backtrack

a guest Dec 15th, 2011 13,501 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  2. Tutorial - How to use your Alfa Awus036H USB Wifi Adapter with Backtrack 5r1
  3. by gh0st
  5. Big Shouts to my brothers at irc.anonops.li #anonops and #antisec (what up guys!)
  6. Especially Poke and Shitstorm - thank you guys for everything you do for anonops, we appreciate it!
  7. Esepcially daboogiman and Power2all - thank you for all your hardwork and everything you do!
  10. Okay this is going to be a quick tutorial on how to setup your Alfa Awus36H USB Wifi Adapter when using Backtrack with vmware. Okay here is the the situation, you have a nice laptop and you are using Windows 7 and you installed vmware and you installed backtrack 5r1 ontop of windows 7 so you can have the best of both worlds, only one problem... When you go to use the great and i do mean great collection of wifi hacking tools that Backtrack offers you can not use your wireless card because it is being used by your host operating system (windows 7). So how do we get around this? When you are using backtrack as your guest operating system in vmware the only way you can use their wifi tools such as 'aircrack-ng' and 'wepcrack' etc is to order a USB wifi adapter, but which one you ask?
  12. If you go to the aircrack-ng website they will give you a list of compatible USB wifi adapters, but the one that i recommend 100% is the Alfa Awus036H USB Wifi Adapter, the reason i recommend this one is because the driver comes preinstalled on Backtrack and for the most part this usb wifi adapter is plug in play, but you will have to do a few small commands to get it to start. Are you ready?
  14. Here is the link for the compatible usb wifi adapter that will work with aircrack-ng:
  15. http://www.aircrack-ng.org/doku.php?id=compatibility_drivers
  17. Ok now you may be asking where to buy an Alfa Awus036H USB wifi adapter, please take note that there are lots of fake alfa products out there and you need a REAL ALFA PRODUCT for it to work with backtrack. The reason that you need a real Alfa Awus036H wifi adapter is because of the chipset. The chipset needs to be a Realtek rtl8187. If you do not get this chipset it will not work with backtrack!
  19. Here is where i ordered my Alfa Awus036H wifi adapter and it is authentic, this site had it at a great price and it shipped very fast. The company is located in Arizona so delivery speed obviously depends on how close you are to Arizona, but the 5 dollar shipping took 2 days to get to my house and I could not be happier. Here is where you get it:
  21. http://www.data-alliance.net  (GREAT COMPANY!)
  25. Here we go....
  27. Before we do anything lets run ifconfig to see what we have...
  29. root@bt:~# ifconfig
  30. eth0      Link encap:Ethernet  HWaddr 00:0c:29:8b:2d:fa  
  31.           inet addr:192.168.***.***  Bcast:192.168.***.***  Mask:
  32.           inet6 addr: fe80::20c:29ff:fe8b:2dfa/64 Scope:Link
  33.           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
  34.           RX packets:1359 errors:0 dropped:0 overruns:0 frame:0
  35.           TX packets:1273 errors:0 dropped:0 overruns:0 carrier:0
  36.           collisions:0 txqueuelen:1000
  37.           RX bytes:839997 (839.9 KB)  TX bytes:198073 (198.0 KB)
  38.           Interrupt:19 Base address:0x2024
  40. lo        Link encap:Local Loopback  
  41.           inet addr:  Mask:
  42.           inet6 addr: ::1/128 Scope:Host
  43.           UP LOOPBACK RUNNING  MTU:16436  Metric:1
  44.           RX packets:210 errors:0 dropped:0 overruns:0 frame:0
  45.           TX packets:210 errors:0 dropped:0 overruns:0 carrier:0
  46.           collisions:0 txqueuelen:0
  47.           RX bytes:35590 (35.5 KB)  TX bytes:35590 (35.5 KB)
  49. NOTICE how we have NO Wlan interface! But that will change very soon =-P
  52. Step 1. When you plug your usb wifi adapter into your laptop you need to go your status bar on vmware on the bottom right hand corner and find the icon for usb. Click on the usb icon and click (disconnect from host) This will disconnect your usb wifi adapter from your host operating system (windows 7) and connect it to your guest operating system -> Backtrack!
