Address
304 North Cardinal St.
Dorchester Center, MA 02124

Work Hours
Monday to Friday: 7AM - 7PM
Weekend: 10AM - 5PM

New Alfa AWUS036NHA, Configuring for Kali, and Scanning

I recently picked up a new Alfa AWUS036NHA to play with for wireless testing, scanning, and general signal boosting.

Alfa AWUS036NHA – Hardware

To start, the Alfa AWUS036NHA I ordered came with a 9dBi antenna, which was awesome.

Alfa AWUS036NHA - Box

9dBi Antenna

Opened the box

Once I got the device out of the box, I hooked it up to my workstation.

Alfa AWUS036NHA - Connected

Configuration

After I connected the card, VirtualBox detected it for USB pass-thru.

VirtualBox USB Passthru

First, I wanted to set up a device filter so that it would automatically be connected to my VM.

Configuring device filter

That said, I ran into some issues with the default filter, so I had to create a blank filter with the proper values.

Alfa AWUS036NHA - Blank filter

Once I created a new blank filter, I just added the appropriate Vendor ID and Product ID and saved it.

Alfa New filter

After I had the device filter setup, I detached the device from my workstation and logged into Kali. As you can see, there are no wireless devices connected to my VM yet.

No wireless devices connected

I then connected my device to my workstation, VirtualBox detected it, and then automatically passed on to the VM.

Alfa AWUS036NHA - VM detection

To verify the connection, I again ran iwconfig and had a wlan0 device this time.

Alfa AWUS036NHA - iwconfig

Scanning

With everything properly connected and configured, it was time to set up monitor mode. To do this, I started airmon-ng on the wlan0 device.

root@kali:~# airmon-ng start wlan0

Found 3 processes that could cause trouble.
If airodump-ng, aireplay-ng or airtun-ng stops working after
a short period of time, you may want to run 'airmon-ng check kill'

  PID Name
  407 NetworkManager
  629 dhclient
 1025 wpa_supplicant

PHY    Interface    Driver        Chipset

phy0    wlan0        ath9k_htc    Atheros Communications, Inc. AR9271 802.11n

        (mac80211 monitor mode vif enabled for [phy0]wlan0 on [phy0]wlan0mon)
        (mac80211 station mode vif disabled for [phy0]wlan0)

I verified the monitor mode device by running ifconfig and viewing the output.

Alfa AWUS036NHA - Monitor mode

Once I put the device properly in monitor mode, then I ran airodump!

root@kali:~# airodump-ng wlan0mon

After letting this run for a while, I had a fair amount of SSIDs and beacons detected! Unfortunately, nothing in my immediate vicinity was running WEP.

Alfa AWUS036NHA - Airodump

Finally, I ran Wash to find out if there were any weak WPS devices that I could use to test out my new card.

root@kali:~# wash -i wlan0mon

Wash v1.5.2 WiFi Protected Setup Scan Tool
Copyright (c) 2011, Tactical Network Solutions, Craig Heffner 
mod by t6_x  & DataHead & Soxrok2212

BSSID                  Channel       RSSI       WPS Version       WPS Locked        ESSID
---------------------------------------------------------------------------------------------------------------
EC:xx:xx:xx:xx:xx       1            00        1.0               Yes               DI...
2C:xx:xx:xx:xx:xx       3            00        1.0               No                NET...
F8:xx:xx:xx:xx:xx       5            00        1.0               No                ATT...
C8:xx:xx:xx:xx:xx       6            00        1.0               No                Hall...
FC:xx:xx:xx:xx:xx       1            00        1.0               No                Cas...
B0:xx:xx:xx:xx:xx       1            00        1.0               No                NET...
38:xx:xx:xx:xx:xx       5            00        1.0               No                ATT...
20:xx:xx:xx:xx:xx       9            00        1.0               No                Blue...
C0:xx:xx:xx:xx:xx       0            00        1.0               No                Link...
DC:xx:xx:xx:xx:xx      11            00        1.0               No                ATT...
44:xx:xx:xx:xx:xx      11            00        1.0               No                wil...
94:xx:xx:xx:xx:xx      11            00        1.0               No                SHOP...
70:xx:xx:xx:xx:xx      11            00        1.0               No                TC8...
34:xx:xx:xx:xx:xx       6            00        1.0               No                WIFI...
F8:xx:xx:xx:xx:xx       9            00        1.0               No                ATT...
48:xx:xx:xx:xx:xx       6            00        1.0               No                WIFI...

