[Q] load wifi - kernelmodule from commandline (bcmon, CM10.1)? - General Questions and Answers

CM 10.1 How can I start wifi from the commandline?
Clicking wifi-widget shows that kernelmodule dhd has been loaded, wifi is working
Doing modprobe dhd shows that the module is loaded but wifi will not work, Widget has changed from black to darkblue only
Where can I find Information about handling of kernelmodules in Android? ("Is there something like /etc/modprobe.d?"...)
Background: Following http://forum.xda-developers.com/showthread.php?t=1892535 I build cm 10.1 for P3110 (Galaxy Tab 2.7.0) that includes a modified wifi-kernelmodule. Everything is OK in regular mode. Starting monitor mode by bcmon gui would not work howevever nor does manual modprobe or insmod (with or without firmware parameter, see setup.sh ).

of course you should use ifconfig to start or stop a NIC on linux/android... (see also : http://forum.xda-developers.com/showthread.php?t=932946)
I am just a bit confused about the way bcmon tried to do this (setup.sh just uses insmod).
So the questions should be:
How do I have dhd started with an option once network is started ?
What is the difference between ifconfig start and what the widget does? ( ifconfig start / ifconfig stop returns "SIOCSIFLAGS: Operation not permitted" after an unsucessfull attampt to start monitor mode using bcmon gui. after modprobe -r dhd and subsequent clicking the widget normal mode is working again. )
Is ther a better place to discuss bcmon-related issues ?
Thanks

