dingrite
2015-05-05, 15:30
Tested it by downloading a large file, the cap file size was less than 25% of the downloaded file size.
Captured traffic was my smartphones connection to my router, WPA handshake was captured and wireshark appears to have decrypted everything well.
During the download I also made a few POST requests to non-ssl forums with the intent to pull user/pass, when trying to find "http.request.method==POST" in wireshark it returned a single unrelated result only, so clearly those packets were entirely missed.
Environment: VMWare 10.0.1 build-1379776
Image: Kali official 32bit VM files.
Wireless card: AWUS036NEH
When I plugged it into VMware it did give me a notice about how "was unable to connect to the ideal host controller...", might have something to do with a USB3 slot? Could be the cause?
The following was done to start the capture:
airmon-zc check kill
airmon-zc start wlan0
airodump-ng wlan0mon -c [x] --bssid [y] -w test
ifconfig:
wlan0mon Link encap:UNSPEC HWaddr 00-XX-XX-XX-XX-XX-00-00-00-00-00-00-00-00-00-00
UP BROADCAST NOTRAILERS RUNNING PROMISC ALLMULTI MTU:1500 Metric:1
RX packets:192070 errors:0 dropped:25999 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:43151268 (41.1 MiB) TX bytes:0 (0.0 B)
iwconfig:
wlan0mon IEEE 802.11bgn Mode:Monitor Frequency:2.417 GHz Tx-Power=20 dBm
Retry short limit:7 RTS thr:off Fragment thr:off
Power Management:off
dmesg:
[ 426.547528] usb 1-2.1: reset high-speed USB device number 4 using uhci_hcd
[ 426.941704] ieee80211 phy0: rt2x00_set_rt: Info - RT chipset 3070, rev 0201 detected
[ 427.416267] ieee80211 phy0: rt2x00_set_rf: Info - RF chipset 0005 detected
[ 427.453172] ieee80211 phy0: Selected rate control algorithm 'minstrel_ht'
[ 427.463696] usbcore: registered new interface driver rt2800usb
[ 427.560659] ieee80211 phy0: rt2x00lib_request_firmware: Info - Loading firmware file 'rt2870.bin'
[ 427.564664] rt2800usb 1-2.1:1.0: firmware: direct-loading firmware rt2870.bin
[ 427.564800] ieee80211 phy0: rt2x00lib_request_firmware: Info - Firmware detected - version: 0.29
[ 431.556258] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready
[ 515.383278] device wlan0mon entered promiscuous mode
lsusb:
Bus 001 Device 004: ID 148f:3070 Ralink Technology, Corp. RT2870/RT3070 Wireless Adapter
root@kali:~/Desktop# airmon-zc --verbose
Linux kali 3.18.0-kali1-586 #1 Debian 3.18.3-1~kali4 (2015-01-22) i686 GNU/Linux
Detected VM using lscpu
This appears to be a VMware Virtual Machine
If your system supports VT-d, it may be possible to use PCI devices
If your system does not support VT-d, you can only use USB wifi cards
K indicates driver is from 3.18.0-kali1-586
V indicates driver comes directly from the vendor, almost certainly a bad thing
S indicates driver comes from the staging tree, these drivers are meant for reference not actual use, BEWARE
? indicates we do not know where the driver comes from... report this
X[PHY]Interface Driver[Stack]-FirmwareRev Chipset Extended Info
K[phy0]wlan0mon rt2800usb[mac80211]-0.29 Ralink Technology, Corp. RT2870/RT3070
root@kali:~/Desktop# lsmod
Module Size Used by
arc4 12487 2
rt2800usb 21861 0
rt2x00usb 17426 1 rt2800usb
rt2800lib 76819 1 rt2800usb
rt2x00lib 41346 3 rt2x00usb,rt2800lib,rt2800usb
mac80211 446799 3 rt2x00lib,rt2x00usb,rt2800lib
cfg80211 357999 2 mac80211,rt2x00lib
crc_ccitt 12331 1 rt2800lib
rfkill 18380 1 cfg80211
nfnetlink_log 17065 0
nfnetlink 12896 1 nfnetlink_log
binfmt_misc 12726 1
vmw_vsock_vmci_transport 29401 0
vsock 26240 1 vmw_vsock_vmci_transport
