Kali Wi-Fi adapter. 8 Best Wi-Fi Adapters For Kali Linux (2022 Picks)

External USB Wi-Fi Adapters for Kali Linux Pentesting

If you are like me, you have been working with Kali Linux, the Linux distribution for penetration testing and ethical hacking, and have been running it as a virtual machine on your 2015 MacBook Pro. And, you have been having issues with sniffing packets because your 2015 MacBook’s built-in Wi-Fi adapter is not going into true promiscuous mode — only a limited version that doesn’t give you everything you need. Sadly, other versions of the MacBook don’t seem to have this problem at all, so you may be finding yourself in need of an additional interface.

Or, perhaps you are not like me, and the chipset driving your PC’s Wi-Fi adapter doesn’t let you do much at all, and you just want an external USB Wi-Fi adapter that will make it easy to use tools such as Aircrack-ng for ethical hacking jobs.

Whatever the case, I’ve done some research and will present a few options that don’t break the bank and should provide you with a quick and easy way to do all the proper packet sniffing you deserve.

TP-Link N150

The first option on this list is the 13.45 TP-Link N150 dongle. A small USB device that sports a detachable antenna, it should get the job done if you prefer portability over power. This device uses the Atheros AR9271 chipset, which is known to work smoothly in Kali Linux (and probably most other distros).

USB Rt3070

The cheapest USB adapter, at a paltry 11.99, is the generic USB Rt3070, another dongle style device that is also the smallest you will find here. With similar specs as the TP-Link device, this one is even easier to conceal, and probably won’t raise any suspicions if you have it plugged into your laptop in a crowded place. While not the most powerful device by any means, if you are near the router you want to connect to, it shouldn’t be a problem.

Alfa AWUS051NH

Taking a big step up in everything, including features, power, and profile, we have the Alfa AWUS051NH. This one has been sitting on my Amazon wishlist for quite a while, and I think it’s about time I pick it up. It even has a holster with suction cups to stick to a window, and it will pick signals up from long range.

If you are needing to physically stay away from the target you are testing, while still being able to test it, try this sucker.

Alfa AWUS036NHA

Lastly, we have another Alfa device, both of which get really good reviews for Kali Linux in particular. At only 6 more than the AWUS051NH, the Alfa AWUS036NHA looks cooler and has a boost in power to let it pick up signals from even farther away. It also comes with the holster and suction cups for the Windows of your vehicle, office, or home. According to its description, what sets it apart is the “High Transmitter Power of 28dBm – for Long-Rang and High Gain Wi-Fi.”

Are there others?

Have you tried any of these? What did you think? Know of any others that do a good job?

Best Wi-Fi Adapters For Kali Linux (2022 Picks)

A list of the best Wireless Adapters for Kali Linux that work with monitor mode and packet injection.

All wireless network cards carry a chipset with which one can determine if it has capabilities to hack Wi-Fi. However, two modes are very important which include Monitor Mode and Packet Injection. This article lists the best USB Wi-Fi Adapters for Kali Linux in 2022. You can use these wireless adapters for performing activities such as Wi-Fi penetration testing and they are the cheapest ones available.

Many chipsets that support monitor mode but not packet injection. We did some research to see which ones are capable of both modes, and we can confirm these are compatible with Kali. We found out if the card supports packet injection then it must also support the monitor mode but not vice versa.

If the Wi-Fi adapter does not support capabilities required for hacking then it is not using the correct chipset, therefore be sure that you use an adapter that has a chipset mentioned above. Some manufacturers are known to change chipsets on newer versions of their products. We also shared information about the Kali Linux Wi-Fi adapter drivers required.

Before you begin, I would advise having a look at some Kali Linux Wi-Fi hacking commands.

About the Wi-Fi Adapter Chipset Required

In recent times it has been released which updated the world’s best penetration testing operating system with neat hardware support including a few Wi-Fi adapters to play with Wi-Fi networks. Following is a list of Wi-Fi adapters which are 100% compatible with it which can go into monitor mode, inject packets and perform everything which is required for a full-fledged Wi-Fi penetration testing.

All seem to get confused when they talk about the best USB Wi-Fi adapters for wireless cards and Kali Linux. They do not know what they are and why they need them and which one to buy as there are many in the market but not all are supported by it.

A wireless chipset is like the brain of a USB Wi-Fi adapter which does all calculations for it. It determines whether the USB Wi-Fi adapter is good or bad. The brand is not relevant. It is a chipset inside a USB Wi-Fi adapter that we need to consider. Many chipsets are supported by this which can be used to perform different packet injections and another attack.

Importance of Monitor Mode and Packet Injection

Monitor mode, also known as RFMON, allows you to alter the wireless traffic over a network you are connected to. Wi-Fi adapters that do not have monitor mode only allow you to connect to the wireless network and view traffic. Tools such as Aircrack-ng are useful for collecting the packets traveling over the network. This mode is slightly different than the previously known promiscuous mode as monitor mode allows you to be able to capture the packets on a wireless channel.

This mode can work over any channel in the 802.11 frequency respectively. This model is popularly used for Wi-Fi hacking and also for observing network traffic.

Packet injection mode is important because without this feature you cannot inject new packets onto the network. This is used to restrict certain user(s) to access the network or redirect them to your hotspot.

The 8 Cheapest and Best Kali Linux Wi-Fi Adapters for 2022

Atheros AR9271 – Supports Packet Injection

This chipset supports packet injection monitor mode and master code which allows it to be used as access to make fake hotspot for an Evil twin attack. The only problem with this is that it supports 2.4 gigahertz frequency only.

