Monitor Mode RT5370

Looking for a cheap USB wifi dongle which supported monitor mode I came across this one from TP-Link. I wanted a small dongle that I could always carry with me and that enabled the use of monitor mode inside a virtual machine.

It was priced at ~10€ and used the Ralink RT5370 chipset. Unfortunately the drivers Ralink provides do not support monitor mode yet. Luckily the chipset is compatible to the (more or less proven) rt2800usb drivers.

I had some issues with the rt2800usb drivers provided by Backtrack, so I installed the latest Compat-Wireless drivers myself. There is also one patch that needs to be applied:

wget http://www.orbit-lab.org/kernel/compat-wireless-3-stable/v3.6/compat-wireless-3.6.2-1.tar.bz2
tar xvf compat-wireless-3.6.2-1.tar.bz2
cd compat-wireless-3.6.2-1
wget http://patches.aircrack-ng.org/mac80211.compat08082009.wl_frag+ack_v1.patch
patch -p1 < mac80211.compat08082009.wl_frag+ack_v1.patch
make
make install
make wlunload

I then removed the rt5370sta driver from the boot and loaded rt2800usb:

sed -i '/rt5370sta/d' /etc/modules;sudo modprobe -r rt5370sta && modprobe rt2800usb

In order to switch the card to monitor mode simply use airmon-ng (don't forget to kill dhclients first):

airmon-ng stop wlan0
airmon-ng start wlan0
airodump-ng -i mon0

Airodump-ng should now display all networks and clients nearby.

Finally to verify that injection is working:

aireplay-ng -9 -e 00:11:22:33:44:55 mon0