fuse 77496 3
vmhgfs 46396 0
loop 26052 0
dm_crypt 22256 0
joydev 16847 0
snd_ens1371 22679 2
snd_rawmidi 22278 1 snd_ens1371
vmwgfx 146807 1
snd_seq_device 12980 1 snd_rawmidi
snd_ac97_codec 100246 1 snd_ens1371
snd_pcm 78177 2 snd_ac97_codec,snd_ens1371
ttm 50758 1 vmwgfx
snd_timer 22002 1 snd_pcm
drm_kms_helper 67474 1 vmwgfx
snd 50998 10 snd_ac97_codec,snd_timer,snd_pcm,snd_rawmidi,snd_e ns1371,snd_seq_device
drm 212910 5 ttm,drm_kms_helper,vmwgfx
vmw_balloon 12586 0
coretemp 12686 0
soundcore 12890 1 snd
psmouse 98252 0
ac97_bus 12462 1 snd_ac97_codec
gameport 13306 1 snd_ens1371
i2c_piix4 16688 0
evdev 17137 5
serio_raw 12737 0
vmw_vmci 50587 1 vmw_vsock_vmci_transport
i2c_core 37031 3 drm,i2c_piix4,drm_kms_helper
parport_pc 25991 0
parport 35171 1 parport_pc
8250_fintek 12691 0
shpchp 30673 0
processor 23285 0
thermal_sys 32258 1 processor
battery 13164 0
ac 12627 0
button 12860 0
ext4 434723 1
crc16 12327 1 ext4
mbcache 12940 1 ext4
jbd2 68810 1 ext4
dm_mod 82864 1 dm_crypt
vmw_pvscsi 21263 0
vmxnet3 47689 0
hid_generic 12369 0
usbhid 43794 0
hid 80992 2 hid_generic,usbhid
sr_mod 21568 0
cdrom 46828 1 sr_mod
sg 29679 0
ata_generic 12450 0
crc32_pclmul 12809 0
crc32c_intel 12659 0
sd_mod 43039 3
aesni_intel 17934 0
aes_i586 16647 1 aesni_intel
xts 12583 1 aesni_intel
lrw 12645 1 aesni_intel
gf128mul 12834 2 lrw,xts
ablk_helper 12508 1 aesni_intel
cryptd 14160 1 ablk_helper
floppy 56252 0
ata_piix 29371 0
libata 157914 2 ata_generic,ata_piix
mptspi 21671 2
scsi_transport_spi 23201 1 mptspi
mptscsih 22263 1 mptspi
mptbase 64155 2 mptspi,mptscsih
uhci_hcd 38911 0
ehci_hcd 60719 0
usbcore 171042 5 uhci_hcd,rt2x00usb,rt2800usb,ehci_hcd,usbhid
usb_common 12621 1 usbcore
pcnet32 39006 0
mii 12595 1 pcnet32
scsi_mod 172633 8 sg,scsi_transport_spi,libata,mptspi,vmw_pvscsi,sd_ mod,sr_mod,mptscsih
Captured traffic was my smartphones connection to my router, WPA handshake was captured and wireshark appears to have decrypted everything well.
During the download I also made a few POST requests to non-ssl forums with the intent to pull user/pass, when trying to find "http.request.method==POST" in wireshark it returned a single unrelated result only, so clearly those packets were entirely missed.
Environment: VMWare 10.0.1 build-1379776
Image: Kali official 32bit VM files.
Wireless card: AWUS036NEH
When I plugged it into VMware it did give me a notice about how "was unable to connect to the ideal host controller...", might have something to do with a USB3 slot? Could be the cause?
The following was done to start the capture:
airmon-zc check kill
airmon-zc start wlan0
airodump-ng wlan0mon -c [x] --bssid [y] -w test
ifconfig:
wlan0mon Link encap:UNSPEC HWaddr 00-XX-XX-XX-XX-XX-00-00-00-00-00-00-00-00-00-00
UP BROADCAST NOTRAILERS RUNNING PROMISC ALLMULTI MTU:1500 Metric:1
RX packets:192070 errors:0 dropped:25999 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:43151268 (41.1 MiB) TX bytes:0 (0.0 B)
iwconfig:
wlan0mon IEEE 802.11bgn Mode:Monitor Frequency:2.417 GHz Tx-Power=20 dBm
Retry short limit:7 RTS thr:off Fragment thr:off
Power Management:off
dmesg:
[ 426.547528] usb 1-2.1: reset high-speed USB device number 4 using uhci_hcd
[ 426.941704] ieee80211 phy0: rt2x00_set_rt: Info - RT chipset 3070, rev 0201 detected
[ 427.416267] ieee80211 phy0: rt2x00_set_rf: Info - RF chipset 0005 detected
[ 427.453172] ieee80211 phy0: Selected rate control algorithm 'minstrel_ht'
[ 427.463696] usbcore: registered new interface driver rt2800usb