TP-Link N150 TL-WN722N (v2 and v3) – Monitor Mode

This is best for beginners. It is a cheap and compact adapter that acts as a Wi-Fi adapter towards home desktop PC, an alternate to your in-built chipset inside your laptop, and quite a handy module during traveling. It complies with IEEE 802.11N and gives speed up to 150Mbps.

This plug-and-play adapter is compatible with many versions of Linux including Kali Linux. It carries a 3 dbi omnidirectional antenna which extends the range of transmission or reception which makes it good for indoor penetration testing. We used this for making mobile hacking stations using Raspberry Pi.

Note: Its versions 2 and 3 have issues connecting with Kali Linux, but it shall work with a little tweak. We suggest TP-Link N150 TL-WN722N V1.

• Chipset inside: Atheros AR9271.
• Operating system required: Windows 8.1 32/64bit, Windows 8 32/64bit, Windows 7(32/64bits), Windows Vista(32/64bits), Windows XP(32/64bits), Windows 2000, Ubuntu, Kali Linux, Debian.
• Transmit Power: 20dBm add higher.
• Signal frequency: 2.4 GHz.

Alfa AWUS036NH – Most popular adapter for hacking

This is one of the best adapters for penetration testing. This is the IEEE 802.11b/g wireless device at 54Mps. One can configure this with ad-hoc mode to connect with other 2.4GHz wireless systems, or with infrastructure mode to connect with a wireless router or AP to access to the internet. This is also compatible with our Aircrack-ng tutorial.

This one is also a plug-and-play adapter that is compatible with many versions of Linux including Kali Linux.

It comes with a 5 dbi omni direction antenna and a 7 dbi panel antenna. over, it also carries a clip which is used to attach this on a laptop.

• Chipset inside: Ralink RT307.
• Operating system required: Windows 8.1 32/64bit, Windows 8 32/64bit, Windows 7(32/64bits), Windows Vista(32/64bits), Windows XP(32/64bits), Windows 2000, Ubuntu, Kali Linux, Debian.
• Signal frequency: 2.4 GHz.

ALFA AWUS036NEH – Best for Signal Range

This is yet another compact plug-and-play Wi-Fi adapter that one can readily connect to the Kali Linux system and begin fun right away. Though this is a small device, the long high gain wife antenna shall give you enough range to capture even the low signal Wi-Fi networks.

It is compatible with Kali Linux, MAC, and Windows devices, it is quite handy and can be carried anywhere, and is best to create a drop box using Raspberry Pi.

Alfa AC1900 – Best Wireless USB Adapter for Monitor Mode

This will take your hacking skills to the next level. For now, this is the best one available for Wi-Fi security experts. It is not the cheapest adapter on our list but it’s worth the price.

It supports IEEE 802.11ac/a/n/g/b standards; which means it is able to manage 2.4 GHz (dual Band), has a USB 3 interface with a wireless data rate of 600 Mbps for 2.4GHz up to 1300 Mbps 5 GHz.

This USB Adapter brings the following specifications:

• 1 x AWUS1900 Wi-Fi Adapter.
• 4 x Dual-Band antennas.
• 1 x USB 3.0 cable.
• 1 x Screen clip.
• 1 x Installation DVD-ROM
• Chipset: Realtek RTL8814U.
• Standards: IEEE 802.11ac/a/n/g/b.
• Interface: USB 3.0.
• Wireless data rate: 2.4GHz [up to 600Mbps] 5GHz [up to 1300Mbps].
• Wireless frequency: 2.4GHz/ 5GHz.
• Wireless security: WEP, WPA, WPA2, WPA/PSK, WPA2-PSK.
• Operation temp: 0-40°C.
• Operating systems: Windows XP/Vista/7/8/8.1/10 32/64bit, MacOS. 10.12 supported, Linux kernel 3.0 supported.

Alfa AWUS036ACH – Dual Antennas and Dual-Band technology

Some time back Kali Linux was released and the popular distro came with a significant update: support for the RTL8812AU wireless chipset. This is a beast that has dual antennas and dual-Band technology (2.4 GHz 300 Mbps/5 GHz 867 Mbps) that supports 802.11ac and a, b, g, n.

The antennas are removable and if a user wants a high range then he can connect the antenna with greater dbi value and use it as a long-range Wi-Fi link which makes it the best one.

• Chipset inside: RTL8812.
• Operating system required: Windows 10, Windows 8.1, Windows 8. Windows 7, Ubuntu, Kali Linux, Debian.
• Signal frequency: 2.4 GHz / 5 GHz.

Panda PAU06 – Speed and powerful antenna

Panda with 300Mbps wireless 802.11n USB adapter with high gain antenna upgrades Wi-Fi interface on the system with the latest 802.11n standard. The system is able to communicate wirelessly with any 802.11g/n wireless router at home, coffee shops, and many others.

It provides a data rate of up to 300 Mbps with 802.11n standard and is backward compatible with 802.11g 2.4GHz wireless networks. Supported security features are as followed: 64b/128bit WEP, WPA and WPA2 (TKIPAES).

Panda PAU09 – Low power consumption and very cheap

This is yet another adapter for Kali Linux and Parrot OS which works well with dual-Band Wi-Fi routers. This means that the user will be able to attack both 2.4 GHz and 5 GHz Wi-Fi networks.

