Wireless Cards & USB Wireless

This is Google's cache of http://backtrack.offensive-security.com/index.php/HCL:Wireless. It is a snapshot of the page as it appeared on 6 Dec 2010 21:22:16 GMT. Thecurrent page could have changed in the meantime. Learn more

Text-only version

HCL:WirelessFrom Offensive-security.com

Jump to: navigation, search

Contents

1 Wireless Cards And Driverso 1.1 Notes about VMWare or any other virtualisation softwareo 1.2 Notes for broadcom owners

2 Tested Card Listo 2.1 PCI

2.1.1 Asus WL-138g v2 2.1.2 Belkin F5D8001 2.1.3 CNet CWP-854 2.1.4 Dlink DWA-520 2.1.5 Dlink DWA-552 2.1.6 Dlink DWL-AG530 2.1.7 Dlink DWL-G520 2.1.8 Dlink DWL-G550 2.1.9 Dlink DWL-G510 2.1.10 Dynex DX-EBDTC 2.1.11 Foxconn WLL-3350 2.1.12 MSI PC60G 2.1.13 Netgear WG311T 2.1.14 Netgear WPN311 2.1.15 SMC SMCWPCI-G

o 2.2 Mini PCI (Built in) 2.2.1 Broadcom BCM4306 802.11b/g (rev 3) 2.2.2 Broadcom BCM4318 802.11b/g 2.2.3 IBM AR5212 802.11abg NIC (rev 01) 2.2.4 IPW2100 2.2.5 IPW2200 2.2.6 WN360G

o 2.3 Mini PCIe (Built in) 2.3.1 Broadcom BCM4311 802.11b/g 2.3.2 IPW3945 2.3.3 IPWRAW (IPW3945 Monitor + Inject)

2.3.4 IPW4965/IWL4965 agn 2.3.5 Gigabyte GN-WS50G b/g

o 2.4 PCMCIA Cards 2.4.1 3COM 3CRWE154G72 v1 2.4.2 3COM 3CRPAG175B with XJACK Antenna 2.4.3 Agere Systems ORiNOCO GOLD PC Card Classic 2.4.4 AirLink101 AWLC4130 2.4.5 ASUS WL100G 2.4.6 Belkin F5D6020 v3 2.4.7 Belkin F5D7010 V1000 2.4.8 Belkin F5D7010 V3000UK 2.4.9 Belkin F5D7010 V5000 2.4.10 Belkin F5D7010 V6000 2.4.11 Belkin F5D7011 2.4.12 Buffalo WLI-CB-G54HP 2.4.13 Cisco AIR-LMC350 2.4.14 Cisco AIR-PCM350-T 2.4.15 Cisco Aironet AIR-CB21AG-A-K9 2.4.16 Dlink DWA-645 2.4.17 Dlink DWL-650+ 2.4.18 Dlink DWL-G650 2.4.19 Dlink DWL-G630, 650+/- 2.4.20 Dlink DWL-G650M 2.4.21 D-Link WNA-1330 2.4.22 Enterasys Roamabout 802.11 DS High Rate 2.4.23 Gigabyte GN-WM01GT AirCruiserG Mach G 2.4.24 Lucent Technologies Orinoco Silver 2.4.25 Linksys WPC11v4 2.4.26 Linksys WPC54G v3 2.4.27 Motorola WN825G v2 2.4.28 NetGear MA401 2.4.29 NetGear WPN511 2.4.30 NetGear WPN511 - Range Max 2.4.31 NetGear WG511T 2.4.32 NetGear WAG511v2 2.4.33 NetGear WG511 v1 2.4.34 NetGear WG511 v2 2.4.35 NetGear WG511 v3 2.4.36 NetGear WG511v2 2.4.37 Netgear WG511U 2.4.38 NetGear WPN511GR 2.4.39 Netgear WPNT511 2.4.40 PROXIM ORiNOCO 802.11b/g Gold (Model: 8470-WD) 2.4.41 Senao NL-2511CD/SL-2511CD PLUS EXT2 2.4.42 Sitecom WL-100b 2.4.43 SMC 2532W-B

2.4.44 SMC SMC2536W-AG 2.4.45 SMC WCB-G 2.4.46 SWEEX LW051 ver:1.0 2.4.47 TP-link SuperG&eXtended Range 108M Wireless Cardbus

Adapter(TL-WN610G) 2.4.48 TP-link eXtended Range 54M Wireless Cardbus Adapter (TL-

WN510G) 2.4.49 Ubiquiti SRC 2.4.50 Wistron WLAN 802.11a/b/g Cardbus CB9-GP 2.4.51 X-Micro WLAN 11g PCMCIA Card (XWL-11GPAG) 2.4.52 ZCom XI-325HP+ 2.4.53 Zyxel ZyAIR G-100 PCMCIA Card (FCC ID:N89-WE601l)

o 2.5 USB Dongles 2.5.1 Airlink101 AWLL3026 2.5.2 ALFA Networks AWUS036E 2.5.3 ALFA Networks AWUS036H 2.5.4 ALFA Networks AWUS036S 2.5.5 ASUS WL-167G 2.5.6 AVM Fritz!Wlan USB V1.1 2.5.7 Belkin F5D7050 V1 2.5.8 Belkin F5D7050 (4000 series) 2.5.9 Belkin F5D7050B 2.5.10 Belkin F5D7050E 2.5.11 Belkin F5D7051 2.5.12 Buffalo Airstation G54 WLI-U2-KG54-AI (2A) 2.5.13 Chiefmax 2.5.14 D-Link DWL 122 (USB) F/W 3.2.1 H/W A1 2.5.15 D-Link DWL G122 (USB) F/W 2.03 B1 2.5.16 D-Link WUA-1340 2.5.17 Edimax EW-7317UG 2.5.18 Edimax EW-7318USG 2.5.19 Hawking HWUG1 2.5.20 Hawking HWU8DD 2.5.21 Linksys WUSB54g v4 2.5.22 Linksys WUSB54GC 2.5.23 Linksys WUSB600N 2.5.24 MicroEdge MEG55A Wireless-G USB Dongle 2.5.25 NetGear MA111 2.5.26 NetGear WG111v2 2.5.27 NetGear WG111T 2.5.28 Netopia ter/gusb-e 2.5.29 OvisLink Evo-w54usb 2.5.30 Rosewill RNX-G1(W) 2.5.31 SafeCom SWMULZ-5400 2.5.32 TP-Link TL-WN321G 2.5.33 USB WiFi Booster Kit with 5dbi Indoor Dipole

2.5.34 ZyDAS 1211 2.5.35 SMCWUSB-G EU 2.5.36 MSI US54SE

Wireless Cards And DriversThis section lists Cards that have been tested with BackTrack. If you have tested a card that does not appear on this list, please add it in!

