Raspberry pi monitor mode wifi

Saved searches

Use saved searches to filter your results more quickly

You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session. You switched accounts on another tab or window. Reload to refresh your session.

Enable monitor mode on Raspberry Pi on-board WiFi chip.

zorani/RaspPiNexmonScripts

This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

Sign In Required

Please sign in to use Codespaces.

Launching GitHub Desktop

If nothing happens, download GitHub Desktop and try again.

Launching GitHub Desktop

If nothing happens, download GitHub Desktop and try again.

Launching Xcode

If nothing happens, download Xcode and try again.

Launching Visual Studio Code

Your codespace will open once ready.

There was a problem preparing your codespace, please try again.

Latest commit

Git stats

Files

Failed to load latest commit information.

README.md

I have done my very best, but have failed. Please read all of the below text, I have applied every trick in the book I have found online but have only managed to receive airodump-ng data for a maximum of 25 mins before it decides not to gather further data.

I have caved in and bought, https://www.asus.com/Networking/USBAC56/ following these install instructions you get good airodump-ng performance. https://github.com/aircrack-ng/rtl8812au I hope NEXMON can fix this sudden timeout issue.

Before we get to the point of all that packet sniffing goodness. a word of warning from the people who actually did all the work.

The scripts in this repo may damage your hardware and may void your hardware’s warranty! You use these scripts and the tools from https://github.com/seemoo-lab/nexmon at your own risk and responsibility! If you don’t like these terms, don’t use nexmon! If you don’t like these terms, don’t run any of the scripts in this repo.

Seriously, use of these scripts in this RaspPiNexmonScripts Repo could brick your raspberry pi and render it useless. The scrits in this Repo automate the work done at https://github.com/seemoo-lab/nexmon who also warn that your hardware could suffer irreperable and permenent damage.

Only carry on if you take full responsibility.

I have only automated the RasPi steps described in detail at https://github.com/seemoo-lab/nexmon

RaspPiNexmonScripts for Kernel 4.14 only.

1. Start a raspberry pi with a fresh image
2. Clone this repo
3. sudo ./WifiCardModDriver.sh
4. sudo ./AircrackNgFromSource.sh
5. REBOOT YOUR PI

Please keep reading to find out why the above works, there are also usefull hints and tips.

Raspberry Pi, set built in chip to monitor mode. (Pi-Zero W, Pi-3B and Pi-3B+)

The good people at the following link, the nexmon project have instructions to compile a modified driver to unlock the onboard wifi chip on the raspberry pi.

I’ve automated that process with a script that you can run on the following RasPi models

-Pi Zero W (Hardware revision 9000c1) Note: You must have a second WiFi dongle attached to connect you to the internet.

-Pi Model 3B (Hardware revision a02082, a22082 & a32082)

-Pi Model 3B+ (Hardware revision a020d3)

The script will detect and build the modified driver for the above models.

The script will backup the origional hardware driver from location,

/lib/modules/4.14.79-v7+/kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko 

/lib/modules/4.14.79-v7+/kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko.bkp 

You can confirm the location of the default hardware using the following command in a shell, the first line of the output will confirm the location of the default reboot driver. The script does this automatically.

For board revision history information, you might like to check the following link,

To findout what raspberry pi hardware you are running using the bash command line

cat /proc/cpuinfo | grep 'Revision' | cut -d : -f2 | xargs 

xargs conveniently truncates the white spaces around the result.

QUICK START: TRY YOUR AWSOME SNIFFER IN JUST A FEW MOMENTS

Here are some commands to get you going, to test if the new driver works.

Install tcpdump if you have not already.

sudo apt-get install tcpdump 

sudo iw phy `iw dev wlan0 info | gawk '/wiphy/ '` interface add wlan0mon type monitor 

 sudo ifconfig wlan0mon up 

You should see a whole lot of wifi data streaming down your screen. This is the very basic setup, you can now go and explore. Have fun!