As it has a low power operation mode it can be used with Raspberry Pi dropbox and portable devices like laptops. Its maximum data rate is up to 300 Mpbs with 802.11ac/n 2.4GHz and 5GHz networks. This is even reliable on USB 3 and works best with great and supports both injection and monitor mode which is rare on duel Band card out of the box.

Kali Linux Wi-Fi Adapter Drivers

All of the above-listed adapters are compatible with Kali Linux. This means that they will work for your ethical-hacking activities however a driver installation will be required. You should receive a CD that has the official drivers for 32-bit or 64-bit environments.

In most cases, these will be outdated by a few months or years. I recommend going to the official company site e.g. Panda, TP-Link, or Alfa, and get the latest version. This will ensure that you have the best range, stable signal, and your required packet injection and monitor mode working as expected.

Wi-Fi Hacking Tools to use

Conclusion: Which USB Wi-Fi Adapter are you using with Kali Linux?

I know that we have given you the choice of the 8 best and cheapest USB Wi-Fi adapters for Kali Linux 2022, but have you ever used any other? We have listed only those that support packet injection and monitor mode for your needs as requested. If you ask for my opinion and experience from the above list, Alfa and Panda Wi-Fi Adapters are the best to use with Kali Linux.

Disclosure: This article contains sponsored links. As an Amazon Associate I earn from qualifying purchases.

Connecting a Wireless Adapter to a Kali Linux Virtual Machine

In “Network hacking,” most people get confused when talking about Network adapters and Network cards.

Most don’t know what they are, why we need them, and how to select the best adapter since we have so many brands and models available in the market.

A wireless adapter is a device that you connect to your computer via the USB port, and it allows you to connect to Wi-Fi networks and communicate with other devices on the network.

However, you might wonder: “Why would I need a USB network adapter since my laptop already has an inbuilt adapter that enables me to connect to wireless networks?”

Well, this is among the topics that we will discuss in this post:

• Problems with Built-in Wireless Cards
• Best Wi-Fi adapters for hacking
• How to connect a wireless adapter to Kali Linux Virtual machine

Table of Contents

Problems With Built-in Wireless Cards

There are two main problems with built-in Wi-Fi adapters.

• They can’t be used in Virtual machines – Kali inside a VM does not see the built-in Wi-Fi card of your laptop as a Wi-Fi adapter but will see it as an ethernet adapter. Hence you can have full internet access, but you cannot do packet injection or place the Wi-Fi card into monitor mode.
• Most built-in cards are not suitable for hacking – In wireless hacking, there are two main factors that we look out for in adapters. That is ‘packet infection’ and support for ‘monitor mode.’ Unfortunately, most of the built-in adapters support non of these two features.

Best Wi-Fi Adapters for Hacking (With Monitor Mode)

Before diving into the different Wi-Fi adapter brands and models, we first need to understand the Wireless Chipset present in these adapters. Like the CPU we have in a computer, this chipset is the “Brains” of the wireless adapter.

It is responsible for all the processing and calculation of data flowing through it. It also determines the capability of the wireless adapter. Whether it can support monitor mode, packet injection, and works with Kali Linux or not.

Some of the chipset supported by Kali Linux include:

• Realtek RTL8812AU
• Realtek 8187L
• Ralink RT5370N
• Ralink RT3572
• Ralink RT5572
• Ralink RT3070
• Ralink RT307
• Atheros AR9271
• MT7610U
• MT7612U

I understand all this information looks gibberish as of now; however, you will appreciate it when we look at the different Wi-Fi adapters available and the chipset they use.

You will notice that the ALFA Networks company highly dominates the Wireless adapter market. Over the past couple of years, the company has risen to stand as the perfect supplier for efficient and reliable Wi-Fi adapters. Other companies include TP-Link and Panda.

The table below shows a list of wireless adapters supported by Kali Linux and the Chipset, Frequency, and Protocol they are using.

Important: When it comes to TP-LINK TL-WN722N, it’s important to know that you can also get v2/v3 to work with a few workarounds, although it’s sometimes assumed that only v1 works.

A great and detailed tutorial on this topic is this one from David Bombal – Kali Linux TP-Link TP-WN722N.

TL-WN722N is a decent budget Wi-Fi adapter for our purposes, but it’s sometimes difficult to find v1 in your immediate area, so v2/v3 is definitely a good option.

In some cases you won’t find the adapter’s version in the product description, so I think it’s definitely good to know you can make it work no matter which of those versions it is.

Connect a Wireless Adapter to Kali Linux Virtual Machine (VirtualBox)

To connect a wireless adapter to your Kali Linux virtual machine, when using VirtualBox, you can go in the Oracle VM VirtualBox menu Devices USB [select_your_adapter].

It may not list the name of the Wi-Fi Adapter, but something related to the chipset, instead. Here, I’m using a TP-LINK TL-WN722N 2.4GHz v2/v3, and as you can see, it’s displaying Realtek 802.11n NC.

Automatically Connect the Wi-Fi Adapter to a VirtualBox VM

You can also automatically connect a wireless adapter to your Kali Linux virtual machine, when running VirtualBox. This way, you don’t have to manually connect it every time

To do this follow the steps below:

• Shutdown the Kali virtual machine if it was already running
• Connect your Wireless USB adapter to your PC
• Right-click on your Kali Virtual machine and select the Settings option. A window will open displaying all the different configuration options.
• Click on the USB option and check the Enable USB controller check box.

If you are not sure of the adapter’s name, just remove it, and you will notice the name that will disappear from the VirtualBox USB list.