BackTrack V.2.0-BackTrack V.3.0 (Final) has the following drivers included, in addition to the standard 2.6.20/2.6.21.5 kernel drivers:

madwifi-ng (Patched for Injection) hostap (Patched for Injection) prism54 (Patched for Injection) bcm43xx (Patched for Injection) rtl8180 [1] (Patched for Injection) rtl8187 (Patched for Injection) ipw2200 (Patched for Injection) rt2570 (ASPj's Drivers) rt2500 [2] (not sure if patched already but can be added with this

link http://aircrack-ng.org/doku.php?id=rt2500&DokuWiki=c3d1aad1f57c675981be7c8290e369d6)

rt61 rt73 ipw2100 ipw3945 acx100 (Patch available -BETA-) zd1211rw (Patch available -BETA-)

wlan-ng HAS BEEN REMOVED! Prism2 card owners should use the Hostap Drivers

-muts

The links provided above for the driver of the chipset are the links to the developer's actual homepage. If you want to know where the patches are coming from, click on the link that says something similar to the word `patch'. Note that the links provided may not be current and that patches may/may not work. You have been forewarned.

- hatake_kakashi

Notes about VMWare or any other virtualisation software

VMWare or any other virtualisation software generally does not allow backtrack 2 or 3 or any other OS as guest to operate fully with any devices that are not USB which also includes wireless devices. Do not ask for support when using VMWare or any other virtualisation software when you have either: PCI/PCI-E/PCMCIA/MINI-PCI/MINI-PCIe/EXPRESS CARD and that you want virtualisation support in either #remote-exploit or the forum as this is beyond our control.

More information maybe found at Talk:HCL:Wireless or on the forum.

Notes for broadcom owners

Broadcom has used some of the BCM43XX designations for more than one flavor of card. To tell for sure if your card is supported, use the command 'lspci -n| grep 14e4'.

If 14e4:XXXX is 4301, 4307, 4311, 4312, 4318, 4319, 4320, 4321 (aka 4306 802.11b/g? only), 4324, or 4325, the card is supported with b43 driver.

All others are with 4313, 4315 (4310?), 4328 (4321 802.11n dualband), 4329 (4321 802.11n 2.4GHz), 432a (4321 802.11 5GHz), 432b (4322), 432c, 432d can only use broadcom's linux_sta driver, which is similar to using ndiswrapper.

You will need kernel.lzm if you downloaded cdrom version and will need to compile this driver. You may also need compat-wireless if the driver does not work and/or search for possible answers via google. Last but not least, there is absolutely NO support whatsoever with linux_sta for monitoring/injecting. Desperate users can try and join their mailing list

Tested Card List

PCI

Asus WL-138g v2

Driver : bcm43xx Chipset : Broadcom External Antenna: Reverse connector (RP-SMA) with a detachable antenna

Works out of the box.

Belkin F5D8001


CNet CWP-854

Driver : rt2500 Chipset : Ralink 2500 External Connectors: RP-SMA Works out of the box.

Dlink DWA-520

Driver : Madwifi-ng Chipset : Atheros External Connectors : RP-SMA Works out of the box in BT3 Final. Injection is perfect. Product link : http://www.dlink.com.my/products/?idproduct=199

Dlink DWA-552

Driver : Madwifi-ng Chipset : Atheros AR5212 a/b/g/n For Kismet, edit your kismet.conf file (/usr/local/etc/kismet.conf) to

"source=madwifi_g,wifi0,Atheros" Notice: To set up your MAC (optional) and switch into Monitor Mode type:

airmon-ng stop ath0

macchanger -a wifi0

iwconfig ath0 mode Monitor

Dlink DWL-AG530


Dlink DWL-G520

Chipset : Atheros External Antenna: RP-SMA Works out of the box.

Dlink DWL-G550

Chipset : Atheros AR5212 (within AR5002X) External Antenna: Yes, omni-directional dipole antenna with 5dBi Works great out of the box.

http://www.dlink.com/products/?sec=0&pid=414

Dlink DWL-G510

Chipset : Atheros AR5212a/b/g; Ralink RT73 Driver : madwifi-ng; rt73 External Antenna: REV-SMA

Read here

Dynex DX-EBDTC

Chipset : Broadcom Works right of of box. Injection and monitor mode IS supported.

Foxconn WLL-3350

Driver: rt2500

MSI PC60G

Driver : RT61 Chipset : Ralink Works out of the box. Injection and such (wireless tools) not functional

http://global.msi.com.tw/index.php?func=proddesc&prod_no=1063&maincat_no=131

Netgear WG311T

Driver : Madwifi-ng Chipset : Atheros External Antenna: RP-SMA Connector

Works perfectly out of the box. Injection works as Well. http://www.netgear.com/Products/Adapters/SuperGWirelessAdapters/WG311T.aspx

Netgear WPN311

Driver : Madwifi-ng Chipset : Atheros External Antenna: RP-SMA Connector

Works great out of the box including injection.

SMC SMCWPCI-G

Chipset : Atheros Antenna Type : External SMA (detachable) Operating Range :

• Outdoors up to 1.312ft / 400m • Indoors up to 328ft / 100m

Works great out of the box including injection

Mini PCI (Built in)

Broadcom BCM4306 802.11b/g (rev 3)

Environment Compatibility

Hardware ver Software ver Internet Monitor Injection

Dell 1350 WLAN Mini-PCI

2.6.20-BT-PwnSauce-NOSMP bcm43xx

yes yes no

HP Pavilion ZV5330us bcm43xx ? ? no

HP Pavilion zd8000 bcm43xx yes yes ?

Compaq Presario 2500 bcm43xx yes yes no

Driver : bcm43xx Notebook HP NX6110 model PT601AA#AKD Notebook HP Pavilion ZV6170us (part of zv6000 series) Notebook Compaq Presario V2405CA Not sure what chipset it is but doesn't

work with built in Broadcom B/G Notebook acer TravelMate 2413LMi Not sure what chipset it is but Packet

injection does not work with buit in Broadcom B/G

Broadcom BCM4318 802.11b/g

Driver : bcm43xx Notebook Compaq v2312us - It will capture packets but does not inject. Notebook HP Pavilion dv5215us - Injection works! http://forums.remote-

exploit.org/showthread.php?t=7190 First place card in monitor mode (include channel of target AP):

AirForce One 54g - Injection works but you need to have a recent version of aircrack-ng (it worked for me with the 0.9)

bt ~ # ifconfig eth0 upbt ~ # iwconfig eth0 mode Monitor channel #

Use aireplay-ng attack 1 (fake authentication) and then attack 3 (ARP request replay attack). ~40,000 packets injected in <5 minutes. -theprez98

Notebook Acer 5000 - It will capture packets but does not inject.