  54. Step 2. Lets verify that our usb wifi is connected with these 2 commands:
  56. root@bt:~# lsusb
  57. Bus 002 Device 004: ID 0e0f:0008 VMware, Inc.
  58. Bus 002 Device 003: ID 0e0f:0002 VMware, Inc. Virtual USB Hub
  59. Bus 002 Device 002: ID 0e0f:0003 VMware, Inc. Virtual Mouse
  60. Bus 002 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
  61. Bus 001 Device 002: ID 0bda:8187 Realtek Semiconductor Corp. RTL8187 Wireless Adapter  (HERE IT IS!)
  62. Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
  64. One more command to verify that it is connected and this one is more important..
  66. root@bt:~# airmon-ng
  69. Interface       Chipset         Driver
  71. wlan1           Realtek RTL8187L        rtl8187 - [phy0]
  74. Okay, all good so far!
  76. Step 3.  Okay now we need to load the rtl8187 driver and we do that by doing this...
  78. root@bt:~# modprobe rtl8187
  80. When you do that command you wont see anything happen and that is good, that means that the driver loaded with no problems.
  82. Step 4.  Okay, now we need to make sure that our wifi adapter is turned on so we do this...
  84. root@bt:~# dmesg |tail -20
  85. [  160.330998] cfg80211: 2457000 KHz - 2482000 KHz @  KHz), (300 mBi, 2000 mBm)
  86. [  160.331024] cfg80211: Updating information on frequency 2472 MHz for a 20 MHz width channel with regulatory rule:
  87. [  160.331047] cfg80211: 2457000 KHz - 2482000 KHz @  KHz), (300 mBi, 2000 mBm)
  88. [  160.331063] cfg80211: Updating information on frequency 2484 MHz for a 20 MHz width channel with regulatory rule:
  89. [  160.331085] cfg80211: 2474000 KHz - 2494000 KHz @  KHz), (300 mBi, 2000 mBm)
  90. [  160.384204] ieee80211 phy0: Selected rate control algorithm 'minstrel_ht'
  91. [  160.399900] ieee80211 phy0: hwaddr 00:c0:ca:54:ac:7b, RTL8187vB (default) V1 + rtl8225z2, rfkill mask 2
  92. [  160.572494] rtl8187: Customer ID is 0xFF
  93. [  160.582444] Registered led device: rtl8187-phy0::radio
  94. [  160.585455] Registered led device: rtl8187-phy0::tx
  95. [  160.588608] Registered led device: rtl8187-phy0::rx
  96. [  160.593854] rtl8187: wireless switch is on
  97. [  160.598136] usbcore: registered new interface driver rtl8187
  98. [  170.230398] ADDRCONF(NETDEV_UP): wlan0: link is not ready
  99. [  175.242441] rtl8187: wireless radio switch turned off
  100. [  300.335418] rtl8187: wireless radio switch turned on
  101. [  311.346969] rtl8187: wireless radio switch turned off
  102. [  656.426738] hrtimer: interrupt took 8964242 ns
  103. [ 1060.571652] rtl8187: wireless radio switch turned on
  104. [ 1076.942038] rtl8187: wireless radio switch turned off
  106. Notice how our rtl8187 driver is turned off! This is not a problem and this error is quite common, so what we are going to need to do is force our card back into an enabled state, and we do that by doing the following commands.
  108. Step 5.  Do the following commands:
  109. root@bt:~# rmmod rtl8187
  110. root@bt:~# rfkill block all
  111. root@bt:~# rfkill unblock all
  112. root@bt:~# modprobe rtl8187
  113. root@bt:~# rfkill unblock all
  114. root@bt:~# ifconfig wlan1 up
  117. Okay notice on the very last command we loaded the wlan1 interface, the reason that we knew to load that wirless interface is because when we did the 'airmon-ng' commmand with no arguments earlier it showed us that our driver was using wlan1 is its wireless
  118. interface. If you are unsure on what your interface is before you do the last command 'ifconfig wlan1 up' do this command: 'airmon-ng' to see what interface you need to put up with ifconfig. Okay now lets check ifconfig...
  120. Step 6: ifconfig
  122. root@bt:~# ifconfig
  123. eth0      Link encap:Ethernet  HWaddr 00:0c:29:8b:2d:fa  
  124.           inet addr:192.168.***.***  Bcast:192.168.***.***  Mask:
  125.           inet6 addr: fe80::20c:29ff:fe8b:2dfa/64 Scope:Link
  126.           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
  127.           RX packets:1394 errors:0 dropped:0 overruns:0 frame:0
  128.           TX packets:1308 errors:0 dropped:0 overruns:0 carrier:0
  129.           collisions:0 txqueuelen:1000
  130.           RX bytes:844347 (844.3 KB)  TX bytes:202225 (202.2 KB)
  131.           Interrupt:19 Base address:0x2024
  133. lo        Link encap:Local Loopback  
  134.           inet addr:  Mask:
  135.           inet6 addr: ::1/128 Scope:Host
  136.           UP LOOPBACK RUNNING  MTU:16436  Metric:1
  137.           RX packets:262 errors:0 dropped:0 overruns:0 frame:0
  138.           TX packets:262 errors:0 dropped:0 overruns:0 carrier:0
  139.           collisions:0 txqueuelen:0
  140.           RX bytes:42330 (42.3 KB)  TX bytes:42330 (42.3 KB)
  142. wlan1     Link encap:Ethernet  HWaddr 2c:68:04:1e:04:1e  
  143.           UP BROADCAST MULTICAST  MTU:1500  Metric:1
  144.           RX packets:0 errors:0 dropped:0 overruns:0 frame:0
  145.           TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
  146.           collisions:0 txqueuelen:1000
  147.           RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
  149. YES!!! we now have a wireless interface that we can now use! Okay we are almost done, we have a wirless interface but inorder to use tools such as aircrack-ng or wepcrack we need to put our Alfa Awus036H USB Wifi Adapter in monitor mode so we can utilize backtrack's wifi tools.
