Tuesday, August 04, 2009

The RAID WiFi adapter and BackTrack 4

We've got a brand new product called the RAID, which stands for Rokland Auditing/Injecting Device.

raid_blog

The RAID is designed for use in BackTrack 3 and BackTrack 4 Linux and takes its shape and chipset from the popular (but discontinued) Alfa AWUS036S wireless USB adapter. The AWUS036S was highly recommended for use in BackTrack 3 Linux, primarily because it was a low-cost, good-range adapter with an RP-SMA port, and was compatible with programs like Aircrack. The AWUS036S is no longer being made, but the RAID was designed with the same chipset in order to offer the same functionality.

We have done some testing of Rokland RAID in the Backtrack 4 pre-release final edition. Here are some notes:

1. BT4 has been designed so that by default the networking services do not load at startup. If you have BT4 installed to a disk drive, you can make some changes to that they will load at startup. If you are using a bootable CD version of BT4 and running the OS entirely from CD, you will need to set aside some disk space on your hard drive so that any settings changes you make will be saved. Otherwise remember that any settings changes or package installs you do will be gone the next time you boot. This blog post is not a tutorial on how to do this, but you can find this info easily by searching the remote-exploit.org forums.

2. If you are planning to use BackTrack 4 for injection/cracking, you probably do not need to enable networking services. For the most part you will only need to enable networking services when you want to connect to an AP.

3. The RAID will automatically be recognized in BackTrack 4 pre-release final, but because the networking services are not loaded, the adapter is not plug and play in the sense that you will not be able to open a web browser right away and go online.

4. To use the device to scan for networks, you will need to start networking services.

  • /etc/init.d/networking start
  • /etc/init.d/networkmanager start

On our version run from CD, we did not have networkmanager, the client utility was called Wicd Network Manager, however the program (located in the Internet folder) did not load when selected. The fix is to run this command:

  • /usr/bin/start-network

Then you can go to Internet and select Wicd Network Manager and the GUI will load.

With Wicd Network Manager running, you will see available networks. Connecting is straightforward, but if you attempt to connect to an encrypted network, you may get an error that "this network requires encryption to be enabled". To enabled encryption, follow these instructions:

  • click on the name of the network to which you want to connect. Then click the Advanced Settings button that appears. Make sure the 'use encryption' box is checked, then enter in the network key. Now you can go back and connect to that network.

Note that the steps above are not specific to the RAID, they are just helpful hints when using any compatible wireless adapter with BackTrack 4.

We connected to some APs and went online just to ensure the driver was working properly, then rebooted and ran some tests in Aircrack. We created several test networks for injection purposes. The tests were designed to show the vulnerabilities of WEP encryption. Each AP set up for this purpose was encrypted with WEP encryption. One model had 64-bit and the other model 128-bit. On one computer we used BackTrack3 and SPoonWep (a program that comes with BT3) and were able to recover the 64-bit and 128-bit keys relatively quickly using the RAID. On another computer we loaded BT4 pre-release final edition and hooked up the RAID. SPoonWep does not come with BT4 pre-release final edition, and as far as we could find out, will not work on BT4 if you try to install it manually. This may change on future versions of BT4 or SPoonWep, but for now if you want to do injection with BT4 you can use a program like Aircrack. We used Aircrack on BT4 with the RAID and successfully recovered the WEP keys from both test APs.

3 comments:

Anonymous said...

When is RAID for sale??

dude said...

Had to get to super user before I could use the commands.

dude said...

sudo bash