NOTE: To connect to regular access points you have to execute

NOTE: It is possible to connect to an access point or run your own access point in parallel to the monitor mode interface on the wlan0 interface

Airodump-ng not capturing any data, no output problems on wlan0mon mon0 or anyother name you used.

A well known symptom observed by users of airodump-ng is a sudden stop of packet capturing.

The DHCPCD service is known to occasionaly try and manage wlan0 again by setting it to managed mode. This ofcourse stops airodump-ng or tcpdump from collecting data. Airodump-ng will suddenly stop collecting data. In an attempt to over come this problem the WiFi setup script runs the following methods:

1. stop_dhcpcd_managing_wlan0
2. stop_wpasupplicant_probing_wlan0
3. stop_wlan0_power_management

The following sources helped me figure this out:

sudo ./AircrackNgFromSource.sh 

This installs Aircrack-ng from a stable release at https://github.com/aircrack-ng/aircrack-ng/releases You may change the URL in the script if a later version is available.

QUICK START: RUN A QUICK TEST OF YOUR AIRCRACK-NG

After you have run the install script AircrackNgFromSource.sh you can be up and running very quickly.

Here are some commands to get you going, to test if the new driver works.

1. SKIP THIS STEP IF YOU HAVE NOT CONNECTED ANY EXTRA USB WIFI DONGLES If you have connected an extra wifi USB dongle, the wlan0 interface name will randomly change. You can either keep an eye out for the internal wifi chip by using iwconfig, or more conveniently set predictable network interface names using sudo raspi-config select networking, then select enable on predictive naming. WARNING: YOU WILL BE ASKED TO RESET. DO THIS BEFORE CONTINUING.
2. Setup monitor mode on wlan0, or whatever name is pointing to your onboard chip. There are two commands you can use, the origional,

C1) sudo iw phy `iw dev wlan0 info | gawk '/wiphy/ '` interface add wlan0mon type monitor 

USB WiFi Drivers, Want to also use your own wifi usb? Some Notes On Community Support From The Famous MrEngman

If you are lucky wnough to have an ethernet cable point while you are packet sniffing, you can use your hard wire connection to send back packet reports to your AWS instance. or where ever.

If.. you want a fully independed wifi only raspi sniffer, you’re going to get a small headache, but it can be done. It all depends on the manufacturer, compatibility and driver availabitliy of your usb.

The exact USB WiFi radio I got to work in this setup was the https://wikidevi.com/wiki/TP-LINK_TL-WN725N_v2 Carefull! Multiple revisions of this device, use caution. Check all the specs agains https://wikidevi.com/wiki/TP-LINK_TL-WN725N_v2

I bought this one from Amazon, https://www.amazon.co.uk/gp/product/B008IFXQFU/ , who knows if this changes in the future.

I had some external USB wifi adapters that needed the help from the famous Mr Engman. Anyone online looking for a USB driver will have come accross this generous member of the raspi community. Here is the thread I found him in https://www.raspberrypi.org/forums/viewtopic.php?t=62371&start=1225 and here is a link to the script text, http://www.fars-robotics.net/install-wifi

copy the script to /usr/bin/install-wifi sudo chmod +x /usr/bin/install-wifi

Further tips: It does feel a bit hit and miss, but I have finally got packat listening on the onboard wifi, and internet access on the usb wifi radio to send data elsewhere.

Are you tempted to play with rpi-update? You may not need to, but here is my experience.

I tried rpi-update, but that failed. I found two commands to fix my rpi-update mistake on the following thread, Hexxeh/rpi-update#222

Command 1) sudo apt-get install —reinstall raspberrypi-bootloader raspberrypi-kernel

Command 2) sudo BRANCH=stable rpi-update and it’s all revert back nicely.

All of my Wifi Failed, and I used an ethernet cable to complete the above.

