An easy way to increase TX Power for Wi-Fi in Kali Linux and BlackArch

How to increase txpower to 36.00 dBm

The article “How to increase TX-Power of Wi-Fi adapters in Kali Linux” discusses the theory and different approaches to increasing the TX Power to 30.00 dBm and removing restrictions on the use of blocked Wi-Fi channels. The article is quite long and some points are already outdated. Nevertheless, it is recommended for review, as it addresses such questions as: 1) why it is needed at all; 2) how to increase power by changing the region; 3) why txpower of some Wi-Fi adapters does not rise above a certain value.

A long time ago, for users of Arch Linux and BlackArch, a person with the nickname muhviehstarr (Timo Sarawinski) created the wireless-regdb-pentest package in the AUR, which is a Central Regulatory Domain Database with txpower/channels values modified for pentesters.

I took the recipes from the PKGBUILD file of the wireless-regdb-pentest package and rewrote them into Bash commands suitable for running on Kali Linux.

I also used a patch (https://github.com/buildroot/buildroot/tree/master/package/crda) and added a few commands to make the tools compatible with Python 3.

How to Boost TX Power for Wi-Fi in Kali Linux

Create the wireless-regdb-pentest.sh file:

gedit wireless-regdb-pentest.sh

And copy the following into it:

#!/bin/bash

# all thanks to this awesome guy! => https://aur.archlinux.org/packages/wireless-regdb-pentest/
# thanks to them too https://github.com/buildroot/buildroot/tree/master/package/crda

which pacman > /dev/null 2>&1
if [[ $? -eq '0' ]]; then
	sudo pacman -Sy iw libgcrypt libnl sh systemd python-attrs python-m2crypto python-pycryptodomex --needed --noconfirm
else
	which apt > /dev/null 2>&1
	if [ $? -eq '0' ]; then
		sudo apt update
		sudo apt -y install python3-m2crypto libssl-dev libnl-3-dev pkg-config libgcrypt20-dev python3-pycryptodome libnl-genl-3-dev
	else
		echo 'Man, I am really lost...'
		exit 1;
	fi
fi

wget 'https://git.kernel.org/pub/scm/linux/kernel/git/mcgrof/crda.git/snapshot/crda-4.14.tar.gz'
wget 'https://www.kernel.org/pub/software/network/wireless-regdb/wireless-regdb-2020.04.29.tar.xz'
curl 'https://aur.archlinux.org/cgit/aur.git/plain/0001-Makefile-Don-t-run-ldconfig.patch?h=wireless-regdb-pentest' > 0001-Makefile-Don-t-run-ldconfig.patch
curl 'https://aur.archlinux.org/cgit/aur.git/plain/0001-Makefile-Link-libreg.so-against-the-crypto-library.patch?h=wireless-regdb-pentest' > 0001-Makefile-Link-libreg.so-against-the-crypto-library.patch
curl 'https://aur.archlinux.org/cgit/aur.git/plain/crda.conf.d?h=wireless-regdb-pentest' > crda.conf.d
curl 'https://aur.archlinux.org/cgit/aur.git/plain/db.txt?h=wireless-regdb-pentest' > db.txt
curl 'https://aur.archlinux.org/cgit/aur.git/plain/set-wireless-regdom?h=wireless-regdb-pentest' > set-wireless-regdom
curl https://raw.githubusercontent.com/buildroot/buildroot/master/package/crda/0001-crda-support-python-3-in-utils-key2pub.py.patch > 0001-crda-support-python-3-in-utils-key2pub.py.patch

tar xf wireless-regdb-2020.04.29.tar.xz
tar xvzf crda-4.14.tar.gz

cd crda-4.14
patch -p1 -i ../0001-Makefile-Link-libreg.so-against-the-crypto-library.patch
patch -p1 -i ../0001-Makefile-Don-t-run-ldconfig.patch
patch -p1 -i ../0001-crda-support-python-3-in-utils-key2pub.py.patch
sed -i 's/#!\/usr\/bin\/env python/#!\/usr\/bin\/env python3/' ./utils/key2pub.py