Related

Bluetooth tethering armooo1.5 - moded JF1.5

This is a set of changes to JF1.5 ADP image to enable pan bluetooth tethering. The pan service will be available whenever bluetooth it turned on as you would expect from most other phones.
It includes all the normal changes from JF1.5
Changes
armooo1.50.1
Added support for multiple clients (updated pand_up.sh, pand_down.sh).
Added logging.
Added /system/xbin/pand.start. Works around what looks like an init bug with long lines.
Updated /system/init.rc to use pand.start and logwrapper.
armooo1.50
The pand service was added to /system/init.rc .
The library bluedroid (/system/lib/libbluedroid.so) was updated to start and stop the pand service.
Pan support scripts were added to /system/xbin (pand_up.sh, pand_down.sh).
Added dnsmasq to /system/xbin.
Changes for JFv1.50 ADP1.5 Build Environment
armooo1.5 ADP1.5
So now the question is how can I get this on another build besides the JF?
is this a non-wipe update, and will it break wifitether by harry_m?
twistedumbrella
You should be to manualy install the files in armooo1.50.tar.gz. It will need pand, iptables, awk and a kernel with netfilter/iptables. All of which were in the JF image I am not sure about the others.
andonnguyen
I was able to upgrade from JF1.5 ADP to this image without wiping. As long as you are not trying to use wifitether and the bluetooth tethering at the same time is should not be a problem. Stopping wifitether or disconnecting a bluetooth connection will disable ip forwarding and remove iptables rules which could cause problems.
Thanks it's working perfectly on Dude's build.
I prefer this over network as Ubuntu laptop don't like ad-hoc network and I never managed to connect.
I wonder if someone one if this PAN thing can provide connection to multiple computer simultaneously or is it just one?
Thanks again! good job
An integration in TheDude firmware is available here : http://android.smartphonefrance.info/actu.asp?ID=133 (In french).
armooo said:
twistedumbrella
You should be to manualy install the files in armooo1.50.tar.gz. It will need pand, iptables, awk and a kernel with netfilter/iptables. All of which were in the JF image I am not sure about the others.
andonnguyen
I was able to upgrade from JF1.5 ADP to this image without wiping. As long as you are not trying to use wifitether and the bluetooth tethering at the same time is should not be a problem. Stopping wifitether or disconnecting a bluetooth connection will disable ip forwarding and remove iptables rules which could cause problems.
Click to expand...
Click to collapse
Tried moving the files over and got stuck in a boot loop. Couldn't get the init.rc to work. Didn't try just loading the rest of the files. Wasn't sure if that would work. I'll have to give it a try. Thanks.
twistedumbrella said:
Tried moving the files over and got stuck in a boot loop. Couldn't get the init.rc to work. Didn't try just loading the rest of the files. Wasn't sure if that would work. I'll have to give it a try. Thanks.
Click to expand...
Click to collapse
The image you are using may have different loopback mounts in /system/init.rc you should only need to copy the pand service.
Does anyone know how to use it?
After I updated the firmware, and launch pand_up.sh
an error show on next line:
error: SIOCSIFNETMASK (No such device)
I tried to pair with my MBP, it will show PAN network, but no IP address shows up
armooo said:
The image you are using may have different loopback mounts in /system/init.rc you should only need to copy the pand service.
Click to expand...
Click to collapse
Yeah, I am using a different apps2sd method and general startup than the JF. My image is based on 5.0.2H but I wasn't sure if the service would run without having that. I will try it without. I am sure it'll still work just wasn't sure how efficiently. Thanks again.
Thanks for the update!
In case someone is having issues installing this, here is a little how-to I've been using with Dude's latest rom.
using extracted armooo1.50.1_ADP1.5.zip as YOUR_armoo1.5_adap1.5_DIRECTORY
adb remount
adb push YOUR_armoo1.5_adap1.5_DIRECTORY/system/init.rc /system/init.rc
adb push YOUR_armoo1.5_adap1.5_DIRECTORY/system/lib/libbluedroid.so /system/lib/libbluedroid.so
adb shell umount /system/xbin
adb push YOUR_armoo1.5_adap1.5_DIRECTORY/system/xbin/xbin.cramfs /system/xbin/xbin.cramfs
adb shell reboot
Click to expand...
Click to collapse
what does it actually let us do??
does it allow bluetooth file sharing?
It's simply internet sharing through bluetooth.
Key advantage is that there is not extra app/layer, it's included in Android as bluetooth is on.
Hi!
I tried to include this in JF 1.43 RC9.
Integrated the xbin stuff in xbin.cramfs and the bnep.ko module in modules.cramfs.
Didnt know how to get the module auto-loaded, so added the insmod command to pand.start.
The module is loaded correctly, however the pand service is not added.
running pand.start manually yields some kind of success, the pan service is visible and connectable to, but not allowing to get any kind of transfer, no ip
any advice would be great. i would prefer staying with 1.43 until jf comes out with his 1.5 RC9 version, but i also really would like to get this running to not have to use wifi tethering anymore...
thanks in advance
lilithpro said:
Hi!
I tried to include this in JF 1.43 RC9.
Integrated the xbin stuff in xbin.cramfs and the bnep.ko module in modules.cramfs.
Didnt know how to get the module auto-loaded, so added the insmod command to pand.start.
The module is loaded correctly, however the pand service is not added.
running pand.start manually yields some kind of success, the pan service is visible and connectable to, but not allowing to get any kind of transfer, no ip
any advice would be great. i would prefer staying with 1.43 until jf comes out with his 1.5 RC9 version, but i also really would like to get this running to not have to use wifi tethering anymore...
thanks in advance
Click to expand...
Click to collapse
Sorry, but it looks like part of 1.5 was changing to use libbluedroid.so. So it is not going to start automatically for you. You should be able to get some debugging info from logcat. While you are trying to connect you may also want to try iptables, ifconfig and ps.
iptables -L should show
Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT 0 -- 192.168.5.0/24 anywhere
ACCEPT 0 -- anywhere anywhere state RELATED,ESTABLISHED
ifconfig bnep0 should show
bnep0: ip 192.168.5.254 mask 255.255.255.0 flags [up broadcast running multicast]
ps should have two pand and a dnsmasq
logcat should output
I/pand.start( 341): pand[348]: New connection from 00:22:69:C7:71:A2 at bnep0
I/pan ( 354): Starting BT pand for bnep0 192.168.5.0/24
After just installing JF1.51 EU, i replaced xbin.cramfs and copied init.rc to /system and the lib to /system/lib and everything is working great. My speed is actually a hint better than with wifi tether (0.36M vs 0.39M on a 3G 384kBit line).
Great thing there...
I would really appreciate it If someone could post how to connect to the phone on linux using console. Thanks.
PS: I am using JF1.5_ADP build. If I change libbluedroid.so and run the pand service (pand.start), should it be enough for it to work? Am I missing something?
Dimath said:
I would really appreciate it If someone could post how to connect to the phone on linux using console. Thanks.
PS: I am using JF1.5_ADP build. If I change libbluedroid.so and run the pand service (pand.start), should it be enough for it to work? Am I missing something?
Click to expand...
Click to collapse
I believe nobody cares, so I answer to myself
The problem was pretty much a firewall which blocks pings. So stupid. Anyway.
So, the way to do it without flashing, start from JF 1.5. ADB shell commands. Copy the libbluedriod.so into /system/lib/ (not sure if even need). Copy pand_up.sh and pand_down.sh to some G1 directory "your_dir". To start pand, run in terminal:
pand -n --listen --role NAP --devup "your_dir"/pand_up.sh --devdown "your_dir"/pand_down.sh
On linux pc (tried on Mandriva linux) find the G1 device id:
Code:
hcitool scan
(also can be found somewhere in the phone settings)
Connect to the device by
Code:
pand -c "device_id"
Start interface:
Code:
ifconfig bnep0 up
Get ip, gate etc (using dhcp):
Code:
dhclient bnep0
It works.
armooo:
You should really promote this more and have the rom cookers include it in their creations. In fact, the #1 reason for not switching my current rom (jf1.51) to any rogers, ion etc is because i use it really often and it works just flawlessly...
I am using this with Ubuntu 9.04 (with Blueman), and for some reason it disconnects from the PAN service on the phone after a couple uses. Once this happens, I have to reboot the phone and it works again. Any ideas as to what's happening? I have tried cycling the Bluetooth service on the handset, and rebooting the laptop, but neither of those make a difference. When this occurs, I can stay connected for 15 seconds up to about 4 minutes before it dies, and the syslog in Ubuntu reads bnep0 disconnected.