Unfortunately, no low hanging fruit there either.

All in all, an easy to set up and use device that I’m looking forward to playing with for some wireless testing.

30 Comments

  1. Hi,
    I followed the steps you mentioned but not able to get the Alpha adapter detected and work in Kali Linux.

    The Kali is in Virtualbox (latest), hosted on Windows 10.

    Below is the output..
    root@kali:~# ifconfig
    eth0: flags=4163 mtu 1500
    inet 10.0.2.15 netmask 255.255.255.0 broadcast 10.0.2.255
    inet6 fe80::a00:27ff:fea1:b6e6 prefixlen 64 scopeid 0x20
    ether 08:00:27:a1:b6:e6 txqueuelen 1000 (Ethernet)
    RX packets 6 bytes 1129 (1.1 KiB)
    RX errors 0 dropped 0 overruns 0 frame 0
    TX packets 34 bytes 2662 (2.5 KiB)
    TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

    lo: flags=73 mtu 65536
    inet 127.0.0.1 netmask 255.0.0.0
    inet6 ::1 prefixlen 128 scopeid 0x10
    loop txqueuelen 1 (Local Loopback)
    RX packets 20 bytes 1116 (1.0 KiB)
    RX errors 0 dropped 0 overruns 0 frame 0
    TX packets 20 bytes 1116 (1.0 KiB)
    TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

    root@kali:~#
    root@kali:~# iwconfig
    eth0 no wireless extensions.

    lo no wireless extensions.

    root@kali:~#
    root@kali:~# lsusb
    Bus 001 Device 003: ID 80ee:0021 VirtualBox USB Tablet
    Bus 001 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
    root@kali:~#
    root@kali:~# lsmod
    Module Size Used by
    nls_utf8 16384 1
    isofs 40960 1
    udf 90112 0
    crc_itu_t 16384 1 udf
    fuse 98304 3
    nfnetlink_queue 24576 0
    nfnetlink_log 20480 0
    nfnetlink 16384 2 nfnetlink_log,nfnetlink_queue
    bluetooth 552960 0
    rfkill 24576 3 bluetooth
    vboxsf 49152 1
    ppdev 20480 0
    joydev 20480 0
    snd_intel8x0 40960 4
    snd_ac97_codec 126976 1 snd_intel8x0
    vboxvideo 53248 3
    ac97_bus 16384 1 snd_ac97_codec
    snd_pcm 110592 2 snd_ac97_codec,snd_intel8x0
    snd_timer 32768 1 snd_pcm
    ttm 98304 1 vboxvideo
    drm_kms_helper 155648 1 vboxvideo
    drm 360448 6 vboxvideo,ttm,drm_kms_helper
    parport_pc 28672 0
    sg 32768 0
    intel_rapl_perf 16384 0
    snd 86016 12 snd_ac97_codec,snd_timer,snd_intel8x0,snd_pcm
    evdev 24576 16
    serio_raw 16384 0
    pcspkr 16384 0
    vboxguest 282624 8 vboxsf,vboxvideo
    parport 49152 2 parport_pc,ppdev
    soundcore 16384 1 snd
    button 16384 0
    battery 20480 0
    video 40960 0
    ac 16384 0
    acpi_cpufreq 20480 0
    binfmt_misc 20480 1
    ip_tables 24576 0
    x_tables 36864 1 ip_tables
    autofs4 40960 2
    ext4 585728 1
    crc16 16384 2 bluetooth,ext4
    jbd2 106496 1 ext4
    crc32c_generic 16384 0
    fscrypto 28672 1 ext4
    ecb 16384 0
    mbcache 16384 2 ext4
    hid_generic 16384 0
    usbhid 53248 0
    hid 122880 2 hid_generic,usbhid
    sr_mod 24576 1
    cdrom 61440 1 sr_mod
    sd_mod 45056 3
    ata_generic 16384 0
    crct10dif_pclmul 16384 0
    crc32_pclmul 16384 0
    crc32c_intel 24576 2
    ghash_clmulni_intel 16384 0
    ata_piix 36864 1
    ahci 36864 2
    libahci 32768 1 ahci
    ohci_pci 16384 0
    ehci_pci 16384 0
    ohci_hcd 53248 1 ohci_pci
    ehci_hcd 81920 1 ehci_pci
    aesni_intel 167936 0
    psmouse 135168 0
    libata 249856 4 ahci,ata_piix,libahci,ata_generic
    scsi_mod 225280 4 sd_mod,libata,sr_mod,sg
    aes_x86_64 20480 1 aesni_intel
    lrw 16384 1 aesni_intel
    gf128mul 16384 1 lrw
    glue_helper 16384 1 aesni_intel
    ablk_helper 16384 1 aesni_intel
    cryptd 24576 3 ablk_helper,ghash_clmulni_intel,aesni_intel
    e1000 143360 0
    i2c_piix4 24576 0
    usbcore 249856 5 usbhid,ehci_hcd,ohci_pci,ohci_hcd,ehci_pci
    usb_common 16384 1 usbcore

