Enterprise Security
Certification :


Web Application
Auditing & Pentesting
Certification :


Wireless Security
Auditing & Pentesting
Certification :


Wireless Investigation
For Law Enforcement
Certification :


Secure Wireless
Deployment & Monitoring
Certification :


Mobile Application
Auditing & Pentesting
Training Course :


Training Class & Certification Exam Schedule

Training Class & Certification Exam-related FAQ

Authorized Training Partners & Training Schedules

Certified Practitioners List

Examination Review Board

Security-Database.com BEST IT Security and Auditing Softwares 2007 - Best in Wireless Testing Category

Help Docs & Troubleshooting FAQ

Applications in the OSWA-Assistant™ wireless auditing toolkit require certain hardware such as wireless network cards or other hardware to be present in order to work (e.g. wireless cards, bluetooth dongles, etc). Please refer to the documentation contained inside the CDROM's root directory or click on the "Features & Tools" or "Supported Platforms" menu items above.

We've also prepared a small FAQ below which provides answers to common questions asked by users regarding the toolkit's operation or features. This is a list of compiled questions which both technical and non-technical users have asked to date. Hopefully it will help answer any questions you may have. If not, please feel free to write to us at: assistant-feedback [-at-] securitystartshere.org

Question: I am an IT-security professional and frequently have to do audits for both my and my clients' wireless networks. Can I use this toolkit for my work?

Subject to you getting prior permission to conduct the audit, sure! That's what it's meant for - to help wireless auditors do their job. The auditing tools loaded in the toolkit are, to the best of our knowledge, either GPL, public-domain, free or non-commercial (non-commercial meaning it's not to our knowledge sold commercially and has been made available by the developer for anyone to download and use) software. Unless the copyright owner of any tool notifies us otherwise that their tool does not meet any of the preceding criteria and they want us to remove it from the toolkit, the tools will continue to be available for any IT-security professional to use. The toolkit itself does have a legal restriction expressly forbidding you from conducting unauthorized audits on wireless networks which you are not authorized to audit but you definitely can use it in your workplace for legitimate, authorized work.

Question: Hey, I'm a home user running my own home wireless network. Can I use this tool to audit my own access point or wireless laptop?

Of course! One of the objectives is to allow home-owners and non-technical folk to audit their own wireless networks and prove to themselves whether they're vulnerable or not, so that they can take steps to rectify it. What you CAN'T do is use this tool to audit someone elses' network without permission from that someone else. Using the OSWA-Assistant™ legally binds you from doing any kind of unauthorized hacking. Also, the ActivityMap™ is designed to minimize a non-technical user's ability to use this toolkit to attack someone else while at the same time allowing the non-technical user to be able to audit his/her own network as close as possible to a realistic engagement.

Question: Hey, I found a copy of this CD on another website. Is it an official copy? Can I download and use it?

We recommend that you download only from sources that are officially listed on our official download page. The download links there are either from our official site or from people who have officially requested to mirror the toolkit on servers which they own. This minimizes (but, as with all things in real life, does not eliminate totally) the possibility of someone planting malware in the toolkit. No matter where you download the toolkit from, always run a MD5 check of what you downloaded and compare it against the MD5 hash which you can get from our official download page.

Question: I burnt the the image file on a CD and/or unzipping it on the CD and/or unzipping it on my desktop. But when I start the software with the auto.bat file - it only loads a default website - what do I do?

The image is not meant to work as executable software under Windows - it is a standalone OS with its environment loaded into RAM (remember your computer needs to have at least 1GB for acceptable performance). You need to burn the image file to a CD using a CD-image burning program like Nero, RecordNow, etc.

Do NOT burn the image file as a normal data file! Instead, look for the "burn CD image" or other similar function within your CD burning application.

After burning as an image, place the CD inside your computer's CDROM drive BEFORE rebooting that computer. Normally, most modern computers will detect a CD at bootup and proceed to decompress the image. If your computer does not do so, you will have to enter its BIOS during the bootup phase (the black initial screen where it normally has a line telling you how much RAM you have onboard or shows a message to press a key "to enter BIOS" like F1, F2, F8, F10, F11 or F12 depending on your computer's manufacturer).

