Changing/forcing Wireless Card TXPOWER rate higher?

[Leijonasisu]

Hey guys I've read these threads (plus many others):

http://null-byte.wonderhowto.com/how...0-dbm-0149606/
&
https://forums.kali.org/showthread.p...ignal-Strength

But no matter what I can't seem to change the TXPower of either of my Wi-Fi cards...

Some info on my cards:
Internal Wi-Fi: Atheros AR9485WB-EG Wireless Card
USB Wi-Fi: Realtek RTL8191CU Wireless Card

When running iwconfig to check the status of my adapters:
My internal Atheros Wi-Fi adapter displays that it is only running at 16dBm! <-- No idea why it's so low
My external Realtek Wi-Fi adapter displays that it is running at 20dbM.

I have no idea why my internal card is running at such a low TX output. When trying to change the TXPower with:

Code:

ifconfig wlan0 down
iw reg set BO
ifconfig wlan0 up
iwconfig wlan0 channel 13
iwconfig wlan0 txpower 30

The internal Atheros card does not report any errors. However it does not change from 16dBm.
The external Realtek card does not support channels above (11) therefore, it fails on the second last line. If I omit that line and try again. It doesn't show any errors either. However the txpower doesn't change from 20dBm.

So basically neither cards, despite giving no errors (albeit the Realtek card not supporting channels over 11) will allow me to change their TXPower to anything over their defaults.
Is there any way to force the cards to transmit at a higher dBm? I don't care if I fry either of them. They're cheap cards.

More importantly, I want to change the internal Atheros' card to at least 20dBm (30dBm would be preferred) as this is what I am aware, is the norm. The fact that it is only running at 16dBm is really sad.

Does anyone have any information on how to force either cards to output at a higher TXPower? Or any extra commands or anything else I can do to try and locate the source of the issue?

Thanks!

[mmusket33]

Here is how we do it. This also gets rid of the negative one issue with airodump-ng and aireplay-ng. This sets the power to 30dBm when using a rtl8187. You can run this as a script. If you want to have the spoofed macs the same ask here and we will send you the coding.

#!/bin/bash
airmon-ng stop mon0
airmon-ng stop mon1
airmon-ng stop mon2
################ by seen_bawl
ifconfig wlan0 down
iwconfig wlan0 mode monitor
ifconfig wlan0 up
iwconfig wlan0
ifconfig wlan0 down
macchanger -r wlan0
iw reg set BO
ifconfig wlan0 up
iwconfig wlan0 channel 13
iwconfig wlan0 txpower 30
iwconfig wlan0 rate 1M
airmon-ng start wlan0
ifconfig mon0 down
macchanger -r mon0
ifconfig mon0 up

MusketTeams

[pop46]

oooh man i tried to do the same as you but aint get any change

[Nick_the_Greek]

Hi there!
To be able to set the txpower to a higher level you have to know two things
1) Your wireless NIC txpower. (How much can offer)
2) The CRDA (Central Regulatory Domain Agent) country code that you are using.

http://wireless.kernel.org/en/developers/Regulatory
http://wireless.kernel.org/en/develo...egulatory/CRDA

In short CRDA country code expands or limits the available frequencies and/or txpower limits. In some wireless NICs CRDA is "burned" into your WNIC and in some others is set to world regulatory domain (country code "00" double zero).
Here is an example from my wireless NIC:

Code:

iwconfig

wlan0 IEEE 802.11bgn ESSID:"removed"
Mode:Managed Frequency:2.422 GHz Access Point: xx:xx:xx:xx:xx:xx
Bit Rate=135 Mb/s Tx-Power=20 dBm
Retry short limit:7 RTS thr:off Fragment thr:off
Encryption key:off
Power Management:off

