g0tmi1k
2013-04-29, 14:51
OS: Kali Linux 1.0.3 (x86)
Machine: Virtual (VMware)
Make/Model: ALFA Network AWUS036H (500mW)
Chipset: Realtek RTL8187L
Driver: rtl8187
Stack: mac80211
Injection: Yes
Method: Works out of the box. Plug in USB & go!
Reaver: No issues
Other hardware: Linksys WUSB54GC (https://forums.kali.org/showthread.php?3820-Working-Hardware-Linksys-WUSB54GC-v1-(Ralink-2573-USB-rt73usb)) & Edimax EW-7711UAN (https://forums.kali.org/showthread.php?25266-Working-Hardware-Edimax-EW-7711UAN-(Ralink-RT2870-rt2800usb))
root@kali:~# lsusb
Bus 001 Device 002: ID 0bda:8187 Realtek Semiconductor Corp. RTL8187 Wireless Adapter
Bus 002 Device 002: ID 0e0f:0003 VMware, Inc. Virtual Mouse
Bus 002 Device 003: ID 0e0f:0002 VMware, Inc. Virtual USB Hub
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 002 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 002 Device 004: ID 0e0f:0008 VMware, Inc.
root@kali:~# dmesg | grep 8187
[ 1.833207] usb 1-1: New USB device found, idVendor=0bda, idProduct=8187
[ 1.833214] usb 1-1: Product: RTL8187_Wireless_LAN_Adapter
[ 1.833216] usb 1-1: Manufacturer: Manufacturer_Realtek_RTL8187_
[ 4.377289] ieee80211 phy0: hwaddr 00:c0:ca:1e:60:92, RTL8187vB (default) V1 + rtl8225z2, rfkill mask 2
[ 4.404648] rtl8187: Customer ID is 0xFF
[ 4.404730] Registered led device: rtl8187-phy0::radio
[ 4.404753] Registered led device: rtl8187-phy0::tx
[ 4.404773] Registered led device: rtl8187-phy0::rx
[ 4.406489] rtl8187: wireless switch is on
[ 4.406555] usbcore: registered new interface driver rtl8187
root@kali:~#
root@kali:~# ifconfig
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:12 errors:0 dropped:0 overruns:0 frame:0
TX packets:12 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:720 (720.0 B) TX bytes:720 (720.0 B)
wlan0 Link encap:Ethernet HWaddr 00:c0:ca:1e:60:92
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
root@kali:~# iwconfig
wlan0 IEEE 802.11bg ESSID:off/any
Mode:Managed Access Point: Not-Associated Tx-Power=20 dBm
Retry long limit:7 RTS thr:off Fragment thr:off
Encryption key:off
Power Management:off
lo no wireless extensions.
root@kali:~#
root@kali:~# ls -l /sys/class/net/wlan0/device/driver
lrwxrwxrwx 1 root root 0 Apr 29 15:36 /sys/class/net/wlan0/device/driver -> ../../../../../../../bus/usb/drivers/rtl8187
root@kali:~# lsmod | grep -i rtl8187
rtl8187 31077 0
mac80211 287461 1 rtl8187
cfg80211 123887 2 mac80211,rtl8187
eeprom_93cx6 12641 1 rtl8187
usbcore 109555 5 btusb,uhci_hcd,rtl8187,ehci_hcd,usbhid
root@kali:~#
root@kali:~# airmon-ng
Interface Chipset Driver
wlan0 Realtek RTL8187L rtl8187 - [phy0]
root@kali:~# airmon-zc
X[PHY]Interface Driver[Stack]-FirmwareRev Chipset Extended Info
K[phy0]wlan0 rtl8187[mac80211]-unavailable Realtek Semiconductor Corp. RTL8187
root@kali:~#
root@kali:~# iwlist wlan0 frequency
wlan0 14 channels in total; available frequencies :
Channel 01 : 2.412 GHz
Channel 02 : 2.417 GHz
Channel 03 : 2.422 GHz
Channel 04 : 2.427 GHz
Channel 05 : 2.432 GHz
Channel 06 : 2.437 GHz
Channel 07 : 2.442 GHz
Channel 08 : 2.447 GHz
Channel 09 : 2.452 GHz
Channel 10 : 2.457 GHz
Channel 11 : 2.462 GHz
Channel 12 : 2.467 GHz
Channel 13 : 2.472 GHz
Channel 14 : 2.484 GHz
root@kali:~#
root@kali:~# airmon-ng start wlan0 6
Found 4 processes that could cause trouble.
