6

What are the limitations we have when we are performing aircrack-ng pen testing using laptop's built-in WiFi adapter? Many pen testers are using USB WiFi dongles for this purpose and I wonder why.

  • What are the best available WiFi USB adapters for this purpose? I have purchased the TP LINK-WN722 adapter but it didn't get installed properly in Windows 10.
  • I am using Kali inside my Win 10 box as a VM. Can I use my WiFi USB adapter as a WiFi interface in my Kali VM ?
donjuedo
  • 659
  • 1
  • 5
  • 8
user3496510
  • 1,257
  • 2
  • 12
  • 26
  • One possible reason is that if you are running Kali in a Virtual Box - it can't see the host's wifi adapter by design. https://www.quora.com/Why-cant-Kali-Linux-running-on-a-virtual-box-detect-the-wireless-adapter-card-and-instead-uses-an-ethernet-connection – iainpb Jan 12 '17 at 08:59

3 Answers3

7

The main reason is because you need the adapter to support monitoring mode.

This mode allows the adapter to not only sniff all packets coming from the AP to the clients but also from sniff the data from the clients to the AP.

Can I use my WiFi USB adapter as a WiFi interface in my Kali VM ?

You can use it to get WiFi access but it will not work with aircrack-ng.

Notice: There are some computers that have the monitoring option built in the default adapter.

You can read more about it in this answer.

Community
  • 1
Bubble Hacker
  • 3,615
  • 1
  • 11
  • 20
5

Some of the reasons that would explain the limitations of using your built-in wifi adapter instead of a USB dongle on a pentesting focused vm:

  • Monitor Mode support, or other features like this card that supports packet injection. It's easier to chose hardware if you have a wireless card that can be removed without having to teardown your computer/notebook.
  • Allow the dongle to be accessed using usb-passthrough. Since a Virtual Machine is doomed to use the hypervisor infrastructure to create network cards, depending on how this is managed, could break monitor mode and other capabilities related to pentesting. This way, it will work like a card being plugged directly to the vm. This video is a good example on how to passthrough a USB card to a Kali Linux guest inside VirtualBox.
  • Because those USB dongles have better plug-and-play support on Linux. You dont have to install drivers on Windows, since you will present this dongle using usb-passthrough. Here, you have a document that displays what are the best and more capable(with more features) USB devices for wireless monitoring. It's not only about the manufacturer, but the chip that matters most.
  • Option to add external antenas through the dongle RP-TNC/SMA connector that are directional like the classic Cantenna or omni if you dont know where your target(s) is/are physically placed.
  • PCI Passthrough, even not being a new topic, is still a pain to configure to be worth it(and it is a requirement to enable all pentesting related capabilities of the card - item2). It's main focus is for graphic cards, and this kind of virtualization feature requires you to have IOMMU supported by your processor.
  • 1
    You can add "option to use external antenna" which is often found on dongles. – Agent_L Jan 12 '17 at 13:32
  • Forgot that even after linking the ALFA antenna that have this capability. Good one... –  Jan 12 '17 at 17:52
  • Thanks for your answer @nwildner. I hope I can hook up my USB adaptor along with my Kali VM without installing the drivers in Win10 host. – user3496510 Jan 12 '17 at 21:21
  • If you use usb-passthrough, is totally up to the guest OS to have the drivers needed ;) Good luck on your wifi pentest studies –  Jan 12 '17 at 22:05
1

Others have made their points about USB passthrough for VMs but even if I were running Kali on bare metal —which does have its own merits— I would still use an external USB wifi adapter.

My main reason is signal degradation. There are some strong arguments against built-in adaptors.

  • A laptop or desktop is a noisy environment to sit an antenna next to or inside.
  • Built-in aerials are almost always omnidirectional. A [good] USB adaptor will give you a the choice of antennae. You can pick one that suits your situation.
  • Even if you hacked-in an antenna extension from your built-in card to an external antenna, the extension lead between the two would see a very high signal loss as there's no active boosting. As analogue transmission, it's subject to interference too.

So the main benefit for me is you can plonk a USB dongle directly on the antenna itself and just run a shielded USB lead back to the computer. The USB signal is digital so there's no quality issue there. It's either received or not. This brings a 3m limit with it (and there are workarounds for that) but this is usually enough to get you to an electrically "isolated" vantage point, independent of your computer.

The following is something I own but the picture is not mine.

enter image description here

The adaptor is that little white brick in the background. It just has some heat-shrink around it to protect it from moisture and it's held on with velcro. Hardly high tech but very effective. I've had a good-enough connection in near-perfect conditions over 1KM.

I can also upgrade it very easily because it's just a USB dongle. And I can use my built-in card to connect to a local AP for browsing.

Oli
  • 1,121
  • 9
  • 13
  • But this signal degradation will affect not only VMs, but the Host OS itself. There is little to no overhead on bridged/nat networking from inside VMs, as far as the intention is just to browse the internet. The question is specific to VM pentesting environment. –  Jan 13 '17 at 10:14
  • No, the question was asking why so many people use USB antennae. This was my reason why I use an external USB wifi dongle. VMs and the OPs personal situation were only mentioned in the footnotes but (as others have focussed on) that is *another* reason to use a USB dongle. I haven't covered that again because you already have. – Oli Jan 13 '17 at 10:30
  • And you have to read the entire question to understand OPs scenario, that is all about USB dongles and vms. There is a difference of "what is the best car" to "what is the best car to do rally"... –  Jan 13 '17 at 10:38
  • Yeah, well, you know that's just, like, your opinion, man. But seriously, there are at least two elements to this. "I wonder why so many pentesters use USB dongles" and "I'm using Kali on a VM, what would work for me?" I really don't understand why you're grilling me for an answer that is still a valid reason, regardless of virtualisation. – Oli Jan 13 '17 at 11:09