    I installed, removed and reinstalled the drivers but still no success.
    Surprisingly, it was working last week and when i set it up that time, it was nothing extra i needed to do. It came up by itself.

    Please help out troubleshoot the issue.

  2. Kali detects the adapter and seems to enable monitor mode but when I run ifconfig I get the following:
    wlan0mon Link encap:Ethernet HWaddr 00:c0:ca:92:31:d8
    UP BROADCAST MULTICAST MTU:1500 Metric:1
    RX packets:0 errors:0 dropped:0 overruns:0 frame:0
    TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:1000
    RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)

    root@kali:~# airodump-ng wlan0mon
    ioctl(SIOCSIWMODE) failed: Device or resource busy

    ARP linktype is set to 1 (Ethernet) – expected ARPHRD_IEEE80211,
    ARPHRD_IEEE80211_FULL or ARPHRD_IEEE80211_PRISM instead. Make
    sure RFMON is enabled: run ‘airmon-ng start wlan0mon ‘
    Sysfs injection support was not found either.

    • Hmm, it seems like it is not actually properly entering monitor mode.

      First, try this:

      ifconfig wlan0 down
      iwconfig wlan0 mode monitor
      ifconfig wlan0 up
      iwconfig wlan0
      

      If it shows Mode: Monitor, then you should be good to go!

  3. Great work, the pass-through worked flawlessly and I was up and running very quickly. The MAC funny enough would not recognize the device, the latest upgrade seemed to break may USB, Serial device as well as my fusion. Virtual-box is a great tool. Love that your lady puts stuff up to, great blog!

    • Great, I’m glad that you got it working quickly. That is definitely one of my favorite things about a lot of the Alfa cards. Definitely, and thanks for the comment!

      • Hi Doyler,

        I’m new to penetration testing and have recently been taking online course, however I installed Kali Linux on windows 10 recently which all went fine. The issue i have is when I try using the the alpha AWUS036NHA wireless adapter . I works fine on the host machine however it isn’t passing through to kali linux. A lot of the times the adapter just cuts off when I start Kali and when I boot up Kali and then connect the adapter it dosent switch on as it should. I’ve tried your steps above however with no success. Also I’ve noticed that the usb icon at the bottom right of the screen is showing no activity i.e red or green blinking dots and it states ‘No USB Devices Attached’. I’ve tried the method above several times on different ports also with no success. I’ve ran the following commands on the Kali terminal

        root@kali:~# ifconfig
        eth0: flags=4163 mtu 1500
        inet 10.0.2.4 netmask 255.255.255.0 broadcast 10.0.2.255
        inet6 fe80::a00:27ff:fe81:b1df prefixlen 64 scopeid 0x20
        ether 08:00:27:81:b1:df txqueuelen 1000 (Ethernet)
        RX packets 24 bytes 3721 (3.6 KiB)
        RX errors 0 dropped 0 overruns 0 frame 0
        TX packets 42 bytes 3860 (3.7 KiB)
        TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

        lo: flags=73 mtu 65536
        inet 127.0.0.1 netmask 255.0.0.0
        inet6 ::1 prefixlen 128 scopeid 0x10
        loop txqueuelen 1000 (Local Loopback)
        RX packets 20 bytes 1116 (1.0 KiB)
        RX errors 0 dropped 0 overruns 0 frame 0
        TX packets 20 bytes 1116 (1.0 KiB)
        TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

        and

        root@kali:~# iwconfig
        eth0 no wireless extensions.

