Get Alfa AWUS036ACH USB NIC running on Kali VM to attack wireless networks

For people in IT security who want to perform penetration testing on wireless networks, it is important to have a network adapter (NIC) which supports monitor mode and packet injection. A normal consumer NIC that you have in your laptop will most likely not support any of these features. Therefore, you would want to invest in an additional USB NIC.

A popular choice for penetration testing is a model called Alfa AWUS036ACH, because it supports a broad set of features needed for pentesting. At the same time it is rather inexpensive, so the bar to “just try it out” is low.

Kali Linux as most popular Linux distribution to perform such pentests does not support the Alfa AWUS036ACH out of the box. Especially when running Kali in a virtual machine you will have to keep in mind some additional details.

There are many questions online where people ask how to fix this issue. Many times answers are not provided or they are unnecessarily complicated. I used the following few steps for different setups and it always worked, so I hope this description will also be helpful for you.

When you connect the card to your computer and run iwconfig on call, you will not see your NIC:

Kali does provide the necessary driver in its repositories, but you will probably first have to download it.

  1. Make sure that your USB NIC is connected with your computer
  2. In your Kali Linux, type the commands to download the driver as suggested by the Kali website:
apt-get update
apt install realtek-rtl88xxau-dkms
  1. If you are running Kali in a virtual machine, you will also need to allow the virtual machine to connect to the USB device. You can do this in the running machine, but in my tests, this did not work directly after having installed the driver. I therefore recommend to shut down your VM and set the permission to access the USB NIC in the permanent settings for the VM. In VirtualBox you therefor have to right click on your VM and add the NIC to your VM.

In case your Windows host system did not properly recognize the wireless adapter either, you can download and install drivers from the manufacturer’s website. You would then have to restart your computer and afterwards perform step 3 as described above.

  1. In some tests just adding the interface via VirtualBox settings did still not suffice, but I had to restart VirtualBox completely. Since this is done quickly, I recommend to do so just in case.
  2. Now, open VirtualBox and start up your Kali VM. When you now run iwconfig, the new USB NIC will be properly shown:
  1. As you can see in the screenshot above, your adapter will be in “Auto” mode. So, before you start your penetration tests, you will still have to bring it to Monitor mode. This can be done easily using airmon-ng:
airmon-ng start wlan0

When you execute iwconfig once more, you will see that the adapter is now in Monitor mode.

  1. One last preparatory step before you can start with your penetration tests is to stop processes which might otherwise return your NIC into another mode than Monitor mode. As airmon-ng already indicated above, you can accomplish this using the following command:
airmon-ng check kill

Although airmon-ng had shown a warning message about “Network Manager” being a possibly problematic process that should be stopped, it does not seem to touch it. At least the process is not listed under “killing these processes”. However, if you look at the upper right corner of your Linux, you should see that the network manager symbol was replaced by something that is labelled as “networking disabled”. So, although it does not say it, apparently the service was stopped, nonetheless. If you want to be 100% sure, you can try to stop the process using:

systemctl stop network-manager

Now you are ready to perform your penetration tests using Alfa AWUS036ACH on your Kali Linux VM. The very useful aircrack-ng suite is already shipped along. Please keep in mind though that it is illegal to attack networks that you do not own or which you do not have permission to perform tests on.

Leave A Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.