[Q]Spoofing MAC on Galaxy Ace [Details&attempts listed]

Hey all,
I'm trying to spoof my MAC address on the Galaxy Ace, though nothing seems to be working. [Details and attempts listed below]
Phone Details:
Samsung Galaxy Ace GT-S5830
OS: Stock Gingerbread 2.3.5
Rooted
Installed Software:
Superuser
ES File Explorer (with show hidden (. prefix) files turned on & up to root enabled, root R/W)
Busybox (Free)
Android Terminal Emulator
(all with Superuser permissions)
What I've tried:
First I cleared the phone's IP DCHP lease in the router.
In Terminal on the phone whist not connected to a network, but wifi turned on I:
su
ifconfig wlan0 down
ifconfig wlan0 hw ether 112233445566
ifconfig wlan0 up
iplink show wlan0
Click to expand...
Click to collapse
also tried
su
ifconfig wlan0 down
iplink set wlan0 address 11:22:33:44:55:66
-->At which point I get (even with busybox prefixed)
iplink: SIOCSIFHWADDR: Operation not supported
Click to expand...
Click to collapse
The first code I quoted gave me no errors and appeared to execute successfully, but iplink show wlan0, the router (once the phone had connected), and several other tools (to see if ANY could see the change) also displayed the phone's default MAC.
(I also tired: ifconfig wlan0 hw link 112233445566, offsetting the existing MAC by only 1, and prefixing commands with busybox - busybox ifconfig wlan0 hw ether 112233445566 -resulted in ifconfig: SIOCSIFHWADDR: Operation not supported)
Looking for /data/misc/wifi/nvram.txt. Can see /data/misc/wifi/nvram.info containing my MAC. Have edited this and tried joining network again, but no MAC change is showing. Have read it's a rather bad idea to restart the phone before changing the MAC in files back, [Why?] so am yet to do a restart to test the file change...
Various apk tools (preceded by clearing DHCP lease for phone's IP & proceeded by checking router & iplink show wlan0) including:
Wireless MAC Changer - Osama Abukmail
Mac Address Ghost - diewland
MAC Spoofer for HD2 - Ian Kim (as the description stated although for a HD2, there was a change it may work for other types [later found out mine doesn't use/have /system/etc/calibration])
(all with super permissions)
Does anyone know of, or have any other ideas that may work?
Is this possible with only Custom ROM's?
Much thanks in advance,
Blue
MAC address spoofing is a type of discussion that XDA does not allow. For that reason, thread closed.