Once you are inside your computer's BIOS screen, look for the option to select the CDROM as a bootup device (normally under a menu called "boot" or "startup" or something similar, depending on your computer's manufacturer) and ensure that the boot order/sequence has the CDROM above the Hard Drive. Then save your BIOS settings and exit. This should restart your computer with the new settings and the OSWA-Assistant will normally load.

Question: My CD or LiveUSB flashdisk can't boot up! When I put it into my CDROM or plug in my USB flashdisk into my computer, my normal installed operating system gets displayed. This is the case even after I reboot my machine. Is the CD bad?

Sometimes, it takes a few seconds for a CD to be read by the CDROM drive and your computer may skip reading the CD if it takes too long or if the CD was placed in too late for the CDROM bootup read sequence. Place the CD inside the CDROM before you press the power-up button on your computer. Also. depending on your computer brand & model (and frequently if you're booting from an external USB CD drive), sometimes just rebooting (warm-boot) does not work. You need to do a cold-boot. Place your CD inside the drive, then physically power-off your computer. Then power up again.
For LiveUSB installations, the contact between the flashdisk and the USB port holder has to be firm - a slight jar or misalignment will result in a failure to load completely or at all. Remove your USB flashdisk, re-insert into the USB port, then power on/cycle your computer.

Question: My USB flashdisk boots up ok, but after I reboot the machine to restart the toolkit, my computer boots to my hard drive's operating system. What is wrong?

We have seen this occur in some laptops (e.g. a Lenovo X61) and it appears that the laptop cannot detect the USB flashdisk on the second and subsequent reboots/power-cycles. The solution is to remove your USB flashdisk and re-insert it into your computer's USB port between the reboots or power cycles, i.e. shutdown computer, remove USB flashdisk from USB port, re-insert into USB port, power on your computer.

Question: Help! I get a block of white space that fills half my screen before i reach the words that say "Press Enter To Continue". Is there a problem with the CD?

This only happens on some laptops with the "wide-screen" or 16:9 aspect ratio type of display. This is probably due to the non-standard dimensioned display warping the 8-bit graphic as it decompresses. It does not affect the functionality of the CD in any way. You just don't get the nice startup logo when you boot up.

Question: When the CD/USB image is loading, it hangs halfway around the "PCMCIA found, starting cardmgr" message. I can't seem to get beyond this message.

There is most likely a problem with detecting your BIOS as some computers have weird or unsupported BIOS functionality. To solve this, instead of pressing the "ENTER" key at the startup screen, press "F2", then type the following: linux noapic acpi=off pci=bios . Note that your computer will no longer be able to track your battery usage but at least you'll be able to use the toolkit.

Question: I get a popup box after getting to the GUI which says "Sound server informational message: Error while initializing the sound driver." Is there a problem with the CD?

No, the CD is just telling you that it can't open a particular component of your soundcard functionality. The component is listed in the next couple of lines immediately below the error lines mentioned above. Your auditing functionality is unaffected. Just click the OK button to carry on.

Question: Why does it take so long to get to the graphical display?

In order to fit everything on a single CD, the toolkit software is stored in compressed format which is decompressed to your computer's memory whenever it is accessed. Thus it will take longer than a normal, hard-drive based bootup simply because your CDROM is not as fast in grabbing the data for the decompression than your hard drive is in just accessing non-compressed data. However, it is actually not that long. Our lab testing shows that, from the time you press the "Enter" key to begin loading the CD, it takes an average of 2mins30secs to get to the graphical display, and a further 30secs approx to load the web-based intro page.

Question: Why does the interface feel so laggy and my CDROM drive makes a lot of noise?

See the answer to the question immediately preceding this question.

Question: %#@$%!! Why can't you just make it run faster ?!

Not if you're using a CDROM - everyone is constrained by optical drive technology. However, you can create a LiveUSB installation from the LiveCD image. Follow the instructions found here (substitute the references to "Knoppix " with "OSWA-Assistant"). If the webpage is no longer available, you can also view a PDF'ed backup here.

Question: What is the password for the default user (root) account?