If airodump-ng, aireplay-ng or airtun-ng stops working after
a short period of time, you may want to kill (some of) them!
-e
PID Name
2751 NetworkManager
2883 wpa_supplicant
2885 dhclient
2887 dhclient
Interface Chipset Driver
wlan0 Realtek RTL8187L rtl8187 - [phy0]
(monitor mode enabled on mon0)
root@kali:~#
root@kali:~# aireplay-ng --test -e NETGEAR mon0
15:37:41 Waiting for beacon frame (ESSID: NETGEAR) on channel 6
Found BSSID "00:24:B2:xx:yy:zz" to given ESSID "NETGEAR".
15:37:41 Trying broadcast probe requests...
15:37:41 Injection is working!
15:37:43 Found 1 AP
15:37:43 Trying directed probe requests...
15:37:43 00:24:B2:xx:yy:zz - channel: 6 - 'NETGEAR'
15:37:44 Ping (min/avg/max): 2.985ms/24.783ms/47.072ms Power: -29.03
15:37:44 30/30: 100%
root@kali:~#
Removed NIC specific values in MAC Address for privacy
Added in another WiFi card
root@kali:~# aireplay-ng --test -e NETGEAR -i mon1 mon0
...SNIP...
17:00:27 Trying card-to-card injection...
17:00:27 Attack -0: OK
17:00:27 Attack -1 (open): OK
17:00:27 Attack -1 (psk): OK
17:00:27 Attack -2/-3/-4/-6: OK
17:00:27 Attack -5/-7: OK
root@kali:~#
Machine: Virtual (VMware)
Make/Model: ALFA Network AWUS036H (500mW)
Chipset: Realtek RTL8187L
Driver: rtl8187
Stack: mac80211
Injection: Yes
Method: Works out of the box. Plug in USB & go!
Reaver: No issues
Other hardware: Linksys WUSB54GC (https://forums.kali.org/showthread.php?3820-Working-Hardware-Linksys-WUSB54GC-v1-(Ralink-2573-USB-rt73usb)) & Edimax EW-7711UAN (https://forums.kali.org/showthread.php?25266-Working-Hardware-Edimax-EW-7711UAN-(Ralink-RT2870-rt2800usb))
root@kali:~# lsusb
Bus 001 Device 002: ID 0bda:8187 Realtek Semiconductor Corp. RTL8187 Wireless Adapter
Bus 002 Device 002: ID 0e0f:0003 VMware, Inc. Virtual Mouse
Bus 002 Device 003: ID 0e0f:0002 VMware, Inc. Virtual USB Hub
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 002 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 002 Device 004: ID 0e0f:0008 VMware, Inc.
root@kali:~# dmesg | grep 8187
[ 1.833207] usb 1-1: New USB device found, idVendor=0bda, idProduct=8187
[ 1.833214] usb 1-1: Product: RTL8187_Wireless_LAN_Adapter
[ 1.833216] usb 1-1: Manufacturer: Manufacturer_Realtek_RTL8187_
[ 4.377289] ieee80211 phy0: hwaddr 00:c0:ca:1e:60:92, RTL8187vB (default) V1 + rtl8225z2, rfkill mask 2
[ 4.404648] rtl8187: Customer ID is 0xFF
[ 4.404730] Registered led device: rtl8187-phy0::radio
[ 4.404753] Registered led device: rtl8187-phy0::tx
[ 4.404773] Registered led device: rtl8187-phy0::rx
[ 4.406489] rtl8187: wireless switch is on
[ 4.406555] usbcore: registered new interface driver rtl8187
root@kali:~#
root@kali:~# ifconfig
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:12 errors:0 dropped:0 overruns:0 frame:0
TX packets:12 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:720 (720.0 B) TX bytes:720 (720.0 B)
wlan0 Link encap:Ethernet HWaddr 00:c0:ca:1e:60:92
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
root@kali:~# iwconfig
wlan0 IEEE 802.11bg ESSID:off/any
Mode:Managed Access Point: Not-Associated Tx-Power=20 dBm
Retry long limit:7 RTS thr:off Fragment thr:off
Encryption key:off
Power Management:off
lo no wireless extensions.