IBM AR5212 802.11abg NIC (rev 01)

Driver : Atheros

IPW2100

Driver : IPW2100 Special Notes: Will enter monitor mode, but cannot inject.

===================================== YES for IPW2200 Sorry, but it works with injection patch I use ipw2200-1.2.1 and package of aircrack.0.90 need to compile, and install Kismet works fine but I prefer airodump-ng Attack works under aireplay -2 -3 -4 -5 and -9, but not for -0 and -1

IPW2200

Driver : IPW2200 (With Injection Patches)

Boots Live and installs on hard drive detecting and installing the ipw2200 pached drivers perfectly (also on dual and multi-boot environments (MacOS, Vista, XP, BT)

About Injection, Void11 cannot be used to deauth stations. ONLY the "--interactive", "--arpreplay" and "--chopchop" options of Aireplay-ng work, due to an ipw2200 limitation. You must enable the rtap0 interface executing the following commands to make injection posible before doing anything else:

- rmmod ipw2200 - modprobe ipw2200 rtap_iface=1 - ifconfig eth1 up - ifconfig rtap0 up

Injection has proven to be succesfull with "-i rtap0 eth1" interface parameter at the end of your aireplay-ng --arpreplay command. This allows to capture at the same time using the rtap0 interface with other programs.

Example of arp injection command:

- aireplay-ng --arpreplay -b 00:00:00:00:00:00 -h 11:11:11:11:11:11 -i rtap0 eth1

GUI Wireless tools are at early development. Sometimes they don't work as expected and network parameters must been set in konsole. Things may appear failing when they are actually working:

- Wireless assistant may say "connection failed" but you are associated with the AP. - Running Kismet a 2nd time does not work because inteface is set in monitor mode. - Injection failing because deauth attack is not posible, but deauth is not the only method.

You may feel misfuncionalities when following tutorials step by step without ANY previous knowledge, especially those for Wep cracking because of its complexity. But the true is that full funcionality is found on this chipset except for a few injection attacks that doesn't prevent you from auditing WEP and WPA wireless security. But to achieve this you have to learn and master some essential of linux connectivity tasks, and commands to set up network parameters using the console and troubleshoot results. You only have to check

the manuals, learn and practice all possible options of the following 5 commands to be succesfull with this nice integrated ipw2200 chipset:

- ifconfig - iwconfig - iwlist - modprobe - ping

aireplay only thing not working

Will not inject even with the patch enabled.

Kismet & AirMon didnot work for me.

Kismet did work for me.

Good tutorial for injection can be found here: http://tinyshell.be/aircrackng/forum/index.php?topic=1775.0

This tutorial worked out of the box for me, no driver patching required, however ony aireplay-ng injection attacks -2, -3, and -4 work though.

Injection is working alright, but you can only inject data frames (arp injecting works, for example). That means deauth and other attacks that may require management frames can't work. Bear in mind you must use rtap_iface=1 when loading the module to use the rtap interface, through which you can sniff while you inject in the eth interface (you have to do it that way or it won't work).

Be careful with the new 2.6 kernels, you may need to use irqpoll at boot to avoid an IRQ conflict on your computer -see below ipw3495 (in that case the conflicting device won't work at all so if it's just injection that fails, it's not an irqpoll problem).

We could not use any injecion on this due to it using Centrino technology.

WN360G

Driver : prism54/p54 Use a PCI to MiniPCI adapter with it. lspci output : FCC ID: QDWWN360G

01:07.0 Network controller: Intersil Corporation ISL3890 [Prism GT/Prism Duette]/ISL3886 [Prism Javelin/Prism Xbow] (rev 01)

Mini PCIe (Built in)

Gigabit Atheros card works, but you have to use 'airmon-ng start wifi0' to set it into monitor mode.

Broadcom 4311-based Dell Wireless 1390 adapter is detected and works as mentioned below. Monitor mode works but packet injection doesn't seem to be working.

Broadcom BCM4311 802.11b/g

Driver : bcm43xx Driver : bcmwl5.sys Notebook HP nx6315 Notebook HP nx7400 Notebook Dell Inspiron 1501 Notebook Dell Inspiron 1505\6400 Notebook Dell Latitude d820

D820 is detected and works but the BCM4311 chip does not work with packet injection

FCC ID: MXF-C941103G Notebook Dell Dell d520 Notebook Compaq/Dell V2000US is NOT working. Packets appear to send but

after testing on a separate card I was able to determine that NONE of the attack modes work properly.

Windows Drivers and Client Software: http://www.wireless-driver.com/download/broadcom/2007-6-26/Broadcom-4311-BCM4311KFBG-Driver_0.htm

PCI ID:BCM43XG, PCI\VEN_14E4&DEV_4320&SUBSYS_00E70E11BCM43XGT, PCI\VEN_14E4&DEV_4320&SUBSYS_12F4103CBCM43XG1, PCI\VEN_14E4&DEV_4320&SUBSYS_12F8103CBCM43XG2, PCI\VEN_14E4&DEV_4320&SUBSYS_12FA103CBCM43XG3, PCI\VEN_14E4&DEV_4320&SUBSYS_12FB103CBCM43XM1, PCI\VEN_14E4&DEV_4324&SUBSYS_12F9103CBCM43XM2, PCI\VEN_14E4&DEV_4324&SUBSYS_12FC103C

BCM43XG1, PCI\VEN_14E4&DEV_4318&SUBSYS_1355103CBCM43XG2, PCI\VEN_14E4&DEV_4318&SUBSYS_1356103C

BCM43XG3, PCI\VEN_14E4&DEV_4318&SUBSYS_1357103CBCM43XM1, PCI\VEN_14E4&DEV_4319&SUBSYS_1358103CBCM43XM2, PCI\VEN_14E4&DEV_4319&SUBSYS_1359103CBCM43XM3, PCI\VEN_14E4&DEV_4319&SUBSYS_135A103C

