Can't record handshake with Alfa AWUS051NH v2

[silent-circuit]

I'm running Kali off a usb stick, not that I imagine that matters for this purpose.

I recently bought an Alfa AWUS051NH v2 to play around with WPA2/WPS penetration testing, only on my own network. The router I'm attacking is in the room with me about 5 feet from the adapter, and I'm using my phone as the client to be kicked for recording the handshake -- it's also only a few feet from the adapter and router, so signal strength is excellent (~86db reported in the scan list in wifite). WPS isn't enabled so I manually skip WPS related attacks in wifite. The adapter goes in to monitor mode without issue, so far as I can tell. The router is an old Linksys WRT54G running OpenWRT I set up specifically to play around with this.

Deauth seems to work -- I see the phone drop connection and reconnect after the script reports deauth sent -- but it never seems to get a handshake. It'll just sit there, going through the deauth / listen cycle until the timer runs down and it reports failure.

I realize this particular adapter isn't like the "darling" of the pen testing community, that others are preferred, but I wanted something that could handle 5Ghz since I'll be using it with my laptop to actually connect to things, not just play around with pen testing, so the older Alfas weren't an option. Of the 5Ghz capable adapters most people seemed to agree this was the best.

I'm going to do my own research here, of course, but since I'm on a cell connection with very little data available to me I thought it best to ask here first and hopefully save a lot of researching. Is it a simple fix? Did I get a defective adapter? It seems to connect to networks fine in normal mode, throughput is solid, etc.

Any help greatly appreciated. I just started with this stuff, looked it up on a whim a few days ago and ended up staying up until 5 am just reading and learning. I know the general process with wash/reaver/etc not just running the wifite script, I'm just using wifite for ease, since as I understand it it's calling all the same commands anyway.

[Tritium]

Try running Airodump-ng in the background monitoring only the channel your router is using while Wifite send it's deauth packets. I think it's -c <channel>.
Wifite never captures handshakes with my awus51NH v2 or my TP-Link WN-772N. It also never works for WPS attacks.
Run it the old fashion way, airodump and deauth with aireplay. Probably will work.

You could try installing a forked version of wifite, but that one doesn't work for me either. https://forums.kali.org/showthread.p...x-to-nethunter

Wifite has been useless for me, never works, other than making an AP list with pretty colored text.

[silent-circuit]

Thanks for the heads-up; I'll try it the old fashioned way in a bit and get back to you.

Would you say it's a good adapter and wifite is the real problem here, or should I return this thing and look in to getting something else?

Hmm.

When I run wash (wash -i wlan0mon) it just returns tons of "[!] Found packet with bad FCS, skipping...."

Reaver isn't working either, please see the post that follows once mods approve it.

[silent-circuit]

...yeah, Reaver won't do anything either. I enabled WPS on another router in the room, I get like -45 reported signal strength from it when running airodump-ng -i wlan0mon, but when I run Reaver with "reaver -i wlan0mon -vv -S -b xx:xx:xx:xx:xx:xx -c x -w" which as I understand should attempt a Pixie Dust attack, it says "switching wlan0mon to channel x" then "waiting for beacon from xx:xx:xx:xx:xx:xx" and after some delay just keep repeating "WARNING: Failed to associate with xx:xx:xx:xx:xx:xx (ESSID: name)". Replace x's and "name" with proper input and output of course.

[Enzo40Dog]

I have the same problem. I can't seem to even find any "clients" with is but with my Alfa AWUS036NH I can. I can't seem to figure out why this is.

[finsfree]

I'm having the same issue with this adapter as well. I have posted this issue on a couple of different forums, but nobody seems to know why it's not recording a handshake.

This is the only adapter that I know of the supports 5GHz wifi signal that works with Kali Linux.

Anybody?

[mmusket33]

To: Silentcircut

Is your usb stick install of kali running a persistent feature or is it a simple live install?

Even though no handshake was seen try running the .cap file with aircrack-ng and wpaclean and see if a handshake exists.

MTeams saw this a few weeks ago while testing a Pwnstar beta with a AWUSO36H and are trying to remember what we did to correct it.

You might post in aircrack-ng forums. The adminitrator there seems to take an active interest in this type of a problem.

MTeams

[cjanraf]

Hi, May be this can help
"NOTE: 90% of wireless issues reported to us are due to people not reading the aircrack-ng documentation. You need to run airmon-ng check kill before putting your card in monitor mode."

Source:http://docs.kali.org/installation/tr...-driver-issues

[firstnamegreat]

after you run that wash command add the parameters --ignore-fcs That worked for me

[hantrongtai1]

Alfa AWUS051NH, works, injection works

Are you using a dual USB cable with this, to supply extra power? The adapter is listed on Amazon as being 2000mw. I didn't think you could get that much juice from USB ports.

[John_Doe]

1: I've never succeeded in capturing a handshake with wifite OR Fern or any of those noob scripts. Don't know why doing all the steps manually in the terminal is so much better but...
2: I don't own a AWUS051NH v2 but I gather you have the RT3572 chipset, is that so? If not, Ebay may have shipped you a fake.
3: I do pixie-dust thus:
reaver -i wlan0mon -b xx:xx:xx:xx:xx:xx -c 11 -vvv -K 1 -f
See if you can try that on a few networks and report back.
ps @ firstname great: --ignore-fcs is a good suggestion, thanks for reminding me of that!

[vecdid]

Trying playing around with this while monitoring:

https://www.aircrack-ng.org/doku.php?id=aireplay-ng

I have seen some clients I have tested with not commit a handshake after sending a deauth, Then I try another client and it works, do you have any other wireless devices you can try as this may be client related and not necessarily your card.

Let me know if that helps.

Vec

[WyzeGye]

1: I've never succeeded in capturing a handshake with wifite

When you run wifite try adding -pyrit may be --pyrit. Somethings funky in the way wifite checks for valid handshakes by default.

[ivom74]

I have also a problem capturing handshakes with AWUS051NH V2 on a raspberry pi 3 with kali.
I get it in the monitor mode but no handshake. Also Aircrack-ng says there is no handshake in de cap file.

any tips? Processes i already killed before entering monitor mode?
Anyone else got it to work on above configuration?

Code:

root@kali:~# lsusb
Bus 001 Device 004: ID 148f:3572 Ralink Technology, Corp. RT3572 Wireless Adapter
Bus 001 Device 003: ID 0424:ec00 Standard Microsystems Corp. SMSC9512/9514 Fast Ethernet Adapter
Bus 001 Device 002: ID 0424:9514 Standard Microsystems Corp. SMC9514 Hub
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
root@kali:~# iwconfig
wlan0mon  IEEE 802.11abgn  Mode:Monitor  Frequency:2.457 GHz  Tx-Power=20 dBm   
          Retry short limit:7   RTS thr:off   Fragment thr:off
          Power Management:off
          
lo        no wireless extensions.

eth0      no wireless extensions.

wlan1     IEEE 802.11bgn  ESSID:off/any  
          Mode:Managed  Access Point: Not-Associated   
          Retry short limit:7   RTS thr:off   Fragment thr:off
          Encryption key:off
          Power Management:on