Code:

dmesg | grep cfg80211

[ 20.902380] cfg80211: Calling CRDA to update world regulatory domain
[ 21.575739] cfg80211: World regulatory domain updated:
[ 21.575829] cfg80211: DFS Master region: unset
[ 21.575888] cfg80211: (start_freq - end_freq @ bandwidth), (max_antenna_gain, max_eirp)
[ 21.576078] cfg80211: (2402000 KHz - 2472000 KHz @ 40000 KHz), (N/A, 2000 mBm)
[ 21.576182] cfg80211: (2457000 KHz - 2482000 KHz @ 40000 KHz), (N/A, 2000 mBm)
[ 21.576284] cfg80211: (2474000 KHz - 2494000 KHz @ 20000 KHz), (N/A, 2000 mBm)
[ 21.576386] cfg80211: (5170000 KHz - 5250000 KHz @ 80000 KHz), (N/A, 2000 mBm)
[ 21.576489] cfg80211: (5735000 KHz - 5835000 KHz @ 80000 KHz), (N/A, 2000 mBm)
[ 21.576591] cfg80211: (57240000 KHz - 63720000 KHz @ 2160000 KHz), (N/A, 0 mBm)

As you can see CRDA is not set yet and you can see also the available frequencies and the permitted txpower levels.
Now let change CRDA and see what happens:

Code:

iw reg set GR

[ 2979.389189] cfg80211: Calling CRDA for country: GR
[ 2979.410774] cfg80211: Regulatory domain changed to country: GR
[ 2979.410793] cfg80211: DFS Master region: unset
[ 2979.410798] cfg80211: (start_freq - end_freq @ bandwidth), (max_antenna_gain, max_eirp)
[ 2979.410808] cfg80211: (2402000 KHz - 2482000 KHz @ 40000 KHz), (N/A, 2000 mBm)
[ 2979.410816] cfg80211: (5170000 KHz - 5250000 KHz @ 80000 KHz), (N/A, 2000 mBm)
[ 2979.410823] cfg80211: (5250000 KHz - 5330000 KHz @ 80000 KHz), (N/A, 2000 mBm)
[ 2979.410829] cfg80211: (5490000 KHz - 5710000 KHz @ 80000 KHz), (N/A, 2700 mBm)
[ 2979.410837] cfg80211: (57240000 KHz - 65880000 KHz @ 2160000 KHz), (N/A, 4000 mBm)

See the differences?

And finally (in your case): CRDA (Bolivia)

Code:

iw reg set BO

[ 3111.211055] cfg80211: Calling CRDA for country: BO
[ 3111.232497] cfg80211: Regulatory domain changed to country: BO
[ 3111.232512] cfg80211: DFS Master region: unset
[ 3111.232518] cfg80211: (start_freq - end_freq @ bandwidth), (max_antenna_gain, max_eirp)
[ 3111.232526] cfg80211: (2402000 KHz - 2482000 KHz @ 40000 KHz), (N/A, 3000 mBm)
[ 3111.232533] cfg80211: (5735000 KHz - 5835000 KHz @ 80000 KHz), (N/A, 3000 mBm)

As far as I know only Bolivia permits 3000 mBm. Also please have in mind that no matter what CRDA you set to your wireless NIC if you connect (with that crad) to you wireless AP/router and in that AP/router is set a country code the your wireless NIC's CRDA will change to yours AP/router country code. They must match.

Sorry for my English. I hope you can understand what I m trying to say here.
PS to get your current CRDA country code you can use:

Code:

 iw reg get

[Nick_the_Greek]

If you are an owner of a Alfa AWUS036NH Wi-Fi adapter (2000 mWs) you can follow this guide. It's more advanced:

How to set your Wi-Fi Card txpower more that 30dbm (1000 mW)
http://null-byte.wonderhowto.com/how...0-dbm-0149606/

Following this guide or the previous ones you must hove in mind two thing:

1) You most probably violating your country's restrictions.
2) If you're planning to setting up a SoftAP, eviltwin etc and you are setting txpower to high level then, as the Transmit power increased, so will the radio noise. In some situations it's wiser to lower the txpower rather to increase it. Lowering the txpower will result an improvement in the quality of the wireless connections and proper network speeds.

[Nick_the_Greek]

I've just made a small how-to about the above:
How to Set Your Wi-FI Card Tx Power Higher Than 30dbm