Your wireless adapter will be listed under the “USB Device Filters” section.

To finalize everything, right-click on your newly added USB filter and select the Edit Filters option.A window will open listing all the details about your wireless adapter. Then, on the Remote option, click on the dropdown and select Yes.

Connect a Wireless Adapter to Kali Linux Virtual Machine (VMware Player)

To connect a wireless adapter to your Kali Linux virtual machine, when using VMware Player, you can go to the VMware Player menu Player Removable Devices [your_adapter] Connect (Disconnect from host).

It may not list the name of the Wi-Fi Adapter, but something related to the chipset, instead. Here, I’m using a TP-LINK TL-WN722N 2.4GHz v2/v3, and as you can see, it’s displaying Realtek 802.11n NC.

You should then receive a message informing you that the device will be safely stopped and disconnected from the host machine, so it can then be connected to Kali Linux in the VMware player.

I’m not sure of an easy way how you can automatically connect a Wi-Fi Adapter with VMware Player, as we did with VirtualBox. The solution in VMware knowledge base seems to involve a bit of work https://kb.vmware.com/s/article/1648. and I haven’t tried it myself. If anyone has an easier solution for this and would like to share, then we’d love to hear from you.

Conclusion

Now you can boot your Kali VM and start practicing your wireless hacking skills. You can list all the wireless networks around you and even put your card in monitor mode.

I believe up to this point, you have a working wireless adapter on your Kali Linux VirtualBox machine. Please remember when selecting an adapter for wireless hacking to ensure the chipset used is among the chipsets listed above.

How to increase TX-Power of Wi-Fi adapters in Kali Linux

The default TX-Power of wireless is set to 20 dBm but you can increase it with a little trick to 30 dBm but let me warn you first that it might be illegal in your country, so use it at your own risk. over some models will not support these settings or wireless chip may state that it can transmit with higher power, but the device’s manufacturer probably did not place the appropriate heat sink in order to accomplish this.

In different countries, legislation and technical standards varies, including in relation to Wi-Fi. In some countries it is not allowed to use the frequencies of some Wi-Fi channels (for example, channels 12, 13 and 14 can not be used in the USA). In most countries, a Wi-Fi signal power limit of 20.0 dBm is set. But there are countries in which there is a limitation of 30.0 dBm. You can take advantage of this loophole (make your wireless thinks it is located in a country where 30.0 dBm is allowed) and raise its TX Power to a value of 30.0 dBm.

Regulatory domains (or regdomain) is the country in which this device is supposed to work. There is also an accompanying database, in which are prescribed the permitted frequencies and the allowed power.

• set the system-wide setting of the regulatory domain to the value, that matches to a country where the power is allowed to be 30.0 dBm;
• set the increased power for the wireless adapter.

In theory, the described method should work for many wireless cards, but in practice there are the following limitations:

• the physical inability of an adapter to operate at capacities greater than 20.0 dBm (for example, the wireless interface initially shows a power of 15.0 dBm while 20.0 dBm is allowed. In this case it is impossible to raise the power above 15.0 dBm, even to 20.0 dBm);
• driver features, for example, some drivers ignore system settings. This is not an insoluble problem, but each model needs its own approach.

To check capabilities of your wireless adapter issue the command:

For example, the following frequencies and power are allowed for the US:

You can examine the full current database in pain text here.

Countries where allowed channels 1 through 13 on 30.0 dBm power are (for instance):

Note that for channels at 5 GHz they have different values (different list of allowed frequencies and powers).

Next, I’ll show the power increasing of Alfa AWUS052NH in Kali Linux. The old guides tell to install additional packages, but currently this is not necessary. Everything you need is already available in Kali Linux!

To find out which region is currently configured, run the command:

The string country 00 indicates that I have not set any value and the default settings was applied.

Now set the regulatory domains to BZ:

To insure the setting was applied run the command:

At the same time, you can look at the new features with the command:

To view the name of the wireless interface and its current status, use the command:

Next, increase the power (replace wlan0 with the actual name of your wireless interface):

sudo IP link set wlan0 down sudo iw dev wlan0 set txpower fixed 30mBm # sudo iw wlan0 set monitor control # if monitor mode needed sudo IP link set wlan0 up

The line txpower 30.00 dBm indicates that we have succeeded.

How to increase TX-Power of Alfa AWUS036NHA

The above commands have no effect for AWUS036NHA. The driver of this adapter ignores regulatory domain value.

If you have Alfa AWUS036NHA or any other that ignores settings of regulatory domain, this is no reason to give up.

We are able to change database of the world regulatory domain.

First let’s check which country your wireless card is made for:

In my case, the country GB line indicates that the adaptor was produced for the country that is named GB in the database.

My method differs from other tutorials, where the wireless-regdb and crda packages are manually installed. These packages should already be installed on your system (in Kali Linux is the default). The only thing we do is replace the database file.

The latest versions of Kali Linux do not have the crda package installed, let’s install it:

Install the dependency required to compile the database:

sudo apt install python3-m2crypto

We clone the source files:

git clone git://git.kernel.org/pub/scm/linux/kernel/git/sforshee/wireless-regdb.git cd wireless-regdb/

Now we need to edit the database file:

In the file, find the country 00 line and replace line after it with something like that (correct it up to you):

(2402. 2482 @ 40), (30) (5170. 5835 @ 80), (30) (57000. 66000 @ 2160), (40)

Now I find and change the lines according to the country wireless made for, for me it is GB (you may have a different country – it depends on your adapters, you can see this value with the sudo iw reg get command):

Patch files for using Python3

sed.i ‘s/#!\/usr\/bin\/env python/#!\/usr\/bin\/env python3/’ py

As a result, a binary file of the database (regulatory.bin) was created from the text file. We will use it to replace the file with the same name in the system.