There is none set at startup. This is in response to heavy user feedback requesting for such a setting. If you would like to add a password in order to lock your screen (maybe going for some coffee, etc), first open up a terminal and type the following: passwd root . Then enter in your desired password befroe locking the screen. Otherwise, you won't be able to unlock it and have to reboot.

Question: What kind of wireless hardware do I need to have to be able to run some of the software in the toolkit?

We've tested some chipset representatives for the 802.11, Bluetooth and RFID categories and the official hardware support information is located in the root directory of the CD. Please refer to the file called CD-SUPPORT-HARDWARE. For WiFi, generally the following modern chipsets which are being sold in stores today should work: Atheros, Intersil Prism54GT (fullmac only), Ralink RT2500, RT2570, RT73. Newer chipset support will be added as products using those chipsets become available on S.E.Asian retail shelves, subject to driver availability and us buying the hardware off-the-shelf as proof that they are indeed on store shelves! :)

Question: Hey, I really don't know how to read chipsets or identify equipment just by looking at it. Can you give me a list of hardware which I can buy off the shelf at my local computer shop?

The bottom line is that you should ALWAYS ask your computer shop staff about whether the hardware you are going to buy from them contains any of the chipsets mentioned in the CD-SUPPORT-HARDWARE file which is on the CD. When in doubt (and where funds are limited), then don't buy the hardware :)

Having said that, you can also visit our Supported Platforms page and have a look through the information there.

Question: I recently read an article involving installing the OSWA-Assistant on an SDHC card, for use with the Asustek EeePC. I've followed the tutorial and have even installed the OSWA-Assistant persistently, following directions from the OSWA-Assistant FAQ and pendrivelinux.com. Are there any plans to support the EeePC and the atheros-based wireless NICs installed?

For the EeePC, we borrowed a sample (a black 12GB SSD EeePC900 version with webcam and bigger screen) to check it out and found that the onboard wireless card is the Atheros AR5007 model which, based on information floating around (e.g. http://madwifi.org/ticket/1296), appears to be actually a Zydas USB-based chipset that was rebranded under the Atheros name afer Zydas was acquired by Atheros some time ago. Thus, it is not supported by the madwifi-ng 0.9.3 driver installed in the OSWA-Assistant™ (all versions up to and including ).

When the madwifi-ng project team releases a driver which supports the AR5007 Atheros-rebadged Zydas USB-based wireless chipset, then we will likely upgrade the driver then. In the meantime, there is no official support for the EeePC's onboard AR5007 USB-based wireless chipset for the current OSWA-Assistant™ version

UPDATE: According to the madwifi-ng website, "The new official HAL ( supports AR5007EG (and AR5006EG) on 32-and 64-bit systems". If you are using OSWA-Assistant™ version and up, you should be able to get it working.

Question: I have been able to run the OSWA-Assistant on a Macbook Pro. It starts up and the OS runs. However, I am still not able to use any wireless devices. This is what I found on the (onboard) wireless card:
Chip Number: AR5008
Chip Description: Atheros 802.11a/b/g/n (pre-N) radio
It is a PCI-based wireless adapter.
(question from Adam Clampet on 18 Aug 2008)

According to public information, the AR5008 chipset will *NOT* be supported by the Madwifi-ng drivers until 0.9.5 (ref: http://madwifi-project.org/ticket/1001 - see the entry dated 02/14/07 12:12:11). We will assess the suitability of the 0.9.5 version of Madwifi-ng drivers for inclusion into the OSWA-Assistant™ when they come out. At this point, a solution would be to use a wireless card model which is specifically listed under our officially-supported hardware list.

My netbook has an Atheros 9xxx PCI-E wireless card but the software only sees the loopback adaptor and does not display any other network adaptors/cards.

The current MADWIFI-ng drivers used by the IEEE80211 stack in the OSWA-Assistant only supports up to the AR5xxx series for Atheros-chipset-based wireless adapters (please refer to the supported platforms webpage). As and when the MADWIFI-ng drivers support the AR9xxx series, we can then update the drivers accordingly.
In the meantime, based on what modes you require (i.e. managed, master, monitor, monitor + injection), you can choose to use a wireless adapter that has any of the chipsets listed in the aforementioned URL under the Supported Wireless Chipsets section of the URL.