        lo no wireless extensions.

        and

        root@kali:~# lsusb
        Bus 001 Device 002: ID 80ee:0021 VirtualBox USB Tablet
        Bus 001 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub

        and

        root@kali:~# dmesg|tail
        [ 19.454999] ppdev: user-space parallel port driver
        [ 20.110861] snd_intel8x0 0000:00:05.0: white list rate for 1028:0177 is 48000
        [ 21.771797] Adding 2095100k swap on /dev/sda5. Priority:-1 extents:1 across:2095100k FS
        [ 21.840794] floppy0: no floppy controllers found
        [ 21.840906] work still pending
        [ 31.721980] IPv6: ADDRCONF(NETDEV_UP): eth0: link is not ready
        [ 31.727857] IPv6: ADDRCONF(NETDEV_UP): eth0: link is not ready
        [ 31.732518] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
        [ 31.733166] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready
        [ 182.628429] fuse init (API version 7.26)

        I also ran

        root@kali:~# airmon-ng start wlan0
        ls: cannot access ‘/sys/class/ieee80211/’: No such file or directory

        Found 2 processes that could cause trouble.
        If airodump-ng, aireplay-ng or airtun-ng stops working after
        a short period of time, you may want to run ‘airmon-ng check kill’

        PID Name
        473 NetworkManager
        503 dhclient

        PHY Interface Driver Chipset

        When I go into settings on the Vbox it does pick up the Atheros chipset from the Alpha adapter and I’m able to select it. However when I boot up Kali and go and select Atheros from the USB devices menu I get a ‘Failed to attach usb device to the virtual machine’ message stating that the usb device is busy with a previous request.

        I’ve tried various fixes on forum and youtube when I discovered this blog.

        Any help would be appriciated.

        Regards

        James

        • Hi James,

          It looks like you aren’t passing the USB device to Kali at all.

          First, are you attempting to pass the device to Kali automatically or manually each time?

          I’ve had the same issue with the busy devices, but usually disconnecting and reconnecting will fix that.

          First, try to connect the device manually.

          1. Plus the wireless card into your machine
          2. Go to Devices -> USB
          3. Select your USB adapter (the Atheros option)
          4. See if it shows up in Kali at all

          If that works, let me know, and we can try the automatic connections!

          • Doyler,

            I just came across your site and this post was very clear and straight-forward, which is sometimes difficult to find when it comes researching security and pentesting topics. I got a kick out of your post about Akamai blacklisting you as well!

            I’m running into the same issue that James posted on November 15th. When I disconnect and reconnect the device manually then go to Devices>USB>Atheros, just as you suggested to James, I still receive the “failed to attach the USB device” warning.

            Is it possible that one or more options in the Network Settings for my Kali machine need to be tweaked? For example, “Attached to” under Network Settings>Adapter 1 is currently set to NAT Network with Promiscuous Mode set to allow VMs and the Enable Network Adapter box is checked. The same boxes for Adapters 2-4 are not checked. Additionally, I have my USB Settings set to USB 1.1 just as you have done in your post and have tried it on 2.0 and 3.0 with no luck so far.

            Any assistance/insight you can provide would be much appreciated!

            Thanks,
            Alex

          • Awesome, and I’m really glad to hear that it was clear and straight-forward! My goals with these posts is that other people can easily learn from them, and that I can use them as a reference in the future.

            Yea, the blacklisting has been rough, and has happened 2 or 3 more times since that post :P.

            It should not be a network setting issue, since you are attempting to manually pass a USB device to the VM.

            Do you get the same failure message on USB 2.0 as well? Additionally, have you gotten any errors when you attempt to just use the device in Windows?

          • Sorry for the delay. Yes, I receive the error on USB 2.0 and I can use the device through Windows without a problem. I also tested the device on VMWare Workstation Player and got it working right off the bat.

          • Hmm, I haven’t seen the issue only in Fusion. Does it happen every time you attempt to connect the device, or only on the 2nd etc. times?

            I’m glad it works in VMWare though, slightly annoying that it isn’t in VirtualBox though.

          • I’m not sure I understand your question. I can get it working on Windows and VMWare on the first try every time. It’s never worked on VirtualBox.

            Agreed, I like VirtualBox a lot more as it’s a little more user friendly in my opinion.