Delete the original database file:

sudo rm /lib/crda/regulatory.bin

We copy our modified database:

sudo cp regulatory.bin /lib/crda/regulatory.bin

Once again for the new DB format, which is also used:

sudo rm /usr/lib/firmware/regulatory.db sudo cp regulatory.db /usr/lib/firmware/regulatory.db

We copy the required public key (the database file is signed with a specially generated key for our user):

sudo cp USER.key.pub.pem /lib/crda/pubkeys/ sudo cp USER.x509.pem /usr/lib/crda/pubkeys/

Now do not use sudo iw reg set BZ.

country GB: DFS-ETSI (2402. 2482 @ 40), (N/A, 30), (N/A)

mean we are able increasing the power to 30 dBm.

sudo IP link set wlan0 down sudo iw dev wlan0 set txpower fixed 30mBm # sudo iw wlan0 set monitor control # if monitor mode needed sudo IP link set wlan0 up

After we patched the database, there is no longer any need to change the value of the regulatory domains for any wireless interface!

Conclusion

Increasing TX power of the Wi-Fi adapter is undeniably useful only for Wi-Fi jamming, as well as for deauthentication attacks. In all other attacks, increasing TX power would not matter. Since power affects how loudly your Wi-Fi adapter is “talking”, but does not increase its sensitivity (how well it ‘hears’ others).

Changing value of regulatory domains lets to unlock some channels that might not be available in your country.

If you want to return everything to its original state, then run the following commands:

sudo apt purge wireless-regdb crda sudo apt install wireless-regdb

Комментарии и мнения владельцев to How to increase TX-Power of Wi-Fi adapters in Kali Linux

Hi man. Thanks for the guide! But I have a problem using the Alfa 036NH. No networks show up after increasing to 30 OR 33dBm.

Alex says:

Hello! Unfortunately, I cannot reproduce the bug because I have no Alfa 036NH. I suppose its hardware is restricted with a maximum output power 2000mW. If you need, I can provide for you the guide how to revert made changes.

Hey Alex, thanks for the quick reply. Don’t worry, I did this on a Virtual Machine which has no value to me. I am not going to try random things on the internet on machines that have high value I also made a snapshot. I am even more confused now. I just reinstalled Kali after being completely lost, and without ever touching regions or anything else explained in here, the adapter won’t show networks. I got it working again after updating/upgrading, dist upgrade. Then I rebooted and stopped working again. This is really getting on my nerves I might just grab an old HDD/SSD and install it on there instead of a Virtual Machine. I don’t think this has anything to do with you, it’s all on my side… Will keep trying… Thanks though!

Alex says:

No worries. It’s way less worse than simply killing proccesses that interfere with airmon-ng. I feel so stupid Never had this problem, EVER. But I think this was the problem. I installed 2017.2 instead of 2017.3 and simply changed region, nothing else. Then I did airmon-ng check kill and that fixed it. I will now test it on the other VM with 2017.3 updates/upgrades dist upgrade and will report back.

I have UBUNTU 17.10 and a laptop HP with a afla network card. This worked, but it took two days to solve the problem. It was rather odd but it work. The problem was when I was trying to get sudo cp USER.key.pub.pem /lib/crda/pubkeys/ to work. So what I did was ls and found the root.key.bub.pem copy and the other wone into the crda/pubkeys. reboot and it worked. Ubunto. did not have it set up from install or not sure why but you get the 00 for country code. Reall problem. the txpower is at 20 by defualt.

I don’t know why was so difficult to find a working guide for the awus036nha! worked like a charm for kali 2018, thanks!

Hi, I have AWUS036NHR, I followed the guide and this is my result after restart: root@default:~# iw reg get global country 00: DFS-UNSET (2402. 2472 @ 40), (N/A, 33), (N/A) (2457. 2482 @ 20), (N/A, 33), (N/A), AUTO-BW, NO-IR (2474. 2494 @ 20), (N/A, 33), (N/A), NO-OFDM, NO-IR (5170. 5250 @ 80), (N/A, 33), (N/A), AUTO-BW, NO-IR (5250. 5330 @ 80), (N/A, 33), (0 ms), DFS, AUTO-BW, NO-IR (5490. 5730 @ 160), (N/A, 33), (0 ms), DFS, NO-IR (5735. 5835 @ 80), (N/A, 33), (N/A), NO-IR (57240. 63720 @ 2160), (N/A, 0), (N/A) Unfortunately, if I set the txpower to 30 or 33, nothing happens. Changing the region to BO or GY doesn’t help either. Any idea?

every time I reboot. It changed to

iw reg get global country 00: DFS-UNSET (2402 – 2472 @ 40), (6, 20), (N/A) (2457 – 2482 @ 20), (6, 20), (N/A), AUTO-BW, PASSIVE-SCAN (2474 – 2494 @ 20), (6, 20), (N/A), NO-OFDM, PASSIVE-SCAN (5170 – 5250 @ 80), (6, 20), (N/A), AUTO-BW, PASSIVE-SCAN (5250 – 5330 @ 80), (6, 20), (0 ms), DFS, AUTO-BW, PASSIVE-SCAN (5490 – 5730 @ 160), (6, 20), (0 ms), DFS, PASSIVE-SCAN (5735 – 5835 @ 80), (6, 20), (N/A), PASSIVE-SCAN (57240 – 63720 @ 2160), (N/A, 0), (N/A)

But actually I already change global part to 30db.