root@kali:~#
root@kali:~# ls -l /sys/class/net/wlan0/device/driver
lrwxrwxrwx 1 root root 0 Apr 29 15:36 /sys/class/net/wlan0/device/driver -> ../../../../../../../bus/usb/drivers/rtl8187
root@kali:~# lsmod | grep -i rtl8187
rtl8187 31077 0
mac80211 287461 1 rtl8187
cfg80211 123887 2 mac80211,rtl8187
eeprom_93cx6 12641 1 rtl8187
usbcore 109555 5 btusb,uhci_hcd,rtl8187,ehci_hcd,usbhid
root@kali:~#
root@kali:~# airmon-ng
Interface Chipset Driver
wlan0 Realtek RTL8187L rtl8187 - [phy0]
root@kali:~# airmon-zc
X[PHY]Interface Driver[Stack]-FirmwareRev Chipset Extended Info
K[phy0]wlan0 rtl8187[mac80211]-unavailable Realtek Semiconductor Corp. RTL8187
root@kali:~#
root@kali:~# iwlist wlan0 frequency
wlan0 14 channels in total; available frequencies :
Channel 01 : 2.412 GHz
Channel 02 : 2.417 GHz
Channel 03 : 2.422 GHz
Channel 04 : 2.427 GHz
Channel 05 : 2.432 GHz
Channel 06 : 2.437 GHz
Channel 07 : 2.442 GHz
Channel 08 : 2.447 GHz
Channel 09 : 2.452 GHz
Channel 10 : 2.457 GHz
Channel 11 : 2.462 GHz
Channel 12 : 2.467 GHz
Channel 13 : 2.472 GHz
Channel 14 : 2.484 GHz
root@kali:~#
root@kali:~# airmon-ng start wlan0 6
Found 4 processes that could cause trouble.
If airodump-ng, aireplay-ng or airtun-ng stops working after
a short period of time, you may want to kill (some of) them!
-e
PID Name
2751 NetworkManager
2883 wpa_supplicant
2885 dhclient
2887 dhclient
Interface Chipset Driver
wlan0 Realtek RTL8187L rtl8187 - [phy0]
(monitor mode enabled on mon0)
root@kali:~#
root@kali:~# aireplay-ng --test -e NETGEAR mon0
15:37:41 Waiting for beacon frame (ESSID: NETGEAR) on channel 6
Found BSSID "00:24:B2:xx:yy:zz" to given ESSID "NETGEAR".
15:37:41 Trying broadcast probe requests...
15:37:41 Injection is working!
15:37:43 Found 1 AP
15:37:43 Trying directed probe requests...
15:37:43 00:24:B2:xx:yy:zz - channel: 6 - 'NETGEAR'
15:37:44 Ping (min/avg/max): 2.985ms/24.783ms/47.072ms Power: -29.03
15:37:44 30/30: 100%
root@kali:~#
Removed NIC specific values in MAC Address for privacy
Added in another WiFi card
root@kali:~# aireplay-ng --test -e NETGEAR -i mon1 mon0
...SNIP...
17:00:27 Trying card-to-card injection...
17:00:27 Attack -0: OK
17:00:27 Attack -1 (open): OK
17:00:27 Attack -1 (psk): OK
17:00:27 Attack -2/-3/-4/-6: OK
17:00:27 Attack -5/-7: OK
root@kali:~#