BCM43XG11, PCI\VEN_14E4&DEV_4311&SUBSYS_1363103CBCM43XG12, PCI\VEN_14E4&DEV_4311&SUBSYS_1364103CBCM43XG13, PCI\VEN_14E4&DEV_4311&SUBSYS_1365103CBCM43XM11, PCI\VEN_14E4&DEV_4312&SUBSYS_1360103CBCM43XM12, PCI\VEN_14E4&DEV_4312&SUBSYS_1361103CBCM43XM13, PCI\VEN_14E4&DEV_4312&SUBSYS_1362103CBCM43XM14, PCI\VEN_14E4&DEV_4312&SUBSYS_135F103C

IPW3945

Driver : IPW3945 Special Notes : Enable the drivers via KDE menu or cd

/usr/src/drivers/ipw3945-1.2.0/ && ./load Special Notes : Enters monitor mode, but cannot inject Special Notes : You may need to start the image with "bt irqpoll" Good way to

tell: you see what looks like function call backtraces on startup and the suggestion to run "bt irqpoll" scrolls by pretty fast. Check your dmesg for more details if it scrolls too fast for you.

IPWRAW (IPW3945 Monitor + Inject)

Driver : IPWRAW, A guide can be found [here] Or an easy to use lzm module can be found here [here] Note : This driver is not included in Backtrack2 by default. Special Notes : Locked in monitor mode and can be used in all aireplay-ng

attacks. For Kismet, edit your Kismet.conf to "source=ipw3945,wifi0,Intel" Notice: After starting airodump-ng only run one command at a time. If you do

not your system may hang or freeze.

ifconfig wifi0 down #Change to AP BSSID nano /sys/class/net/wifi0/device/bssid # Channel of AP nano /sys/class/net/wifi0/device/channel # Change from 108 to 2 nano /sys/class/net/wifi0/device/rate ifconfig wifi0 up airodump-ng rtap0 #wifi0 is used for all other commands.

IPW4965/IWL4965 agn

Monitor: yes, works natively on backtrack3 Injection: no, there are works being done on it.

To load the driver

modprobe iwl4965

Gigabyte GN-WS50G b/g

Driver: Madwifi-ng Managed: yes Monitor: yes Injection: yes

PCMCIA Cards

3COM 3CRWE154G72 v1

Driver : prism54/p54 Chipset : Intersil PrismGT FullMAC Notice : other revisions of this card are not prismGT FullMAC

3COM 3CRPAG175B with XJACK Antenna

Driver : Madwifi-ng Chipset : Atheros AR5212 Notes : detected at boot time, injection works, everything goes like in aircrack-

ng tutorials

Agere Systems ORiNOCO GOLD PC Card Classic

Notes: see Enterasys Roamabout 802.11 DS High Rate

AirLink101 AWLC4130

Driver : Madwifi-ng Chipset : Atheros Notes: Found at boot up. Forum users report 100% working, making this the

cheapest working Atheros (and maybe overall) card out there.

ASUS WL100G

Driver : bcm43xx

Chipset : Broadcom BCM43xx Notes: It is found at boot-up and is ready to go.

Belkin F5D6020 v3

Driver : Realtek Chipset : rtl8180 Notes: Requires terminal input of iwconfig and dhcpcd wlan0 Notes: Full capability and injection

Belkin F5D7010 V1000

Driver : bcm43xx Chipset : Broadcom BCM43xx Notes: Detected at boot-up and is ready to go. Didn't have an opportunity yet to

test the packet injection so can't report on that.

Belkin F5D7010 V3000UK

Driver : RT61 Chipset : Unknown will update later (SORRY) Notes : Detected at boot-up with final BT2 (ra0). I have no had any problem to

put it in Monitor mode; unfortunately packet injection does not work.


Driver : Atheros Chipset : Atheros Notes : Works great from what I could tell. Detected at boot-up with latest

BT2. Packet injection appears to work.


Driver : RT61 Chipset : Ralink Notes: after untar the files, in the Module dir, make clean, make debug and then

make install then modprobe rt61 debug=1

Belkin F5D7011

Driver : bcm43xx Chipset : Broadcom 4306 Notes: Picked up on boot and I can inject into my router without a problem.

Buffalo WLI-CB-G54HP

Driver : bcm43xx/b43 Chipset : Broadcom BCM4318 Notes: It is found at boot-up and is ready to go. Packet injection works

perfectly.

Use b43 driver and mac80211. bcm43xx will not show correct PWR levels in airodump-ng and may have issues with injection if not at PPS (Packets Per Second)

Cisco AIR-LMC350

Driver : airo_cs Chipset : Cisco Aironet Monitor mode HOWTO Special Notes : airodump-ng output on wifiX shows garbled output whilst ethX

does not work. Kismet will work with this card. More information: airo

Cisco AIR-PCM350-T

Driver : airo_cs Chipset : Cisco Aironet Monitor mode HOWTO Special Notes : airodump-ng output on wifiX shows garbled output whilst ethX

does not work. Kismet will work with this card. More information: airo

Cisco Aironet AIR-CB21AG-A-K9

Driver : Madwifi-ng Chipset : Atheros lspci : 03:00.0 Ethernet controller: Atheros Communications, Inc. AR5212

802.11abg NIC (rev 01)

Dlink DWA-645

Driver: Madwifi-ng/ath9k Chipset: Atheros AR5416 a/b/g/n External Antenna: None Internal Antenna: 3x Hirose u.fl H/W Rev A1 FCC ID: KA2DWA645A1 (PPD-AR5BCB-00071) H/W Rev B1 FCC ID (NOT SUPPORTED): KA2DWA645B1 Comments: Works on BT4b under both madwifi-ng (without n-draft mode I

think) and ath9k (but probably with no injection)

Be aware of H/W Rev: B1 as this contains Marvell chipset which is most likely not supported at all.

External pictures of Rev A1: https://fjallfoss.fcc.gov/prod/oet/forms/blobs/retrieve.cgi?attachment_id=643507&native_or_pdf=pdf

External pictures of Rev B1: https://fjallfoss.fcc.gov/prod/oet/forms/blobs/retrieve.cgi?attachment_id=662985&native_or_pdf=pdf

External pictures courtesy of fcc website.