I can proof that by typing

iw reg set 00 iw reg get global country 00: DFS-UNSET (2402 – 2472 @ 40), (N/A, 30), (N/A) (2457 – 2482 @ 20), (N/A, 30), (N/A), AUTO-BW, NO-IR (2474 – 2494 @ 20), (N/A, 30), (N/A), NO-OFDM, NO-IR (5170 – 5250 @ 80), (N/A, 30), (N/A), AUTO-BW, NO-IR (5250 – 5330 @ 80), (N/A, 40), (0 ms), DFS, AUTO-BW, NO-IR (5490 – 5730 @ 160), (N/A, 40), (0 ms), DFS, NO-IR (5735 – 5835 @ 80), (N/A, 40), (N/A), NO-IR (57240 – 63720 @ 2160), (N/A, 0), (N/A)

QUESTIONS: 1. how to keep country 00 30db on reboot

Alex says:

Hello! It is interesting behavior and I also can reproduce it. But: only if no wireless cards are connected. Once I connect a wireless adapter, I get the higher values without necessity to set Regulatory domains explicitly. Also, to apply values from the patched database it is enough to call any ‘wireless’ command like that:

The first screen: before and after I plugged wireless adapter: The second screen: before and after I ran iw dev: I guess it is kind of optimization: the system does not load heavy database if there is no real need (no wireless interface). The system is Smart!

In my case. I need to run iw dev at least once to keep it persistent on reboot. here after I ran iw dev and reboot

iw reg get global country 00: DFS-UNSET (2402 – 2472 @ 40), (N/A, 30), (N/A) (2457 – 2482 @ 20), (N/A, 30), (N/A), AUTO-BW, NO-IR (2474 – 2494 @ 20), (N/A, 30), (N/A), NO-OFDM, NO-IR (5170 – 5250 @ 80), (N/A, 30), (N/A), AUTO-BW, NO-IR (5250 – 5330 @ 80), (N/A, 40), (0 ms), DFS, AUTO-BW, NO-IR (5490 – 5730 @ 160), (N/A, 40), (0 ms), DFS, NO-IR (5735 – 5835 @ 80), (N/A, 40), (N/A), NO-IR (57240 – 63720 @ 2160), (N/A, 0), (N/A)

Alex says:

I tried to disable NetworkManager, but I cannot reproduce the behavior if a wireless card is plugged. Did you make some tunings of your system?

no, fresh kali ova import yesterday. but I think its small matter because at least its already persistent on reboot tq

hi could you please clarify command above as its in green # sudo iw wlan0 set monitor control # if monitor mode needed is that’s what i need to type in order to bring tx up for monitor mode as well or some other command. or command above is sufficient enough to up tx in both monitor and managed mode thanks

Alex says:

sudo iw wlan0 set monitor control

But I commented it, because not everyone needs the monitor mode. So if you need the monitor mode, use the command just above. If you do not need the monitor mode, skip the command.

hi i set 30 dbm and 33dbm and 36 dbm with USB Wi-Fi rt3070 complete no error but signal not different.and i can set txpower high than 15dbm on intel Wi-Fi 5100agn pci.how to fix

Hello, i have followed your tutorial but i’m stuck as the regulatory.bin file doesn’t exist in the crda folder …. it seems that in the new Kali Linux version the following steps are out of date, so what should we do now ? could you update your tuto ? Thank you,

Alex says:

hi, so the iw reg set is not working, it s still 00, i have NH, what can i do? i don t even get to set something if iw reg set it s not working…

Try to replug the wlan card after changing country code. On RT3070 worked like a charm with BZ (30dBm channel 13) but it was applied immediately after repluging it Thank you!

hi i got a problem when typing make: kali@kali:~/wireless-regdb make Generating public key for kali… openssl rsa.in ~/.wireless-regdb-kali.key.priv.pem.out kali.key.pub.pem.pubout.outform PEM writing RSA key Generating certificate for kali…./gen-pubcert.sh ~/.wireless-regdb-kali.key.priv.pem kali.x509.pem Generating regulatory.bin digitally signed by kali…./db2bin.py regulatory.bin db.txt ~/.wireless-regdb-kali.key.priv.pem Traceback (most recent call last): File./db2bin.py, line 128, in from M2Crypto import RSA ImportError: No module named M2Crypto make: [Makefile:60: regulatory.bin] Error 1 i run newly updated kali 2020.1 Live-USB persistence on mac. Alfa awus036NHA

Alex says:

Hello! Maybe you used the old version of this manual. This tutorial is verified and updated regularly. Now it is required to install python3-m2crypto. And this fact is mentioned in the manual.

hello, to fix this error apt install python3-pip pip3 install M2Crypto sudo rm /usr/lib/firmware/regulatory.db ## ubuntu path /lib/firmware/ sudo cp regulatory.db /usr/lib/firmware/regulatory.db ## ubuntu path /lib/firmware/ tested on ubuntu 16.04

Alex says:

The instruction was checked and corrected on April 6, 2020, at the moment everything is working. Compared to the previous version:. fixed dependency installation command. patch py files to use Python3. replacement of the regulatory.db file (because of this it did not work). now the USER.x509.pem key is also copied to /usr/lib/crda/pubkeys/ (not sure if this is necessary, but here, I found the idea here: https://aur.archlinux.org/packages/wireless-regdb-pentest/, so I did it too) If after any command any error occurs, then let me know, I will continue to figure it out.