          • Haha I actually find VMWare to be a LOT more user friendly, but the price for VirtualBox is a lot nicer.

            So I will run into the problem only if I connect, don’t wait, and then attempt to reconnect my device to my VBox VM. I was asking if you go the same issues even after a reboot and attempt to connect it to your VM.

  4. Hi Doyler.
    I have the latest ISO image of Kali Linux installed on a USB persistent penddrive
    I am contemplating buying AWUS036NHA external card.
    I have TP-Link-TL-WN722N as my external adapter card.
    It works fine, but I’m looking for a backup external card + hoping WUS036NHA can give longer range of clients.

    Two (Q’s)
    When I boot-up , TL-WN722N automatically (enable) turns on (green) using wlan1.
    Would WUS036NHA card be recognized in Kali Linux using a USB pendirve instead of VM? It doesn’t have to light up at boot time, just be ready (green)I when I start Network Manager.

    Do you know if AWUS036NHA with 9dpi antenna will give a longer range of clients than TP-Link-TL-WN722N?

    Thanks.
    TC.

    • Hi TC,

      First, sorry for your comment not showing up initially. I manually approve/reject posts to prevent spam even further, which is why this is just now showing up.

      I have the TL-WN722N myself, and I’m not a huge fan. Especially considering that any beyond v1 don’t support monitor mode/injection.

      1) It should be recognized just fine using a pen-drive, and you should have even less issues than passing it through a VM
      2) I’ve definitely found the AWUS036NHA to have a longer range, especially with that antenna.

  5. Hi, doyler!
    I’m thinking of buying the same wifi card. Yet, I wonder if you could make me the biggest favour in the world and check for me if it will actually work in 802.11n.
    Could you run the command iwlist freq and paste me the result, please?
    Thanks in advance!

    • I can guarantee you that it does! That said, here you go:

      root@kali:~# iwconfig
      wlan0     IEEE 802.11bgn  ESSID:off/any  
                Mode:Managed  Access Point: Not-Associated   Tx-Power=20 dBm   
                Retry  long limit:7   RTS thr:off   Fragment thr:off
                Encryption key:off
                Power Management:off
                
      lo        no wireless extensions.
      
      eth0      no wireless extensions.
      
      root@kali:~# iwlist freq
      wlan0     11 channels in total; available frequencies :
                Channel 01 : 2.412 GHz
                Channel 02 : 2.417 GHz
                Channel 03 : 2.422 GHz
                Channel 04 : 2.427 GHz
                Channel 05 : 2.432 GHz
                Channel 06 : 2.437 GHz
                Channel 07 : 2.442 GHz
                Channel 08 : 2.447 GHz
                Channel 09 : 2.452 GHz
                Channel 10 : 2.457 GHz
                Channel 11 : 2.462 GHz
      lo        no frequency information.
      
      eth0      no frequency information.
      
  6. Hello Doyler, it is my first experience with deauth attacks and I’m using Alfa awus036nha.
    But I can’t make it work. It gives me “code 7” and no ACKs. But the injection test works.
    The output is:
    13:15:55 Waiting for beacon frame (BSSID: 4c::::) on channel 1
    13:15:55 Sending 64 directed DeAuth (code 7) . STMAC: [24::::] [0|39 ACKs]
    13:15:56 Sending 64 directed DeAuth (code 7) . STMAC: [24::::] [0|60 ACKs]
    13:15:57 Sending 64 directed DeAuth (code 7) . STMAC: [24::::] [0|64 ACKs]

    Please help me

  7. Yes I will! I’ve been chatting with the CackalackyCon staff. Regarding the CTS settings, it may have been sheer coincidence. I just ran my range for three days straight with 32 people crushing it at the same time. I’m not up to par with DEFCONs wireless village CTF yet, but I’ll get there. Incorporating BLE and SDR stuff is something I definitely want to add. Time & money….

  8. Hi,
    I have a problem that I don’t know how to fix.
    I have wireless adapter AWUS036NEH and I using kali linux machine. But when I tried to connect to wifi with it I failed. It tells me “activation of network connection failed.” Can you help me fix it?
    Hope to hear from you.
    Thank you!

    • Have you tried restarting your network manager yet?

      service network-manager restart
      nmcli networking start
      

      Additionally, what happens if you bring the interface down and then up again?

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.