Dlink DWL-650+

Driver : acx100 Chipset : Texas Instruments ACX100 Special Notes: Enable the drivers via KDE menu or cd /usr/src/drivers/acx100/

&& insmod ./acx100.ko

got an error and modified it a bit and it worked. cd /usr/src/drivers/acx100 && insmod ./acx.ko

Dlink DWL-G650

Driver : Madwifi-ng Chipset : Atheros AR5212 a/b/g For Kismet, edit your kismet.conf file (/usr/local/etc/kismet.conf) to

"source=madwifi_g,wifi0,Atheros" Notice: To set up into Monitor Mode type:

airmon-ng start wifi0 ifconfig ath1 up iwconfig ath1 mode Monitor

Dlink DWL-G630, 650+/-

Refer to this site for information.

Dlink DWL-G650M

Chipset: Atheros Communications, Inc. AR5005VL 802.11bg Wireless NIC (rev 01)

This chipset is not yet supported as it is a MIMO capable chip.

D-Link WNA-1330

Driver : Madwifi-ng Chipset : Atheros

When the card is enabled and in monitor mode it can not change back to channel 1 via iwconfig commands.

iwconfig ath0 channel 1

Will not work. It will not COMPLAIN either. So unless you are actually double-checking the freq you are on, you don't know that it's not working.

To get the card back on channel 1 for monitoring, you'll have to ifconfig ath0 down, iwconfig ath0 channel 1, and then ifconfig ath0 up.[3]

Enterasys Roamabout 802.11 DS High Rate

Driver : orinoco_cs, wvlan_cs, wavelan_cs Chipset : Hermes I Mode : 802.11b only (11Mbps) Driver capabilities : Connect + Monitor only Driver Source 1 : http://www.nongnu.org/orinoco/ Driver Source 2 : http://www.projectiwear.org/~plasmahh/orinoco.html Driver Source 3 : http://secure.enterasys.com/software/RoamAbout/CSIxD/linux/ Firmware supplied : Lucent/Agere 8.72 Firmware downloads source 1 : http://orinoco.gotchi.at/ Firmware downloads source 2 : http://www.andrewhakman.dhs.org/orinoco/files/ More information: http://airsnort.shmoo.com/orinocoinfo.html firmware extract (download for 2.6.28 and above)

howto: http://tuxsavvy.vox.com/library/post/computers-orinoco-hermes-firmware-extraction.html

Notes :

The firmware supplied cannot be used to monitor as orinoco_cs notes the firmware as buggy. Suggested to downgrade the firmware may help. You will need to downgrade to 7.52 and apply 3.2.1 patch.

http://gentoo-wiki.com/HOWTO_Orinoco_USB#Kismet Hermes I version for sniffing.

Update:

Theoretically one is able to use airjack to make hermes do some mitm attack however that will require more deeper analysis.

Gigabyte GN-WM01GT AirCruiserG Mach G

Driver : madwifi-ng Chipset : Atheros 2.4Ghz 802.11b/g 108Mbps with internal antenna. Notice : Seems to work 100%. Interface is: ath0

Lucent Technologies Orinoco Silver

Works perfectly out of the box. However, this card doesn't support packet injection because it is Hermes I based. It is perfect for wardriving and sniffing wireless networks though.

Note: see section: Enterasys Roamabout 802.11 DS High Rate

Linksys WPC11v4

Driver: rtl8180 Chipset: rtl8180 Notes: Requires terminal input of iwconfig and dhcpcd wlan0 Notes: Full capability including injection

Linksys WPC54G v3

Driver : bcm43xx/b43 Chipset : Broadcom Corporation BCM4318 [AirForce One 54g] 802.11g

Wireless LAN Controller (rev 02) Subsystem: Linksys WPC54G-EU version 3 [Wireless-G Notebook Adapter]

Monitor mode currently supported but injection may or may not work with bcm43xx. Apparently a new driver is coming out dubbed as b43 and is only available in either kernel >=2.6.24 and/or wireless-2.6 git. Injection will work after patching b43 via mac80211 stack. bcm43xx driver will soon be deprecated and for this chipset it will not indicate PWR levels with airodump-ng.

Motorola WN825G v2

Driver : bcm43xx Chipset : Broadcom 4306

Card is recognized in response to "iwconfig" but LEDs do not illuminate until "ifconfig eth# up". Injection not tested but should work similarly to other Broadcom cards. Seehere for Broadcom injection.

NetGear MA401

Driver : HostAP Chipset : Prism 2

To inject packets you have to load the HostAP driver. [4].

BT3 Users read this.

NetGear WPN511

Driver : Madwifi-ng Chipset : Atheros Comments: Monitor mode and packet injection supported. All current

supported attack modes 0-5 tested and working perfect.

NetGear WPN511 - Range Max

Driver : Madwifi-ng Chipset : Atheros AR5212 a/b/g Internal Antenna: 2 x Hirose UF.L. One of them has connector the other does

not have one soldered on. Comments: Monitor mode and packet injection supported. Also known as

WPN511GE, exactly the same chipset.

NetGear WG511T

Driver : Madwifi-ng Chipset : Atheros Notes: Works with Backtrack, (out of the box).

Supports all current Aireplay-NG attacks (-1,-2,-3,-4,-5)

If you can't get this card to run in Monitor mode try the following:

BT ~#airmon-ng stop ath0

BT ~#airmon-ng start wifi0

Then run iwconfig and check if ath0 is in Monitor mode. If it still isn't, try the following:

BT ~#ifconfig ath0 down

BT ~#airmon-ng start ath1

wifi0 should now parent ath1, and ath1 should be in Monitor mode. If it isn't, try:

BT ~#airmon-ng start wifi0

NetGear WAG511v2


NetGear WG511 v1

Driver : prism54/p54 Chipset : Intersil PrismGT FullMAC Notice : See here for Netgear's ambiguous naming of models. lspci : 03:00.0 Network controller: Intersil Corporation ISL3890 [Prism

GT/Prism Duette]/ISL3886 [Prism Javelin/Prism Xbow] (rev 01)

Works great with Backtrack 2 Final, have cracked many WEP keys. Supports packet injection. These cards are extremely rare but they sport 2x Hirose U.F.L connectors internally.

NetGear WG511 v2

Driver : prism54/p54 Chipset : Intersil PrismGT FullMAC Notice : See here for Netgear's ambiguous naming of models. lspci : 03:00.0 Network controller: Intersil Corporation ISL3890 [Prism

GT/Prism Duette]/ISL3886 [Prism Javelin/Prism Xbow] (rev 01)

Like its brother NetGear WG511 v1 this one also works well except it only has 1x Hirose U.F.L connector. See here for information on external antenna hack.

NetGear WG511 v3

Driver : p54 Chipset : Conexant PrismGT SoftMAC

Notice : See here for Netgear's ambiguous naming of models.