hello sir i have tried both method but none of them worked in my case. may be because of my Wi-Fi dongle is hardcoded so is there any way to set up txpower to 30 dbm Here is the Screenshot of my interference plz

Sir i need ur help to increase TX-POWER of TP-LINK T4U Archer AC 1300 Wi-Fi dongle ,it has fixed 12dbm tx-power and it also changes mac everytime i insert it here the commands 1:) root@kali:~# iwconfig lo no wireless extensions. wlan0 unassociated Nickname: Mode:Managed Frequency=2.412 GHz Access Point: Not-Associated Sensitivity:0/0 Retry:off RTS thr:off Fragment thr:off Encryption key:off Power Management:off Link Quality=0/100 Signal level=0 dBm Noise level=0 dBm Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0 Tx excessive retries:0 Invalid misc:0 Missed beacon:0 eth1 no wireless extensions. eth0 no wireless extensions. 2:) root@kali:~# iw dev phy#2 Interface wlan0 ifindex 6 wdev 0x200000001 addr e6:14:4a:64:95:24 type managed txpower 12.00 dBm root@kali:~# iw dev root@kali:~# iw dev root@kali:~# iw dev phy#3 Interface wlan0 ifindex 7 wdev 0x300000001 addr ae:b6:2f:9e:50:e1 type managed txpower 12.00 dBm root@kali:~#

Hello, Since my last post, I had to reinstall Kali linux with the last release (2020.3) and i followed the steps like before but i can’t make it run. Each time i restart the computer, the country which i put as a reference (GB) is changed randomly into CN, AR, or whatever else… and the changes made in the regulatory.db file are not saved which lead me to have something weird. Could you help ?

Alex says:

Hello, I have only two Wi-Fi adapters for testing, they are Alfa AWUS052NH and Alfa AWUS036NHA. My Alfa AWUS052NH has default “country 00”, but my Alfa AWUS036NHA has “country GB”. The whole system settings change into country GB if I plug Alfa AWUS036NHA. This is the only way I know to change country settings without my participation. So I don’t know what is the reason of your problem. Do you use “normal” Kali Linux? I mean, not ARM, not NetHunter? By the way, today I verified the manual above on the Kali Linux with the latest upgrades (2020.3, kernel 5.7.0) – it works fine for me and my two Wi-Fi adapters.

Alex says:

Hi there. i did all the steps and i do get on the iw reg get 30 but i cannot seems to change it to 30. im using the AWUS1900 do you have exprience with it please?

Alex says:

The guide has been tested on Kali Linux with the latest updates. It has been fixed and works fine again.

Ciao spero che tu possa aiutarmi, ho problemi con il canale 95-96 (freq 5470-5480) e il canale 64 (freq 5340) quando digito iw list questi canali non sono nella mia lista e quindi non sono usati da airodump-ng esempio se provo a impostare il canale tramite iw ottengo questo errore: iw wlan2 freq set 5475 rapporti del kernel: il canale è disabilitato comando non riuscito: argomento non valido (-22) come da tua guida digitando iw reg get invece sono disponibili Come posso abilitare questi canali disabilitati dal kernel? Grazie

Hi i hope you can help me, i have problem with channel 95-96 (freq 5470-5480) and channel 64 (freq 5340) when i type iw list these channels are not in my list and therefore are not used by airodump-ng example if i try to setting the channel via iw i get this error: iw wlan2 freq set 5475 kernel reports: the channel is disabled command failed: invalid argument (-22) as per your guide typing iw reg get instead are available How can I enable these kernel-disabled channels? Thanks

Alex says:

Hello! Well, we can use channel 64, but you have to provide the correct frequently value, it is 5320. Or just use the command:

sudo iw dev set channel 64

About 64-100 channel range – I guess we cannot (and must not) use them, maybe it is hardware restriction as well. From the Internet: Q: Why is there a gap between channel 64 and 100 on 5GHz Wi-Fi? Answer 1: There are various uses listed in the range 5.35. 5.46 GHz including “Aeronautical Radionavigation”. This is where channels 68 to 96 would be. Obviously, they don’t want Wi-Fi capable equipment being turned on, even accidentally, that is likely to interfere with aircraft navigation. Answer 2: Those channels are shared with weather radar. A router that uses those channels has to check for the presence of a weather radar. If a weather radar is detected, the router has to switch to another channel that doesn’t have a weather radar. I don’t remember how quickly the router has to stop using the channel. It might be 10 minutes. If the router switches Wi-Fi channels, clients won’t normally switch. Everything that was connected is no longer connected. I think a controller can switch clients to the new channel before the old one shuts down, but again I’m not sure. There might be enterprise equipment that can do this. Consumers can’t afford it.

