Categories
Information Security Tutorials

Atheros AR9170 & BackTrack 4

I recently broke out my Netgear WNDA3100 adapter that I bought a while ago to replace my old Netgear WG111 that I used to use for cracking wireless networks. Granted, the WG111 was reliable, but the reasons for the replacement are obvious: the WNDA3100 is dual-band and supports 802.11n. But for beginners who don’t want to shell out as much money nor spend extra time getting a wireless card to work properly, the WG111 is still the best choice.

Spend extra time to get the WNDA3100 to work properly? Yes, it didn’t quite readily work with BT4 (and probably not with other distros running the same kernel version). After doing some searching, I found a thread on backtrack-linux.org’s forum that allows my new adapter to work, with full monitor mode & packet injection capabilities. For a matter of record & for easy searching, I’ll document the directions below.

These instructions work for any Atheros AR9170 based cards:

* Arcadyan – WN7512
* Atheros – 9170
* Atheros – TG121N
* AVM – FRITZ!WLAN USB Stick N
* AMV – FRITZ!WLAN USB Stick N 2.4
* Cace – Airpcap NX
* D-Link – DWA 160A1
* D-Link – DWA 160A2
* IO-Data – WNGDNUS2
* Netgear – WNDA3100
* Netgear – WN111 v2
* Planex – GWUS300
* Sphairon – Homelink 1202
* TP-Link – TL-WN821N v2
* Z-Com – UB81 BG
* Z-Com – UB82 ABG
* Zydas – ZD1221
* Zyxel – NWD271N

IMPORTANT: please note that the hardware revisions matter, especially for the WNDA3100 that I’m working with. The WNDA3100v2 uses a Broadcom chipset instead, which has some other issues & corresponding remedies I won’t be discussing here.

Anyways…

1.) Download the patched firmwares ar9170.fw, ar9170-1.fw, and ar9170-2.fw and place them into /lib/firmware.

2.) Download compat-wireless-2.6.32.3.tar.bz2 and untar it to your favorite location.

3.) Run the following in the terminal:
cd compat-wireless-2.6.32.3
make
make install
make unload

*If you get a “No such file or directory” error when you run make, run:
ln -s /usr/src/linux /lib/modules/2.6.30.9/build

I didn’t get the error so I didn’t run it.

4.) Add “blacklist arusb_lnx ” to the end of /etc/modprobe.d/blacklist. This will prevent the loading of the buggy/incorrect drivers and load the proper ones instead.

5.) On line 174 of /usr/sbin/airmon-ng, change “xar9170” to “xar9170usb”. This will tell airmon from the aircrack suite to use the new drivers.

6.) Save all files and reboot.

Test it using the following:

1.) Plug in your adapter (WNDA3100 in my case) and start the networking service.
/etc/init.d/networking start

2.) Run:
airmon-ng start wlan0
Replace wlan0 with your wireless interface’s name. This will put your card into monitoring mode.

3.) Run:
aireplay-ng -9 wlan0
The -9 parameter means –test for short. This should show you some output with the APs found, whether injection was successful, etc.

Enjoy!

These new firmwares and drivers are likely to be incorporated in a newer version of the kernel, and thus later releases of *nix distros, hopefully eliminating the need for a large portion of this hack.

26 replies on “Atheros AR9170 & BackTrack 4”

after his step 5.
type modprobe xar9170usb
plug in the usb now.. if all the steps don’t work then plug in the wireless usb before step 5.

then type /etc/init.d/networking start
then type airmon-ng start wlan0
then if you type iwconfig You see that the name changed to mon0
then type aireplay-ng -9 mon0

for some reason i have had to type rmmod 80211.. xar9170.. i don’t know the exact files, but i had to type this before i typed modprobe xar9170usb..

try this and let me know.. i think you’ll be able to get it working.

sorry I saw that I typed aireplay-ng -9 mon0.. I never use this .. I usually just type airodump-ng mon0 . that checks what networks are available.

jakeridden, what files did you remove? Cause I can’t modprobe it right now:

modprobe xar9170usb
FATAL: module xar9170usb not found.

Hi Darwin,

first off, this is legendary. Thanks for taking the time out to post this. Now i’m gonna be a dick and request you post something else. You mentioned there are issues & corresponding remedies with the WNDA3100v2 (which i’m using now). Any chance of sharing those remedies as you did here?

Cheers boss.

– sheldon

I don’t have a v2, but I’ll take a look and see what I can find out.

I used this for backTrack4 on a usb pen drive boot up. there are some extra steps you have to do in order to get it to work. you need to rmmod and modprob some of the kernel modules to get the wireless driver to restart. I’ll try to make another post to let you know what exactly you will need to do.

put this name for the email : jakeridden00

Thanks for writing this up. I just scored a 9170 for use with BT. Definitely saved me some work, muchas gracias, senor!

Any word on those extra steps to use this method with a persistant install on a pendrive that jakeridden mentioned?

How did you know I installed BT4 (persistent) on a flash drive? πŸ˜›

I did this install on a 4GB flash drive mounted inside VMWare and it worked fine without any additional mods.

Just make sure you did a persistent install and all the changes you made will stay there.

EDIT: I just saw what you were talking about. Step 4 tells you to add the “blacklist arusb_lnx” line and then restarting so that the default kernel module doesn’t get loaded on boot. The same effect can be achieved by running “rmmod arusb_lnx”. I think the modprobe is “modprobe xar9170usb” but I’m not exactly sure about this one. I just added the blacklist line and then rebooted.

Still no dice unfortunately.

I’m searching through the original forum posts and double checking everything but just out of curiosity, would having an intergrated wifi adapter (Linksys WUSB100) be an issue?

It might. Check to see what chipset it uses. May be worth a try to disable it and see what happens.

Hi Darwin,
We can’t find the file in

5.) On line 174 of /usr/sbin/airmon-ng, change β€œxar9170β€³ to β€œxar9170usb”.

It doesn’t exist.
We are using BT4 final and a “Netgear WN111 Wireless USB Adapter”.

Great blog Darwin πŸ™‚

you need to find the file in the folder called usr. you can find it in the home folder..if you open a terminal you can see the folder by typing cd /usr/sbin

Hey i cant find airmon-ng file.

I navigated to the correct folder, maybe i did something wrong.

Here is what i did. I click start > system menu > home folder > then on left hand side i click usr > bin. Within the bin folder i cannot find the airmon-ng file!!! is it missing? maybe i have to create it.

Perhaps i can just search for the airmon-ng file?? please give me some advice.

Don t understand how exactly i got in here but i m really glad i ve found it. Neaah… i m starting to believe google is begining to read my mind πŸ™‚ Great work!

sorry but i get this problem when i run step no 3.

WARNING: Symbol version dump /usr/src/linux-source-2.6.35.8/Module.symvers is missing; modules will have no dependencies and modversions.

how can i solve it?

Leave a Reply to Tina Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.