This card requires compat-wireless or kernel build later than 2.6.24 mainly because its a softmac and it was not heavily supported until the release of p54. The release of p54 driver depends on mac80211 rather than ieee80211 (old and deprecated support for other softMAC based devices). Do not hold your breath for monitor/injection support either.

NetGear WG511v2

Chipset : Marvell lspci : Marvell Technology Group Ltd. 88w8335 [Libertas] 802.11b/g Wireless

(rev 03) lspci -n : 11ab:1faa (rev 03) FCC ID : PY3WG511V2H1 CANADA ID : 4054A-WG511V21 CE : 0470

There are no native linux driver support for this chip. If you want to gain native linux driver support, you should email Marvell directly.

Netgear WG511U

Driver : Madwifi-ng Chipset: Atheros AR5212 a/b/g External Antenna: None Internal Antenna: 2 x Hirose UF.L. One of them has connector the other does

not have one soldered on.

NetGear WPN511GR


Netgear WPNT511

Driver: N/A *Windows only: ndiswrapper* Chipset: Airgo AGN300 True MIMO External Antenna: None Comments: No linux drivers yet. Ndiswrapper may work for normal connection

but nothing else. Update: Linux native (alpha stage)

available: http://sourceforge.net/projects/agnx80211driver/. This requires kernel

version either 2.6.24 or wireless-git-2.6.24 package. Not recommended for beginners and not patched at all yet.

PROXIM ORiNOCO 802.11b/g Gold (Model: 8470-WD)

Driver : Madwifi-ng Chipset : Atheros Notice : To set monitor mode type "airmon-ng start wifi0" and then use ath1 If your card does not appear to be recognized when you first insert it, type

"modprobe ath_pci" and then run "dmesg" again. For Kismet, edit your Kismet.conf to "source=madwifi_g,wifi0,Atheros"

Windows Drivers and Client Software: http://support.proxim.com/cgi-bin/proxim.cfg/php/enduser/std_adp.php?p_faqid=1082

Linux Drivers: http://www.madwifi.org

Senao NL-2511CD/SL-2511CD PLUS EXT2

Driver : HostAP (wlan-ng drivers have been removed from BT2 final. See here to use HostAP driver)

Chipset : Prism 2.5 Firmware : 1.74 is suggested, check [here] for instructions. FCC ID: NI3-2511CD-PLUS3 For Kismet, edit your Kismet.conf to "source=hostap,Wlan0,Prism2" Notes: If you are using orinoco_cs drivers, you need to follow this as

orinoco_cs is not recommended for this device.

BackTrack3 Users should try this OR this if their card is not automatically detected under BT3 or no injection is available.

To raise the output of this card to 250mw Not verified

Caution! This might destroy your card if you do not know exactly what your doing!The change in readmif seems stable only in Master mode.

ifconfig wlan0 upiwpriv wlan0 alc 0iwpriv wlan0 readmif 116 [-> actual powertx value]iwpriv wlan0 writemif 62 49 [-> I've no idea at all why "49"]iwpriv wlan0 readmif 116 [-> now showing something around 252]

With a Spectran HF-2025E spectrum RF analyzer from elektrosmog.deHere are the results: [5] [6] [7] Force the card to give the maximum txpower.

iwpriv wlan0 alc0iwpriv wlan0 writemif 62 128

Force the card to give the somewhat minimum txpower.

iwpriv wlan0 writemif 62 127

Sitecom WL-100b

Driver: bcm43xx Chipset: Broadcom 4306 External Antenna: None Notes: Tested with BackTrack 3 beta released on 14th December 2007, 700MB

CD version (bt3b141207.iso). Notes: Both monitor mode and packet injection work fine (with the following

caveats below). Notes: The wireless interface is eth1, and it must be "brought up" before use.

The command to do this is:

ifconfig eth1 up

You will now see the "Power" and "Link" lights have turned on, which indicates that the card is ready for use.

Notes: When using the --arpreplay option of aireplay-ng, the default packet speed is too fast for the bcm43xx driver to handle, so it keeps crashing every hundred packets or so. To fix this, add option: "-x 30" to the command line, which will limit aireplay-ng to 30 packets per second. I've found that "30" is the highest value it can take without crashing. This will slow things down quite a bit, but not too badly and at least it works.

SMC 2532W-B

Driver : HostAP Chipset : prism2.5

SMC SMC2536W-AG

Driver : Madwifi-ng Chipset : Atheros AR5212 a/b/g

External Antenna : None

SMC WCB-G


SWEEX LW051 ver:1.0

Driver : Madwifi-ng Chipset : Atheros AR2413A Notes: It is found at boot-up and is ready to go, but BT2 says it is a AR5212

which seems to make no difference. Packet injection works perfectly.

TP-link SuperG&eXtended Range 108M Wireless Cardbus Adapter(TL-WN610G)

Drivers : MadWifi-ng Chipset : Atheros AR5212 802.11abg NIC (rev 01)

[External Antenna Modification]

TP-link eXtended Range 54M Wireless Cardbus Adapter (TL-WN510G)

Drivers : MadWifi-ng Chipset : Atheros AR5212 b/g

Ubiquiti SRC

Driver : Madwifi-ng Chipset : Atheros AR5212 a/b/g FCC ID: SWX-SRC lspci : 03:00.0 Ethernet controller: Atheros Communications, Inc. AR5212

802.11abg NIC (rev 01)

Product Page

Wistron WLAN 802.11a/b/g Cardbus CB9-GP

Driver : madwifi-ng Chipset : Atheros AR5212

X-Micro WLAN 11g PCMCIA Card (XWL-11GPAG)

Driver : Madwifi-ng

Chipset : Atheros

ZCom XI-325HP+

Driver : HostAP Chipset : Prism 2.5

Zyxel ZyAIR G-100 PCMCIA Card (FCC ID:N89-WE601l)

Driver : prism54/p54 Chipset : Intersil PrismGT FullMAC

USB Dongles

Airlink101 AWLL3026

Driver : zydas Chipset: zd1211rw Nice USB Dongle. Inexpensive (<$10). Easy to antenna mod. Full capability

and injection

ALFA Networks AWUS036E

Driver : rtl8187 (mac80211, kernel >=2.6.24)/r8187 (ieee80211, kernel <=2.6.24)

Chipset : Realtek 8187L For Kismet, edit your Kismet.conf to "source=rt8180,wlan0,ALFA"

Notes : You can turn this device to go ~300mW but do be warned that this may damage your device. Also WPA under this mode is not supported.