Hi Alex, I have an Alfa Tube-Una (chip AR9271) produced for the country US. I’m using the second part of this guide on Xubuntu and it works very good. I have a little problem: when in STATION mode, sometimes the country jumps back to global ‘country 00’. But it’s a generic ‘country 00’ and it has not the parameters i have changed in db.txt. I would like to know where is coming from this unchanged database. I hope you can help me

Alex says:

Greetings! I also ran into this problem. I don’t have a ready-made solution, but I have some thoughts on this matter. In this instruction, we change the database, generate our own key pair and sign the database with it. Previously, signature verification was performed by the crda package, and we just had to copy our certificate so that crda would do a verification against it. Now certificate validation is done at the kernel level and crda is no longer needed. For this reason, crda is no longer installed by default in recent distribution releases. Nevertheless, this package is present in the repositories, so we can install it. After that, crda starts to perform functions of regulatory domain, and we use the proven method with copying our certificate to /lib/crda/pubkeys/. Perhaps at some point crda loses control and the kernel starts to perform functions of regulatory domain again. I tried to figure out how to add my own certificate so that it can be used to verify the signature of the regulatory.db file at the kernel level, that is, without crda, but I could not find an answer to this question. That is, for now, this is a bug, for which I have no solution, but I have ideas about its causes. Perhaps someone reading this comment will tell us how to add the certificate so that it can be used to verify the signature of the regulatory.db file at the kernel level, that is, without crda.

Thank you. I think the problem can be solved copying the new generated regulatory.db.p7s file in the /usr/lib/firmware/ directory. Three days of trial are not a certainty, but now the ‘country 00’ has the patched parameters i gave. Greetings!

Hi Alex, Could you please let us know a version of Kali where all is working as expected without kernel level certificate check, etc.? I will be happy to install and keep it out of updates just for the wireless pursposes. Hope you will help me.

Alex says:

CRDA is no longer needed as of kernel v4.15 since commit 007f6c5e6eb45 (cfg80211: support loading regulatory database as firmware file) added support to use the kernel’s firmware request API which looks for the firmware on /lib/firmware. Because of this CRDA is legacy software for older kernels. It will continue to be maintained.

sudo journalctl.b | grep.i REGDOM

I think that we can return the old behavior by changing two kernel constants… well, or at least one of them ))))

CONFIG_CFG80211_REQUIRE_SIGNED_REGDB=y CONFIG_CFG80211_USE_KERNEL_REGDB_KEYS=y

• https://wireless.wiki.kernel.org/en/developers/regulatory
• https://wireless.wiki.kernel.org/en/developers/regulatory/crda
• https://patchwork.kernel.org/project/linux-wireless/patch/20171009095018.5289-4-johannes@sipsolutions.net/
• zcat /proc/config.gz | grep.i CFG80211
• cat /boot/config-`uname.r` | grep CFG80211

Using Monitor Mode in Kali Linux

Wi-Fi adapters are used for connecting your device to the Internet. Most laptops, tablets, and mobile phones have a built-in Wi-Fi card. In a wireless environment, data is transferred from the device to the internet in the form of packets by sending a request for a packet to the router. The router fetches the requested packet from the internet, and once it obtains the webpage, it sends the information back to your device in the form of packets, thereby controlling all the traffic going to connected devices. Monitor Mode in Kali Linux allows you to read all the packets of data, even if they are not sent through this mode, and controls the traffic received on wireless-only networks. Monitor Mode is able to capture all these packets, which are not only directed to their device but also other to devices connected to the network. This article will provide an overiew of Monitor Mode in Kali Linux.

Uses

For an ethical hacker, Monitor Mode is used to capture all relevant data packets to check whether the router is vulnerable. It is also used to check whether the network is vulnerable to any attacks. Monitor Mode thus provides all the crucial information on every device, and can also be used for observing large volumes of network traffic.

3 Ways to Use Kali Linux Monitor Mode

If you have the wireless adapter that supports Monitor Mode, then you can easily set the wireless interface. The following sections list some of the ways that you can use Monitor Mode in Kali Linux.

Enable Monitor Mode Using iw

First, we will take a look at the use of the iw Wi-Fi configuration tool. It is used for configuring Wi-Fi in particular and can be more powerful than other tools. You might have already used iw for several other purposes, for example, to obtain information about your Wi-Fi network. In fact, this tool can even give you more information about different commands. The iw list gives you much more information about wireless wlan0, interface modes, HT, bit rates, scanning, etc.

The first step is to check the interface information. You can do so by entering the following:

The output will look like the following window:

To access the traffic of other people, you will have to switch this over to Monitor Mode. You can switch iw to Monitor Mode by entering the commands given below:

IFACE replaced the actual name, as shown:

The next step is to check the wireless interface one more time by entering the following command:

The output of the aforementioned commands can be seen in the window above.

Wondering how to get back to the Managed Mode? To do so, enter the following commands:

IFACE replaced the actual name, as shown:

Enable Monitor Mode Using airmon-ng

If you have already tried enabling Monitor Mode using iw and failed, then another method you can use to enable Monitor Mode is through airmon-ng.

The first step is to get information about your wireless interface. Do so by issuing the following command:

The output of the above command is as follows:

You will want to kill any process that can interfere with using the adapter in Monitor Mode. To do so, you can use a program called airmon-ng, simply entering the following commands:

Now, you should enable Monitor Mode without any interference.

Wlan0mon has now been created.

Use the following commands to disable Monitor Mode and return to Managed Mode:

Enter the following command to restart the network manager:

Enable Monitor Mode Using iwconfig

As in previous sections, check your interface name via the following command:

The next step is to enable Monitor Mode. Do so by entering the following commands:

Disable Monitor Mode

Turn off the Network Manager that Prevents Monitor Mode

Conclusion

Enabling Monitor Mode is a great method for sniffing and spying around your network and router. There are a number of ways to enable Monitor Mode. Every method does not work for every adapter. So, try out any of the methods listed above if your adapter does not behave as expected.

Younis Said

I am a freelancing software project developer, a software engineering graduate and a content writer. I love working with Linux and open-source software.