[ 427.560659] ieee80211 phy0: rt2x00lib_request_firmware: Info - Loading firmware file 'rt2870.bin'
[ 427.564664] rt2800usb 1-2.1:1.0: firmware: direct-loading firmware rt2870.bin
[ 427.564800] ieee80211 phy0: rt2x00lib_request_firmware: Info - Firmware detected - version: 0.29
[ 431.556258] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready
[ 515.383278] device wlan0mon entered promiscuous mode
lsusb:
Bus 001 Device 004: ID 148f:3070 Ralink Technology, Corp. RT2870/RT3070 Wireless Adapter
root@kali:~/Desktop# airmon-zc --verbose
Linux kali 3.18.0-kali1-586 #1 Debian 3.18.3-1~kali4 (2015-01-22) i686 GNU/Linux
Detected VM using lscpu
This appears to be a VMware Virtual Machine
If your system supports VT-d, it may be possible to use PCI devices
If your system does not support VT-d, you can only use USB wifi cards
K indicates driver is from 3.18.0-kali1-586
V indicates driver comes directly from the vendor, almost certainly a bad thing
S indicates driver comes from the staging tree, these drivers are meant for reference not actual use, BEWARE
? indicates we do not know where the driver comes from... report this
X[PHY]Interface Driver[Stack]-FirmwareRev Chipset Extended Info
K[phy0]wlan0mon rt2800usb[mac80211]-0.29 Ralink Technology, Corp. RT2870/RT3070
root@kali:~/Desktop# lsmod
Module Size Used by
arc4 12487 2
rt2800usb 21861 0
rt2x00usb 17426 1 rt2800usb
rt2800lib 76819 1 rt2800usb
rt2x00lib 41346 3 rt2x00usb,rt2800lib,rt2800usb
mac80211 446799 3 rt2x00lib,rt2x00usb,rt2800lib
cfg80211 357999 2 mac80211,rt2x00lib
crc_ccitt 12331 1 rt2800lib
rfkill 18380 1 cfg80211
nfnetlink_log 17065 0
nfnetlink 12896 1 nfnetlink_log
binfmt_misc 12726 1
vmw_vsock_vmci_transport 29401 0
vsock 26240 1 vmw_vsock_vmci_transport
fuse 77496 3
vmhgfs 46396 0
loop 26052 0
dm_crypt 22256 0
joydev 16847 0
snd_ens1371 22679 2
snd_rawmidi 22278 1 snd_ens1371
vmwgfx 146807 1
snd_seq_device 12980 1 snd_rawmidi
snd_ac97_codec 100246 1 snd_ens1371
snd_pcm 78177 2 snd_ac97_codec,snd_ens1371
ttm 50758 1 vmwgfx
snd_timer 22002 1 snd_pcm
drm_kms_helper 67474 1 vmwgfx
snd 50998 10 snd_ac97_codec,snd_timer,snd_pcm,snd_rawmidi,snd_e ns1371,snd_seq_device
drm 212910 5 ttm,drm_kms_helper,vmwgfx
vmw_balloon 12586 0
coretemp 12686 0
soundcore 12890 1 snd
psmouse 98252 0
ac97_bus 12462 1 snd_ac97_codec
gameport 13306 1 snd_ens1371
i2c_piix4 16688 0
evdev 17137 5
serio_raw 12737 0
vmw_vmci 50587 1 vmw_vsock_vmci_transport
i2c_core 37031 3 drm,i2c_piix4,drm_kms_helper
parport_pc 25991 0
parport 35171 1 parport_pc
8250_fintek 12691 0
shpchp 30673 0
processor 23285 0
thermal_sys 32258 1 processor
battery 13164 0
ac 12627 0
button 12860 0
ext4 434723 1
crc16 12327 1 ext4
mbcache 12940 1 ext4
jbd2 68810 1 ext4
dm_mod 82864 1 dm_crypt
vmw_pvscsi 21263 0
vmxnet3 47689 0
hid_generic 12369 0
usbhid 43794 0
hid 80992 2 hid_generic,usbhid
sr_mod 21568 0
cdrom 46828 1 sr_mod
sg 29679 0
ata_generic 12450 0
crc32_pclmul 12809 0
crc32c_intel 12659 0
sd_mod 43039 3
aesni_intel 17934 0
aes_i586 16647 1 aesni_intel
xts 12583 1 aesni_intel
lrw 12645 1 aesni_intel
gf128mul 12834 2 lrw,xts
ablk_helper 12508 1 aesni_intel
cryptd 14160 1 ablk_helper
floppy 56252 0
ata_piix 29371 0
libata 157914 2 ata_generic,ata_piix
mptspi 21671 2
scsi_transport_spi 23201 1 mptspi
mptscsih 22263 1 mptspi
mptbase 64155 2 mptspi,mptscsih
uhci_hcd 38911 0
ehci_hcd 60719 0
usbcore 171042 5 uhci_hcd,rt2x00usb,rt2800usb,ehci_hcd,usbhid
usb_common 12621 1 usbcore
pcnet32 39006 0
mii 12595 1 pcnet32
scsi_mod 172633 8 sg,scsi_transport_spi,libata,mptspi,vmw_pvscsi,sd_ mod,sr_mod,mptscsih