ALFA Networks AWUS036H


Chipset : Realtek 8187L For Kismet, edit your Kismet.conf to "source=rt8180,wlan0,ALFA"

This card works out of the box including injection with BackTrack3.

Notes : There is a common misconception with regards to this device requiring two USB connectors. This device does not exactly need both USB connectors plugged in for it to work. The only reason why it was provided with two USB

connectors is because of an instance whereby a person uses either an unpowered USB hub and/or the output from the computer's USB port is inadequate (very rare case for computers to do that, most do power their USB ports) and with other USB devices hooked onto either the unpowered USB hub or computer's USB ports there may not be enough power for the USB network dongle to work. So having the second USB connector plugged in gives the USB network dongle a slightly upper hand advantage in being provided with more power.

ALFA Networks AWUS036S

Driver : rt73 Chipset : Ralink RT73

This card works out of the box including injection with BackTrack3. You will need to ifconfig device up before you can set monitor mode, etc.

ASUS WL-167G

Driver : rt73 (older version rt2570). Chipset : rt2571WF (older verson Ralink 2570). v3 use RTL8192SU

Notice : Range is moderate but both monitor mode and injection work perfectly. Injects IV's at a very slow rate (about 300-500 IV's per minute), taking about 35 hours to collect 1,000,000 IV's.

Update : Injection is faster under bt4 beta (300-400pps). Just need to ifconfig wlan0 up to use it.

Warning : v3 use the new RTL8192SU chipset, which does not support monitor mode (i.e. no aircrack support).

AVM Fritz!Wlan USB V1.1

Driver : ndiswrapper Chipset :Texas Instrument TNetW1450 Notice : NdisWrapper will never work with Aircrack-ng Suite

Notice : Works fine even with WPA/WPA2 encryption.Used ndiswrapper version 1.39 and the windows drivers from the cd.

Belkin F5D7050 V1

Driver : rt2570 Chipset : rt2571F

Worked fine upon boot. My version 3 card did not go into monitor mode.

Later versions (don't know which ones) use the bcm43xx chipset from broadcom. 'modprobe bcm43xx' then 'ifconfig -a' you will see your adapter as ethX

o It will not inject packets **

Belkin F5D7050 (4000 series)

Driver : zd1211rw Chipset : zd1211b

Upon boot, works fine in monitor mode but doesn't inject packets. However, if you patch the kernel following the instructions at [8], packet injection works great. After patching, all of the various attacks (fragementation, chopchop, arp replay, fakeauth) work fine with aircrack-ng.

Belkin F5D7050B

Driver : rt73 Chipset: Ralink 2570

Works fine on boot including packet injection.

Notes: FCC ID k75-f5d7050b is reported to not being able to detect APs, possibly due to different radio chip.

Belkin F5D7050E

Driver : rtl8180 (mac80211 stack) Chipset: Realtek RTL8187B FCCID : K7SF5D7050E

You will need compat-wireless2.6 along with rtl8180 driver to get this working.

Belkin F5D7051

Driver : rt73+rt2570/rndis_wlan (mac80211_stack) Chipset: rt2570/bcm4320

Belkin have changed the chipset that they use in the usb adapters apparently. They now use the bcm4320 chipset instead of the rt2570. The bcm4320 drivers will only work with rndis_wlan which requires mac80211. There will probably be no support for rndis_wlan in terms of monitoring/injecting.

Owners of the older version of the hardware (with rt2570) are recommended to use serialmonkey's/ASPj's driver which should already be included in the backtrack.

Buffalo Airstation G54 WLI-U2-KG54-AI (2A)

Driver : rt2570 Chipset : Ralink 2570

Chiefmax

Driver : RT73 Chipset : rt2571WF

D-Link DWL 122 (USB) F/W 3.2.1 H/W A1

Driver : wlan-ng Chipset : prism 2.5 Notice : There are drivers for injection however they only work on 2.6.11

kernels or older.

D-Link DWL G122 (USB) F/W 2.03 B1

Driver : rt2570 Chipset : Ralink 2570 lsusb : Bus 1 Device 3: ID 2001:3c00 D-Link Corp. [hex] DWL-G122 802.11g

rev. B1 [ralink] Notice : rev. C1 uses [ralink] RT73

This dongle must be tweaked if u want to inject with it. Additionally, its covering is very limited, recommended a cantenna!!!

Rev B1 users read here VERY IMPORTANT (credit goes to allelectrix from aircrack-ng forum)

D-Link WUA-1340

Chipset: Ralink 2571 (RT73) Driver : rt73

Chipset : Ralink Notice : Follow instructions for using driver with aircrack-

ng: http://www.aircrack-ng.org/doku.php?id=rt73

Edimax EW-7317UG

Driver: zd1211rw Chipset: zd1211 Notice: After updating aircrack suite to aircrack-ng 1.0 dev. Monitor mode and

packet injection supported.

Edimax EW-7318USG

Driver : rt73 Chipset : Ralink Notice : Follow instructions for using driver with aircrack-

ng: http://www.aircrack-ng.org/doku.php?id=rt73

Hawking HWUG1

Driver: rt73 Chipset: ralink Injection and monitor mode work fine, just have to "ifconfig rausb0 up" and it

works

Hawking HWU8DD

Driver: Rev. A: unknown Rev.B: zd1211rw Chipset: Rev. A: zd1211 (not supported) Rev. B: zd1211b (supported) lsusb: Rev. A: unknown Rev. B: 0ace:1215 ZyDAS WLA-54L WiFi? Credits: Talkie Toaster/openxs

The only way to tell the difference between Rev. A and Rev B. is by the sticker on the actual device (on the bottom) or the actual CD. Apart from that, on the box/packaging it would have vista ready sticker for Rev. B

Linksys WUSB54g v4

Driver : rt2570 Chipset : Ralink 2570

No problems with any injection (kismet, airodump...). Very good USB dongle.

Does not capture WPA/WPA2 handshake.Update driver to v.1.6.0

Extremely easy to antenna mod.

Linksys WUSB54g v4 users read here VERY IMPORTANT (credit goes to allelectrix from aircrack-ng forum)

Linksys WUSB54GC

Driver : RT73 Chipset : Ralink Technology, Corp. 802.11b/g WiFi Notice 1: The interface is named rausb0, not eth0 or ath0 etc. Notice 2: Built-in [BackTrack] Driver does not support fragmentation attack;

however, the following driver does:

http://homepages.tu-darmstadt.de/~p_larbig/wlan/rt73-k2wrlz-2.0.1.tar.bz2

Needs activation before use

bt ~ # ifconfig rausb0 up bt ~ # iwconfig rausb0 mode monitor

Everything works out of the BT3 box!

