I started the course on 6 July 2022 (Learn One subscription). Lots of note taking, prints of outputs. As with any Off Sec course, external references are supplementary for OSWP as well.
Radio Aspects: Radio elements – Spectra, Antennae, Modulations, Frequencies, Spatial Streams, Antenna Diversity versus MIMO, etc. There were instances I referred CWNP 802.11 videos from their YouTube channel – CWNPTV.
Wifi Encryption Aspects: Rasika Nayanijath’s blog – mrncciew.com is a great site for references regarding all the encryption/cryptography material required. The diagrams, flow charts he included as part of his CWSP notes are priceless materials to refer.
Then comes the hardware part where you try different wireless cards for their scanning abilities, changing modes, etc. Each utility gives you different set of information.
I initially purchased an Alfa AWUS1900 (b/g/n/a/ac) with RTL8814AU chipset, installed 8814AU driver from morrownr. Sudo iw list says that this card supports monitor mode, but when I use iw dev to add an interface or to change the mode to monitor, my VM is freezing. iwlist [interface] scanning works perfectly fine. When I try to scan with iw utility, I see an error – device or resource busy (-16).
And then I purchased Alfa AWUS036NEH (b/g/n) with RT3070 chipset, without the need of installing any drivers, its working with rt2800usb from in the box. Iw utility is working perfectly fine with this card. Adding interfaces, changing the modes, seems to be friendly. Haven’t tried injection yet (as of today – 19 Sep 2022). Will update this section once I try injection. Once I change the mode from monitor to managed, I can see my VM isn’t able to see the wireless networks available – probably something to do with the NetworkManager service. I tried restarting the NetworkManager service but still the same issue -rebooting the VM solved it. Probably I’m missing something.
In some instances in the course, you will find commands piped with grep (for the SSID, frequency, channel numbers from the output). I’m having issues with these type of commands – either they will work the first time, or I need to issue the same command until I see the output. Sometimes the terminal is taking around 10 seconds to process the command. I’ve read somewhere – I don’t remember where exactly, may be on aircrack-ng documentation; it was mentioned that these tools work on a best effort basis. So if you don’t see the output the first time, but the command runs successfully, don’t think its not working. It could mean that you might need to try it atleast 4 to 12 times.
The first time I started the wireshark capture, it didn’t work, atleast for 3 times. There were no packets captured. But I restarted wireshark for about 3 instances, it started working. I wait for around 40 seconds to see wireshark starting to capture the packets – its not immediate as how its on Windows.
Tcpdump is working well with NEH. No issues faced yet.
My Alfa AWUS036ACH (b/g/n/ac) is on the way. I will update my experience with this card once its delivered and I try it.
Will try to do the home lab building part – access point this week and update it.
My exam to be scheduled, taken before 31st Dec 2022. Work life is sucking my productivity.
Edit on 26 Sep 2022:
I figured my iw utility isn’t seeing the interface in monitor mode:
samuelrajkandru.wordpress.com 