cp ../db.txt ../wireless-regdb-2020.04.29/db.txt

export CC=gcc
export CXX=g++
cd ../wireless-regdb-2020.04.29/
make mrproper
export REGDB_AUTHOR=root
sed -i 's/#!\/usr\/bin\/env python/#!\/usr\/bin\/env python3/' *.py
make
cd ../crda-4.14
cp ../wireless-regdb-2020.04.29/root.key.pub.pem pubkeys/

sed -i 's/python utils\/key2pub.py/python3 utils\/key2pub.py/' Makefile
make REG_BIN=../wireless-regdb-2020.04.29/regulatory.bin

sudo install -d -m755 /usr/lib
sudo mkdir -p /usr/lib/crda/pubkeys
sudo make DESTDIR="" UDEV_RULE_DIR=/usr/lib/udev/rules.d/ SBINDIR=/usr/bin/ install
cd ../wireless-regdb-2020.04.29/

sudo install -D -m644 ../wireless-regdb-2020.04.29/root.key.pub.pem /usr/lib/crda/pubkeys/root.key.pub.pem
sudo install -D -m644 ../wireless-regdb-2020.04.29/regulatory.bin /usr/lib/crda/regulatory.bin

# let’s skip this bashisms
# (if LD_LIBRARY_PATH=../crda-4.14 ../crda-4.14/regdbdump /usr/lib/crda/regulatory.bin > /dev/null) && (echo "Regulatory database verification was succesful.") || (echo "Regulatory database verification failed.")

sudo install -d -m755 /usr/lib/firmware
sudo install -D -m644 ../wireless-regdb-2020.04.29/regulatory.db /usr/lib/firmware/regulatory.db
sudo install -D -m644 ../wireless-regdb-2020.04.29/regulatory.db.p7s /usr/lib/firmware/regulatory.db.p7s
sudo install -D -m644 ../wireless-regdb-2020.04.29/LICENSE /usr/share/licenses/wireless-regdb/LICENSE
sudo install -D -m644 ../wireless-regdb-2020.04.29/regulatory.bin.5 /usr/share/man/man5/regulatory.bin.5
sudo install -D -m644 ../crda.conf.d /etc/conf.d/wireless-regdom

# sudo su # if you type the commands, you have to be root now
for dom in $(grep ^country ../wireless-regdb-2020.04.29/db.txt | cut -d' ' -f2 | sed 's|:||g'); do echo "#WIRELESS_REGDOM=\"${dom}\"" >> /etc/conf.d/wireless-regdom.tmp; done
sort -u /etc/conf.d/wireless-regdom.tmp >> /etc/conf.d/wireless-regdom
rm /etc/conf.d/wireless-regdom.tmp
# CTRL+d

sudo install -D -m644  ../wireless-regdb-2020.04.29/LICENSE "/usr/share/licenses/wireless-regdb/LICENSE"

# Not sure if this is necessary since the crda package is already installed above. 
# But without these lines, I did not find crda in the system
cd ../crda-4.14
sudo make install

Run like this:

sudo bash wireless-regdb-pentest.sh

After the script is finished, restart your computer.

Result:

You no longer need to enter any commands to increase the power of Wi-Fi adapters. But sometimes the power increases only after the second connection of the device to the computer.

How to increase TX Power for Wi-Fi in BlackArch

Obviously on Arch Linux and BlackArch it is possible to install wireless-regdb-pentest from the AUR.

But the problem is that the official Arch Linux repository no longer contains the python2-m2crypto package, which is a dependency for wireless-regdb-pentest.

BlackArch does not have this problem because the BlackArch repositories have the python2-m2crypto package saved.

That is, in BlackArch, to increase Wi-Fi power, just install pikaur, and then run the command:

pikaur -S wireless-regdb-pentest

Arch Linux users can use my script above. The Arch Linux version differs only in that it uses the pacman package manager instead of apt, otherwise the commands are identical.

After the script is finished, restart your computer.

Result:

Does boosting TX Power for Wi-Fi work at all?