  151. Here is how we put our Alfa usb wifi adapter into monitor mode!
  153. Step 7.  airmon-ng start wlan1
  155. root@bt:~# airmon-ng start wlan1
  158. Found 4 processes that could cause trouble.
  159. If airodump-ng, aireplay-ng or airtun-ng stops working after
  160. a short period of time, you may want to kill (some of) them!
  162. PID     Name
  163. 860     dhclient3
  164. 914     NetworkManager
  165. 1092    wpa_supplicant
  166. 2220    knetworkmanager
  169. Interface       Chipset         Driver
  171. wlan1           Realtek RTL8187L        rtl8187 - [phy1]
  172.                                 (monitor mode enabled on mon0)
  174. Step 8. Okay now lets check ifconfig again, and see what we have!
  176. root@bt:~# ifconfig
  177. eth0      Link encap:Ethernet  HWaddr 00:0c:29:8b:2d:fa  
  178.           inet addr:192.168.***.***  Bcast:192.168.***.***  Mask:
  179.           inet6 addr: fe80::20c:29ff:fe8b:2dfa/64 Scope:Link
  180.           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
  181.           RX packets:1408 errors:0 dropped:0 overruns:0 frame:0
  182.           TX packets:1322 errors:0 dropped:0 overruns:0 carrier:0
  183.           collisions:0 txqueuelen:1000
  184.           RX bytes:847155 (847.1 KB)  TX bytes:204979 (204.9 KB)
  185.           Interrupt:19 Base address:0x2024
  187. lo        Link encap:Local Loopback  
  188.           inet addr:  Mask:
  189.           inet6 addr: ::1/128 Scope:Host
  190.           UP LOOPBACK RUNNING  MTU:16436  Metric:1
  191.           RX packets:284 errors:0 dropped:0 overruns:0 frame:0
  192.           TX packets:284 errors:0 dropped:0 overruns:0 carrier:0
  193.           collisions:0 txqueuelen:0
  194.           RX bytes:45246 (45.2 KB)  TX bytes:45246 (45.2 KB)
  196. mon0      Link encap:UNSPEC  HWaddr 2C-68-04-1E-04-1E-30-30-00-00-00-00-00-00-00-00  
  197.           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
  198.           RX packets:14217 errors:0 dropped:14228 overruns:0 frame:0
  199.           TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
  200.           collisions:0 txqueuelen:1000
  201.           RX bytes:2072067 (2.0 MB)  TX bytes:0 (0.0 B)
  203. wlan1     Link encap:Ethernet  HWaddr 2c:68:04:1e:04:1e  
  204.           UP BROADCAST MULTICAST  MTU:1500  Metric:1
  205.           RX packets:0 errors:0 dropped:0 overruns:0 frame:0
  206.           TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
  207.           collisions:0 txqueuelen:1000
  208.           RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
  210. Okay now notice how we have a new interface mon0, this is our monitor mode that we need to utilize tools such as aircrack-ng and wepcrack, we are doing good!!
  212. Step 9.  Okay now lets see what wirless networks we can find...
  214. run this command to find available wireless networks:
  216. root@bt# airodump-ng mon0
  218. watch airodump-ng find all the wireless networks in your area, and since you are using the
  219. Alfa Awus036H USB Wifi Adapter your range is amazing! You will find wifi networks far away
  220. fom you!
  222. Well i hope this has been helpfull, i want to tak this time to thank the great guys at Backtrack for such an amazing linux distro, you guys can never get enough credit, your operating system is amazing and i love it!
  224. Again, i hope this has been helpful and if you have any questions you can find me on irc at irc.anonops.li #anonops
  226. -gh0st
RAW Paste Data