Question: I have an onboard Intel Pro Wireless 3945 (IPW3945) card. When i insert an Atheros-based card in, I can't get it to work - the card won't take commands or exhibits strange behavior.

The ipwraw driver from ASPj which is used in the toolkit assigns "wifi0" as the interface for an IPW3945 card. When you insert an Atheros-based card into the same computer holding the IPW3945, the MADwifi-ng driver also uses the "wifi0" naming convention by default for the virtual interface for an Atheros card. Thus, a conflict with the ipwraw driver occurs. The simplest solution is to disable the IPW3945 card using your laptop's hardware toggle switch (if available), or disable the onboard IPW3945 chipset in your laptop BIOS before booting up the OSWA-Assistant™, or to rmmod the ipwraw driver module (do a "lsmod" command to find out the full name of the module) BEFORE you insert your Atheros card.

Question: After the "Scanning for USB/Firewire devices...Done" message appears during the boot sequence, the boot sequence stops with : "Can't find the mounted filesystem; we cannot initialize the system. Dropping you to a (very limited) shell. Press reset button to quit.".

The file system is not found because there is a hardware issue that is preventing the bootloader from discovering the partition or device where the OS image is stored. Pleae try the following workarounds in the following sequence (move on to the next if the preceding one is unsuccessful) :

1. At the boot prompt, please type and try the following : linux nodma

2. If your CDROM is SATA-based and running in AHCI mode, that is also known to cause this issue in certain cases. It could be that your laptop has BIOS settings that could be adjusted to mitigate this. Access your laptop's BIOS screen and change any references for SATA hard drive or disk access from "AHCI" mode to "compatibility" or "IDE" mode and see whether that resolves the issue.

3. Is your CDROM USB-based, SCSI-based or IDE-based? If it is a USB-cdrom, you should enable all USB options inside your BIOS (e.g. legacy compatibility). This would slow down the USB detection phase during boot and make it more likely to detect the USB-cdrom to mount as a device under /dev. Please also try entering the following commands at the toolkit boot prompt after changing the USB options in your BIOS :
(first) linux ide2=0x180 nodma
(second) linux ide2=0x180 nopcmcia

4. If you are still having problems, one way to find out if it is your CDROM interface type that is causing it is to create the LiveUSB version of the OSWA-Assistant using the instructions on the download section webpage at http://oswa-assistant.securitystartshere.org . You will need a thumbdrive/flashdisk of at least 1 GB in size for this. Note that the thumbdrive/flashdisk will be formatted and overwritten so back up any existing data on it before doing this.
When you have created the liveUSB version, simply shutdown your laptop, insert it into a USB port on your laptop and then boot up your laptop. Note that you must configure your laptop BIOS to support booting from a USB device such as a USB flashdisk/thumbdrive. If the liveUSB version boots up, then the issue is with your CDROM interface and you should use the liveUSB version instead.

Question: The boot sequence stops at "Probing/Loading AGP modules" and goes no further.

Please type the following flags using your keyboard during the OSWA-Assistant™ splash screen that occurs during the boot process and see if they help resolve the problem : linux noagp
If the above does not work, please try the following : linux noagp noapic nolapic acpi=off
If the above does not work, please try the following : linux xmodule=svga noagp noapic nolapic acpi=off

Copyright © 2004-2016 THINKSECURE® PTE LTD ("ThinkSECURE"). All Rights Reserved. Any reproduction, storage or transmission of any of the contents of this website, without the express and written consent of ThinkSECURE Pte Ltd is strictly prohibited. Use of this site is subject to our Terms & Conditions. The "THINKSECURE" brand name is a registered trademark of THINKSECURE PTE LTD in Singapore and a trademark of THINKSECURE PTE LTD in certain other countries. The ThinkSECURE device is a trademark of THINKSECURE PTE LTD in Singapore and certain other countries.

This Website Is Designed To Be Viewed At 1024x768 Resolution and 24-bit color using Arial, Stencil Std & Lucida Console fonts.