I met opinions on the Internet that these figures do not affect anything. Not in the sense that they do not affect, in which I explained in the previous instruction “How to increase TX-Power of Wi-Fi adapters in Kali Linux”, but do not work at all. I already wrote that TX Power is how much the Wi-Fi adapter “screams” and, in fact, usually there is enough TX power. In my opinion, such a characteristic as sensitivity is no less important, that is, figuratively speaking, how well the Wi-Fi adapter “hears”. And this instruction does not improve the sensitivity in any way (but this can be done by installing a larger antenna, or initially you need to choose a Wi-Fi adapter with good sensitivity – it depends on the chipset).

To put it quite simply, will an increase in TX Power affect the number of successful attacks? Maybe not. I would start by replacing the antenna with a larger one (if that fits your Wi-Fi adapter).

As for the statement of one of the users that he took measurements using a USB tester and did not see any difference after increasing the TX Power, then I think that this is not true. I also took measurements with a USB tester. So, the power consumption of a Wi-Fi adapter is floating and changing too quickly to even understand anything. That is, you can take physical measurements and make sure that the TX Power has increased, but not with the help of a USB tester.

I see no reason not to trust the value of txpower in the output of iw dev.

Recommended for you:

11 Comments to An easy way to increase TX Power for Wi-Fi in Kali Linux and BlackArch

  1. psyh0x says:

    not working ..

    tx power stay the same with 3 of my wifi cards

    ─$ iw dev                                                                                                                                                         1 ⨯
    phy#1
            Interface wlan2
                    ifindex 5
                    wdev 0x100000001
                    addr ae:e3:04:cd:7a:39
                    type managed
                    txpower 20.00 dBm
    phy#2
            Interface wlan1
                    ifindex 4
                    wdev 0x200000001
                    addr 52:51:f1:ef:54:d3
                    type managed
                    txpower 20.00 dBm
    phy#0
            Interface wlan0
                    ifindex 3
                    wdev 0x1
                    addr a0:88:b4:7f:9d:2c
                    ssid HOTBOX 4-DFD0-5GHz
                    type managed
                    channel 52 (5260 MHz), width: 40 MHz, center1: 5270 MHz
                    txpower 15.00 dBm

     

     

    • Alex says:

      Hello! If the Wi-Fi adapter does not support TX power more than allowed 20 dBm, as in your case it happened with wlan0, which even with allowed 20 dBm has txpower 15.00 dBm, then the device will not have TX power more than its capabilities.

      That is, in your case for wlan0, this should not have worked.

      As for the other two wireless adapters, I can't say anything definite. Try unplug and plug them.

      Did you pay attention to possible errors during script execution? Maybe for some reason it didn't work.

      I have 4 Wi-Fi adapters based on Realtek, Atheros, Intel chipsets, they all show increased power in the range of 22-36 dBm.

      You can do the following:

      1. Run the script again and pay attention to possible errors. Please clean the folder of downloaded files first.

      2. Check the values that the command outputs

      iw reg get

      3. Try restarting your computer – increased TX power values are not always stable and may drop to standard values for no apparent reason

  2. turbonalesnik says:

    Hi!

    I tried and it really works, but Tx goes back to 20 dbm as soon as I enter monitor mode… Any soluntions?

    Thanx 🙂

  3. Nannino says:

    Hi

    it only worked in the beginning, and only in STATION mode, but not anymore.

    Can you explain why the old guide no longer works on Kali ?

    It still works perfectly on Xubuntu.

    Thanx

    • Alex says:

      it only worked in the beginning, and only in STATION mode, but not anymore.

      You can see from the screenshot in this comment that this is not true.

      The problem with the previous guide is that the crda package has been removed from the Kali Linux repositories and I was unable to compile crda due to errors.

      The guide, under which I am now writing a comment, shows what patches to apply to crda so that this package can be compiled. Therefore, the old instruction can be brought back to life.

  4. anonim says:

    its possible to make this but in live Kali from USB ?

  5. Anonymous says:

    hello alex
    What kali version are you using it on?

Leave a Reply

Your email address will not be published.