Linksys WUSB600N

Driver : rt2870 (modified by hirte and nemesis) Chipset : Ralink rt2870 a/b/g/n

You will need kernel.lzm and to compile the included driver from the link above.

MicroEdge MEG55A Wireless-G USB Dongle

Driver : rt2570 Chipset : Ralink rt2570 Notice : Works fine out of the box. airmon-ng start rausb0 kicked straight into

monitor mode, successfully reinjects packets while monitoring.

NetGear MA111

Driver : wlan-ng (requires patched version which cannot be used on kernels > 2.6.20)

Chipset : Intersil Prism 2.5 FCC ID: PY3MA111 (links to M4Y-00735)

lsusb: 0846:4110

This is a very old device that will never be supported for the time being. Users can read here

NetGear WG111v2

Driver : rtl8187 (mac80211, kernel >=2.6.24)/r8187 (ieee80211, kernel <=2.6.24) // p54 (mac80211)

Chipset : Realtek RTL-8187L // Intersil-Conexant GW3887 FCC ID : PY305400026 // PY3WG111V2

Be careful not all wg111v2 sticks have the realtek chipset the v2 with the word netgear set into the stick. To verify the differences, type `lsusb' when you have the device connected. Apparently, older versions of this card is equipped with Conexant and the later versions are with Realtek. There has been no easy way of identifying the difference between the two apart from checking the FCC ID or via plugging it in.

USB ID: 0846:6a00 is Realtek RTL-8187L chipset USB ID: 0846:4240 is Intersil/Conexant GW3887 chipset

RTL8187L users : Drivers are available on the forum however the range on this card in my opinion is poor.

GW3887 users : Use p54usb driver. You will need firmware for this and the current status for monitoring/injection is unknown.

NetGear WG111T

Driver : ndiswrapper Chipset : Atheros AR2112A-00 FCC ID: PY3WG111T Notice : NdisWrapper will never work with Aircrack-ng Suite

You can breath life to your small USB-WG111T by doing the next steps:1)Download and extract the driver (using wine?) from NetgearAs of 2008-03-29, driver 2.1 is here: http://kbserver.netgear.com/release_notes/d103172.asp2)change to root shell 'sudo su -'3)rmmod ndiswrapper4)ndiswrapper -i netwg11t.inf4)modprobe ndiswrapper5)iwconfig

Netopia ter/gusb-e

Driver : rt2570 Chipset : Ralink Technology, Corp. 802.11g WiFi Notice : works fine as i know

OvisLink Evo-w54usb

Driver : rt2570 Chipset : Ralink 2570 Notice : injection works, just have to "ifconfig rausb0 up" before anything

Rosewill RNX-G1(W)


Chipset : Realtek 8187L Notice : Works right out of the box on BT2 and BT3, enable monitor mode

with airmon-ng.

SafeCom SWMULZ-5400

Driver : zd1211rw Chipset : zd1211b Notice : Works with packet injection with new patch found in aircrack-ng 0.8

TP-Link TL-WN321G

Driver : rt73 Chipset : Ralink Technology, Corp. RT2501USB Wireless Adapter Notice : At first I plugged this in to my computer,and it didn't work. airodump-

ng rausb0 showed no APs detected. Updating to the latest driver made this work. Once I got this card working, it detected more AP's than my WMP54G and my Netgear WG111v2, injected as well as either, but did not report Power properly.

Here are the steps to update the driver and make this card work:

Download the latest driver from http://homepages.tu-darmstadt.de/~p_larbig/wlan/As of 2009-04-16, the latest driver is 3.0.2http://homepages.tu-darmstadt.de/~p_larbig/wlan/rt73-k2wrlz-3.0.2.tar.bz2

ifconfig rausb0 downairdriver-ng remove 31tar xvjf rt73-k2wrlz-3.0.2.tar.bz2

cd rt73*/Modulemakemake installmodprobe rt73ifconfig rausb0 up

USB WiFi Booster Kit with 5dbi Indoor Dipole

Driver: zd1211rw Chipset zd1211b lsusb: 0ace:1215 FCC ID: ???

Tested to work on bt2 and bt3. With bt2 there's issues with airodump-ng as it sometimes output garbled letters in various fields notably in the ESSID section. In bt3 the issue is fixed but it drops the packets out instead of properly processing them, something to do with rate limiting.

ZyDAS 1211

Driver : zd1211rw Chipset : ZyDAS Chipset

Notice 1 (properly for BT2): For basic functionality, you need to get the firmware from [here], untar it to /usr/lib/firmware/ - reinsert the card and the firmware should load OK. Addendum: I had to unzip to /lib/firmware/zd1211, but after that it worked fine.

Notice 2 (for BT3): Test with 1211b / Lutec USB Stick:

Works out of the box in monitoring mode, runs as eth1 (on my box, yours may differ). Injection is possible without any driver or kernel modding, but ONLY with SpoonWEPs POS801 attack (didn´t find the according aireplay mode, airreplay standalone DID NOT work!). Besides, for me WEP cracking did only work like this - but then without any problems:

a.) "airodump-ng eth1", get bssid, close it

b.) start SpoonWEP. It´s only used for starting the correct airreplay mode.

c.) Select 2nd Attack Option (POS801..), this is the ONLY attack-mode which will work with 1211b!

d.) Close SpoonWEP`s WS-Dump window, keep SpoonWEP`s Mainwindow = aireplay thread running

e.) start airodump-ng again, dump data traffic now

f.) start aircrack-ng manually

g.) you are done!

for more help with the commands check: http://blip.tv/file/930698/

Conclusion: not perfect, but cheap USB-Dongle WEP-Cracking out of the box - without any patching - if u know what to do.

-> *NOOB-Compatibility Award*

Still, Realtek-USB-Chipset more recommended if u can find it, can run SpoonWEP without any hacks.

SMCWUSB-G EU

Appears to use a ZD1211 chipset.

MSI US54SE

Version 1

Appears to use a ZD1211 chipset.

Version 2

Uses rt73 chipset. Notice: This particular rt73-Version is not supported, yet.

Retrieved from "http://backtrack.offensive-security.com/index.php/HCL:Wireless"

Wireless Cards & USB Wireless

Documents

netgear wpn511gr

netgear wpnt511

netgear ma401

netgear wg511t

netgear wg511u

netgear wg511v2

netgear wag511v2

netgear wg311t