Tested it by downloading a large file, the cap file size was less than 25% of the downloaded file size.
Captured traffic was my smartphones connection to my router, WPA handshake was captured and wireshark appears to have decrypted everything well.
During the download I also made a few POST requests to non-ssl forums with the intent to pull user/pass, when trying to find "http.request.method==POST" in wireshark it returned a single unrelated result only, so clearly those packets were entirely missed.
Environment: VMWare 10.0.1 build-1379776
Image: Kali official 32bit VM files.
Wireless card: AWUS036NEH
When I plugged it into VMware it did give me a notice about how "was unable to connect to the ideal host controller...", might have something to do with a USB3 slot? Could be the cause?
The following was done to start the capture:
airmon-zc check kill
airmon-zc start wlan0
airodump-ng wlan0mon -c [x] --bssid [y] -w test
ifconfig:
iwconfig:Code:wlan0mon Link encap:UNSPEC HWaddr 00-XX-XX-XX-XX-XX-00-00-00-00-00-00-00-00-00-00 UP BROADCAST NOTRAILERS RUNNING PROMISC ALLMULTI MTU:1500 Metric:1 RX packets:192070 errors:0 dropped:25999 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:43151268 (41.1 MiB) TX bytes:0 (0.0 B)
Code:wlan0mon IEEE 802.11bgn Mode:Monitor Frequency:2.417 GHz Tx-Power=20 dBm Retry short limit:7 RTS thr:off Fragment thr:off Power Management:off
dmesg:
lsusb:Code:[ 426.547528] usb 1-2.1: reset high-speed USB device number 4 using uhci_hcd [ 426.941704] ieee80211 phy0: rt2x00_set_rt: Info - RT chipset 3070, rev 0201 detected [ 427.416267] ieee80211 phy0: rt2x00_set_rf: Info - RF chipset 0005 detected [ 427.453172] ieee80211 phy0: Selected rate control algorithm 'minstrel_ht' [ 427.463696] usbcore: registered new interface driver rt2800usb [ 427.560659] ieee80211 phy0: rt2x00lib_request_firmware: Info - Loading firmware file 'rt2870.bin' [ 427.564664] rt2800usb 1-2.1:1.0: firmware: direct-loading firmware rt2870.bin [ 427.564800] ieee80211 phy0: rt2x00lib_request_firmware: Info - Firmware detected - version: 0.29 [ 431.556258] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 515.383278] device wlan0mon entered promiscuous mode
Code:Bus 001 Device 004: ID 148f:3070 Ralink Technology, Corp. RT2870/RT3070 Wireless Adapter
Code:root@kali:~/Desktop# airmon-zc --verbose Linux kali 3.18.0-kali1-586 #1 Debian 3.18.3-1~kali4 (2015-01-22) i686 GNU/Linux Detected VM using lscpu This appears to be a VMware Virtual Machine If your system supports VT-d, it may be possible to use PCI devices If your system does not support VT-d, you can only use USB wifi cards K indicates driver is from 3.18.0-kali1-586 V indicates driver comes directly from the vendor, almost certainly a bad thing S indicates driver comes from the staging tree, these drivers are meant for reference not actual use, BEWARE ? indicates we do not know where the driver comes from... report this X[PHY]Interface Driver[Stack]-FirmwareRev Chipset Extended Info K[phy0]wlan0mon rt2800usb[mac80211]-0.29 Ralink Technology, Corp. RT2870/RT3070
Code:root@kali:~/Desktop# lsmod Module Size Used by arc4 12487 2 rt2800usb 21861 0 rt2x00usb 17426 1 rt2800usb rt2800lib 76819 1 rt2800usb rt2x00lib 41346 3 rt2x00usb,rt2800lib,rt2800usb mac80211 446799 3 rt2x00lib,rt2x00usb,rt2800lib cfg80211 357999 2 mac80211,rt2x00lib crc_ccitt 12331 1 rt2800lib rfkill 18380 1 cfg80211 nfnetlink_log 17065 0 nfnetlink 12896 1 nfnetlink_log binfmt_misc 12726 1 vmw_vsock_vmci_transport 29401 0 vsock 26240 1 vmw_vsock_vmci_transport fuse 77496 3 vmhgfs 46396 0 loop 26052 0 dm_crypt 22256 0 joydev 16847 0 snd_ens1371 22679 2 snd_rawmidi 22278 1 snd_ens1371 vmwgfx 146807 1 snd_seq_device 12980 1 snd_rawmidi snd_ac97_codec 100246 1 snd_ens1371 snd_pcm 78177 2 snd_ac97_codec,snd_ens1371 ttm 50758 1 vmwgfx snd_timer 22002 1 snd_pcm drm_kms_helper 67474 1 vmwgfx snd 50998 10 snd_ac97_codec,snd_timer,snd_pcm,snd_rawmidi,snd_ens1371,snd_seq_device drm 212910 5 ttm,drm_kms_helper,vmwgfx vmw_balloon 12586 0 coretemp 12686 0 soundcore 12890 1 snd psmouse 98252 0 ac97_bus 12462 1 snd_ac97_codec gameport 13306 1 snd_ens1371 i2c_piix4 16688 0 evdev 17137 5 serio_raw 12737 0 vmw_vmci 50587 1 vmw_vsock_vmci_transport i2c_core 37031 3 drm,i2c_piix4,drm_kms_helper parport_pc 25991 0 parport 35171 1 parport_pc 8250_fintek 12691 0 shpchp 30673 0 processor 23285 0 thermal_sys 32258 1 processor battery 13164 0 ac 12627 0 button 12860 0 ext4 434723 1 crc16 12327 1 ext4 mbcache 12940 1 ext4 jbd2 68810 1 ext4 dm_mod 82864 1 dm_crypt vmw_pvscsi 21263 0 vmxnet3 47689 0 hid_generic 12369 0 usbhid 43794 0 hid 80992 2 hid_generic,usbhid sr_mod 21568 0 cdrom 46828 1 sr_mod sg 29679 0 ata_generic 12450 0 crc32_pclmul 12809 0 crc32c_intel 12659 0 sd_mod 43039 3 aesni_intel 17934 0 aes_i586 16647 1 aesni_intel xts 12583 1 aesni_intel lrw 12645 1 aesni_intel gf128mul 12834 2 lrw,xts ablk_helper 12508 1 aesni_intel cryptd 14160 1 ablk_helper floppy 56252 0 ata_piix 29371 0 libata 157914 2 ata_generic,ata_piix mptspi 21671 2 scsi_transport_spi 23201 1 mptspi mptscsih 22263 1 mptspi mptbase 64155 2 mptspi,mptscsih uhci_hcd 38911 0 ehci_hcd 60719 0 usbcore 171042 5 uhci_hcd,rt2x00usb,rt2800usb,ehci_hcd,usbhid usb_common 12621 1 usbcore pcnet32 39006 0 mii 12595 1 pcnet32 scsi_mod 172633 8 sg,scsi_transport_spi,libata,mptspi,vmw_pvscsi,sd_mod,sr_mod,mptscsih
