Pages

2008-09-07

Backtrack3 + Karmetasploit + Alfa AWUS036H - What am I doing wrong?!

All the gnarly details are in the HiR Google Group (feel free to subscribe and respond there if you like, I've added a subscribe form at the bottom of this post...)

The short version, though, is that after modifying "evilap.sh" (which comes with the karma-msf-scripts on BackTrack3) for the Alfa's RTL8187 chipset, the script seems to run fine, but things just aren't adding up. Namely, once karmetasploit is all up and running and seemingly happy, the network (Named "FreeFI") shows up in "devices" on the wireless network list on OS X as shown in the above image. Similarly, I can't get Linux to actually associate to the network, either. Tcpdump doesn't log any packets. I'm wondering if airmon-ng is really able to work on this adapter, or what else the problem could be. Reply in the comments, or in the forum post if you wish. Any help would be appreciated.

This has been driving me nuts for a few weeks while I search forums and mailing lists all for naught. As much as I'd rather use HiR as a place to SPREAD information, it seems like as appropriate place as any to solicit it as well.


Google Groups

Subscribe to HiR Information Report

Email:


Visit this group

6 comments:

  1. AnonymousWed Sep 24, 11:09:00 AM CDT

    Hey, did you ever have any luck in regards to setting up the alfa as ap in master mode? I am having the exact same problem and haven't been able to find any information.

    ReplyDelete
  2. Ax0nWed Sep 24, 11:32:00 AM CDT

    Master mode gets up and running (I believe after using airmon-ng first) but the access point doesn't actually work. Even though it shows up in the network list, I can't associate to it.

    ReplyDelete
  3. AnonymousWed Sep 24, 12:38:00 PM CDT

    Ya my 2nd card can see it in airodump-ng, but the beacons just stay at 0. I posted on another forum and got a responce saying that the rtl8187 driver may not support master mode, that only the older 8180 driver supports master mode, and even then it very rough and not 100% working. I'll let you know if I find out anything else.
    Why do you use airmon-ng first though to put it into monitor mode, than put it in master? I'm hoping I'm wrong and the rtl8187 drivers support master mode because thats kind of the reason I bought the card lol...

    ReplyDelete
  4. Ax0nWed Sep 24, 01:19:00 PM CDT

    The way I understand it, Airmon-ng tweaks the driver somehow. I was using evilap.sh (found in the karma scripts on BackTrack 3) as the template for my Alfa/RTL8187 karmetasploit script. I never did get it working, and have basically abandoned the Alfa for Karmetasploit duty. I figure soon enough I'll just embrace my noobness, pick up a couple of Fonera routers and play with Jasager.

    ReplyDelete
  5. AnonymousFri Sep 26, 01:12:00 PM CDT

    hey man, just for the record i found out that the trl8187 drivers dont support ap mode. however using a program like airbase-ng works with it because the interface is in monitor mode, and creates a 2nd at0 interface, with which an iptables rule, accepts connections.

    ReplyDelete
  6. Ax0nFri Sep 26, 01:29:00 PM CDT

    That's a good start... did you find a way to get Karmetasploit to work as advertised with airbase-ng? That would require something to re-broadcast probes as beacons and would also require airbase-ng to respond to packets destined for any SSID. If you got it to work, I'd gladly work with you to create a guest article for HiR.

    ReplyDelete