How to Improve Wi-Fi Signal

There are situations when we have access to a Wi-Fi network (we got a password), but the signal is weak and not all of our devices can work stably or even connect to a wireless network. This can be faced when using neighbor Wi-Fi from home in front, and in quite legitimate situations: for example, there is the only one access point to the entire floor in a hotel (or even in a lobby). As a result, for example, a laptop can connect to a Wi-Fi network with a weak signal, but the mobile phone simply does not see the Wi-Fi network.

Some routers have the feature to repeat Wi-F signal and they can be used to amplify a weak Wi-Fi signal. But not always at hand a router with Wi-Fi signal amplification function (especially on trips), so I will consider a slightly different option.

Anyway, we need some additional hardware. But we will use what is usually always available for wireless networks pentesters:

  • computer (laptop)
  • 2 Wi-Fi adapters

One of the wireless adapters should be powerful enough and sensitive: an external wireless adapter with an high gain antenna (and even better directional high gain antenna), and the second wireless adapter should support the AP (access point) mode, but it does not have to be powerful, it is enough built-in laptop Wi -Fi adapter, because its task will be to distribute Wi-Fi Internet within the room. In general, nothing special: the standard gentleman's set of a Wi-Fi networks auditor, probably, each of us already has it all.

The algorithm is as follows: using a more powerful Wi-Fi adapter, we connect to a remote access point. Using the second Wi-Fi adapter, we create a new access point that uses the Internet connection of the first Wi-Fi adapter. To this new access point will be able to connect our ‘weak’ devices (mobile phones). As a result, although the mobile phone connects to our access point with a stable strong signal, it will use the Internet of a remote access point with a ‘weak’ signal. Also, Internet access will be on the computer itself.

Step 1: Getting a stable connection to a remote Access Point

It is necessary to achieve a stable connection to an access point with a weak signal. To do this, move the Wi-Fi adapter (if it's external and if the length of the cord allows it) around the room, and turn the directional antenna in different directions (if you have one).

You can monitor the quality of the network by indicators, as well as using the ping command, or Internet speed checking services (for example, speedtest.net/run).

The corresponding hardware and accessories are here: https://miloserdov.org/?p=250

Step 2: Enhance the wireless signal in the router settings

This is an optional step. If using Router Scan by Stas'M or RouterSploit you managed to gain access to the router admin panel, you can change the signal level in the wireless network settings.

This setting can be called TX Power (as in the screenshot below, where I set the value to High), or somehow different (the ratio of performance and energy savings, etc.).

To use any of these programs, you need to know the router's IP address. When you are connected to an access point, you can find out in the Linux IP router by the command

ip route

The address of the router will be after default via, for example, 192.168.1.1.

In the Windows IP router, you can get with the command:

ipconfig

The made ‘settings’ cost the time spent on them, the speed of the Wi-Fi connection when TX Power was at Medium:

Connection speed when TX Power is set to High:

Step 3: Connect to a far-away access point, configure your own access point

The following information is intended for Linux users.

We will do all the actions on the command line, there we will get the desired result faster than if we try to make the necessary settings in Network Manager.

As an operating system, I use Kali Linux. Actions in other Linux operating systems are similar, but you need to install the packages wpasupplicant and create_ap.

In Kali Linux, you need to install a number of packages, for this, run the following commands:

sudo apt install wpasupplicant
sudo apt install haveged hostapd git util-linux procps iproute2 iw dnsmasq iptables
git clone https://github.com/oblique/create_ap
cd create_ap
sudo make install
cd .. && rm -rf create_ap

We stop Network Manager, because it will only hinder us:

sudo systemctl stop NetworkManager

Note, after disabling NetworkManager, the Internet will be lost!

We need to generate a configuration file to connect to an access point with a conditionally weak signal. This is done by the command:

wpa_passphrase AP_name > configuration_file

For example, for AP named 4G Home WiFi_188538 protected by the password 0988811692 to save the settings to the wpa_4G_Home.conf file, I issue:

wpa_passphrase "4G Home WiFi_188538" 0988811692 > wpa_4G_Home.conf

There should be a file with approximately this content

network={
	ssid="4G Home WiFi_188538"
	#psk="0988811692"
	psk=f424d184c82c0993ff5770935ed8e4133029c3328717d45bf140243fcdbd6880
}

If it is not already done, plug both of your wireless adapters to the computer, look at the names of the wireless interfaces with the command:

iw dev

If you do not understand which wireless adapter has which name, then more clarity can give:

sudo airmon-ng

So, I have two wireless wlan0 and wlan1 interfaces. To connect to a remote access point, I want to use wlan1. Therefore, to raise my access point, I will use the remaining interface wlan0.

Connection to a wireless access point from the command line is done by a command that looks like:

sudo wpa_supplicant -B -i interface_name -c configuration_file.conf

In my case this is a command

sudo wpa_supplicant -B -i wlan1 -c wpa_4G_Home.conf

Here, -B means to demonize the process (makes it works as a background process). After the -i switch, specify the name of the wireless interface wlan1 (replace with the name of your interface). And after the -c switch, I specify the configuration file wpa_4G_Home.conf, which you also need to replace with your own.

If something goes wrong, then run the same command without the -B switch to see its detailed output.

To make the Internet work, you need to execute this command (pay attention to the name of the wlan1 interface - if necessary, replace it with the one you need):

sudo dhclient wlan1

But even before we can check whether there is a connection to the AP (if necessary, replace wlan1 with the name of your interface):

iw dev wlan1 link

With the help of ping, we check that we really get the Internet connection:

ping google.com

Now we will set up our AP, which will connect our phones and other devices with low-power Wi-Fi transmitters.

We will use the script create_ap which will greatly simplify our task.

Run create_ap as follows:

sudo create_ap <interface_for_AP> <interface_for_Internet_connection> <access_point_name>

I want to create an AP named ‘HackWare’ on the wlan0 interface, using the wlan1 interface for Internet access, then my command:

sudo create_ap wlan0 wlan1 HackWare

If there was a line

wlan0: AP-ENABLED

then everything went well.

The command above creates an AP, the connection to which is not protected by a password, if you want to create a password protected AP, then use the command of the form:

sudo create_ap <interface_for_AP> <interface_for_Internet_connection> <access_point_name> <password>

For example, for my AP to have the password MiAlrules, I use the command:

sudo create_ap wlan0 wlan1 HackWare MiAlrules

Now on mobile devices, you will see the access point you created, when connected, mobile devices will have access to the Internet. Please note that my mobile is not able to reach the 4G Home WiFi_188538 access point, which is the ‘donor’ of the Internet access.

If there are problems with access to the Internet, first check the connection to the access point with a weak signal, because in this scheme it is the weakest link that can cause problems.

Also recommended:

Leave a Reply

Your email address will not be published.