I found that my external USB wifi was completely missing! So, I ran MrEngmans install-wifi script — perfect, connected to the internet straight away.

I then triend airmon-ng start wlan0. «Mode not supported» Ofcourse, the driver was already written over. So I re-ran — WiFiCardModDriver.sh Then re-ran — AircrackNgFromSource.sh

I guess the lesson here is, completely uninstall USB WIFI drivers for your USB stick if you have issues, and use MrEngmans instead.

If you want internet access over Wifi, remove your lan cable — restart your Pi.

One last tip, if you have been setting up your pi with an ethernet cable. if you unplug it your wifi will have issue routing webpages to your browser, you must restart your pi without the ethernet cable in. Odd ah?!

Anyway, happy packet sniffing.

About

Enable monitor mode on Raspberry Pi on-board WiFi chip.

Источник

Как на «безголовой» Raspberry Pi с единственным WI-FI адаптером включить режим монитора и сохранить подключение по SSH

Всем привет.Сейчас я расскажу как я на Raspberry Pi без экрана перевел Wi-Fi адаптер в режим монитора и сохранил подключение по ssh.

Нам понадобится сама Raspberry Pi(я брал Raspberry Pi Zero W так как она компактная и с встроенным Wi-Fi адаптером) желательно с Wi-Fi адаптером(если его нет придется покупать USB Wi-Fi адаптер и подключать), SD-карта и USB-кабель который может передавать данные, а не только заряжать.

Я надеюсь вы уже установили OС на карту, если нет то в интернете полно инструкций.

Первым делом надо установить aircrack-ng с помощью которого будем переводить адаптер в режим монитора.Для этого надо подключиться к сети.Чтобы на «безголовой» малинке настроить Wi-Fi, надо в /boot создать файл «ssh»(без расширения) и wpa_supplicant.conf с содержимым:

И подключаем Raspberry Pi к питанию, после того как малинка подключилась к сети, подключаемся к ней по ssh(стандартный логин и пароль: pi, raspberry).Устанавливаем aircrack-ng sudo apt install aircrack-ng. После завершения установки нам также надо установить патч прошивки от Nexmon, я устанавливал по этой инструкции.

После этого нам надо подключиться по Ethernet к малинке, для этого выключаем из консоли командой sudo shutdown now. И подключаемся по USB к компьютеру(на малинке разъём подписан «USB»). Стоит заметить что Ethernet и WI-FI не работают вместе, если малинка может подключиться к WI-FI, то она подключиться к WI-FI и не будет подключаться по Ethernet.Так что после установки патча удаляем свою сеть из файла /etc/wpa_supplicant/wpa_supplicant.conf.После подключения установятся драйвера, но если вы попробуете подключится по ssh(ip: raspberrypi.local), то вам выведет что соединение сброшено.Чтобы этого не произошло надо установить другие драйвера.

Переходим в диспетчер устройств-сетевые адаптеры-USB Ethernet/RNDIS Gadget
-свойства-драйвер-обновить-выполнить поиск драйверов на этом компьютере-выбрать драйвер из списка уже установленных драйверов-убираем галочку с «Только совместимые устройства»-ищем в левой колонке «Microsoft»-в правой колонке «Удаленное NDIS-совместимое устройство-далее-в высветившемся окошке выбираем да-ждем установку.

После установки подключаемся к малинке(ip: raspberrypi.local), и проверяем можем ли мы перевести карту в режим монитора.

sudo su
iwconfig
airmon-ng check kill
airmon-ng start wlan0
iwconfig

После выполнения этих команд в iwconfig должен появится новый интерфейс, это и будет наш адаптер в режиме монитора. У кого-то это mon0, у кого-то wlan0mon. У меня например был wlan0mon.Проверял в airodump-ng и aireplay-ng, все работало, пакеты ловились, деаутентификация тоже работала и стабильно отключало от wi-fi точки.

Надеюсь, туториал был полезен.

Источник