100% WiFi Monitor Mode using Samsung Galaxy S2 (GT-I9100) Step by Step

Hi xda-mates. In this post I'm gonna show you, How to get wifi monitor mode on your device without external wifi adapter. If you don't know what is "wifi mode" goto wikipedia. The package consist from drivers, some wifi tools and aircrack.
Monitor Mode getting steps:
1. You have to root your device.
2. Flash CM 9.1.0.
3. Check out, your using originally cwm kernel included in the firmware you flashed.
4. Download my package(the password is my nickname).
5. Extract it to your sd.
6. Open up the terminal.
7. Type
Code:
su
cd pathToYourSd
sh install.sh
it will simply install all stuff to your system.
8. Type 'wmon on' in the terminal to activate monitor mode (type 'wmon off' to activate managed mode).
That's all. You have installed all that you needed, activated monitor mode and now you can use aircrack.
Troubleshooting:
Problem:
Code:
cannot find wireless tools, exiting!
Solution:
a) You must execute wifi tools (aircrack also) from root directory!
Code:
cd /
b) Check out of iwconfig, iwmulticall, iwpriv existance in /data/local/bin/.
Problem:
Code:
insmod: can't insert 'dhd.ko': invalid module format
error: SIOCGIFFLAGS (No such device)
Solution:
a) Make sure you are in supported rom and kernel.
b) Check out the file existance in /data/wmon/ (3 file).
Credits:
Aspartame21
Omri Ildis
Ruby Feinstein
Yuval Ofir
MemoryController
Could this possibly work on the Sprint Galaxy S2?
Sent from my SPH-D710 using xda premium
Mattix724 said:
Could this possibly work on the Sprint Galaxy S2?
Sent from my SPH-D710 using xda premium
Click to expand...
Click to collapse
May be but I don't know exactly. Try to istall it. I'll help you.
GREAT!
Thanks man! i was waiting for someone to go into this much detail, but does the wmon siyah mean that i can dualboot CM 9 and w/e rom ( in my case alliance) and get this to work? my problem with this before is that nothing would happen after my wifi is disabled and module is "loaded", also what do you mean run aircrack from the root dir? like root of the sd?
P.S. Testing now on the Galaxy S2 LTE version ( Rogers)
tutchthesky7 said:
Thanks man! i was waiting for someone to go into this much detail, but does the wmon siyah mean that i can dualboot CM 9 and w/e rom ( in my case alliance) and get this to work? my problem with this before is that nothing would happen after my wifi is disabled and module is "loaded", also what do you mean run aircrack from the root dir? like root of the sd?
P.S. Testing now on the Galaxy S2 LTE version ( Rogers)
Click to expand...
Click to collapse
I get suck after airmon-ng wlan0
says cannot find wireless tools, exiting!
Some help please and thanks?
tutchthesky7 said:
I get suck after airmon-ng wlan0
says cannot find wireless tools, exiting!
Some help please and thanks?
Click to expand...
Click to collapse
Use iwconfig wlan0 instead of airmon-ng wlan0. And make sure that you are in the root directory.
Code:
su
cd /
wmon on
iwconfig wlan0
iwconfig wlan0
aspartame21 said:
Use iwconfig wlan0 instead of airmon-ng wlan0. And make sure that you are in the root directory.
Code:
su
cd /
wmon on
iwconfig wlan0
Click to expand...
Click to collapse
OK thank you!, i'll give that a shot and post back!
Nada
aspartame21 said:
Use iwconfig wlan0 instead of airmon-ng wlan0. And make sure that you are in the root directory.
Code:
su
cd /
wmon on
iwconfig wlan0
Click to expand...
Click to collapse
# wmon on
Original module loaded. disabling wifi
LOADING MODULE
insmod: cant insrt dhd.ko : file exists error : SI0CIFFLAGS (no such device)
then i tried iwconfig wlan0
wlan0 No such device
so i checked iwconfig to see whats up
and my Wlan0 isn't there.. hmmm
Edit: I typed in wmon on and it responded with LOADING MODULE, then i did iwconfig wlan0 and it showed it in manage mode, what next?
tutchthesky7 said:
# wmon on
Original module loaded. disabling wifi
LOADING MODULE
insmod: cant insrt dhd.ko : file exists error : SI0CIFFLAGS (no such device)
then i tried iwconfig wlan0
wlan0 No such device
so i checked iwconfig to see whats up
and my Wlan0 isn't there.. hmmm
Edit: I typed in wmon on and it responded with LOADING MODULE, then i did iwconfig wlan0 and it showed it in manage mode, what next?
Click to expand...
Click to collapse
Don't pay attention to "managed mode" lettering, you are in monitor mode. To test monitor mode working type 'airodump-ng wlan0' and you will see that everything works perfect.
errrm.. not QUIIITEE, it says cannot find wireless tools, exiting. then it deletes all the files i extracted
IT IS WORK! one little question
THIS WORK, first, and ofc, THX man
I had a sgs2(official), rooted in gingerbread, and then i flashed ICS with CM 9.1, then i folllow yours steps, y putted my sgs2 in mode monitor and i checked.
Just one question, i searched in google, and ask in IRC, but i don't find the answer:
¿Do can i use the same steps to get WPA as Ubuntu or Backtrack? else... ¿do you know some link where a tutorial get wpa via sgs2?
I want complete the last step, thx for your time, and sry for my english
Clitoris Errante said:
THIS WORK, first, and ofc, THX man
I had a sgs2(official), rooted in gingerbread, and then i flashed ICS with CM 9.1, then i folllow yours steps, y putted my sgs2 in mode monitor and i checked.
Just one question, i searched in google, and ask in IRC, but i don't find the answer:
¿Do can i use the same steps to get WPA as Ubuntu or Backtrack? else... ¿do you know some link where a tutorial get wpa via sgs2?
I want complete the last step, thx for your time, and sry for my english
Click to expand...
Click to collapse
You can use all stuff like in ubuntu/bt.
Mode inyecction?
Thx for answer me, i did decide install another time backtrack in my sgs2(i removed ), but i want crack wpa without brute force or diccionaries, because it is imposible.
¿Is there some way to crack a wpa without brute force or diccionaries? ¿Do i could implement rainbow tables in sgs2, or is there some way to hashing with aircrack?
Thx for your time,
Clitoris Errante said:
Thx for answer me, i did decide install another time backtrack in my sgs2(i removed ), but i want crack wpa without brute force or diccionaries, because it is imposible.
¿Is there some way to crack a wpa without brute force or diccionaries? ¿Do i could implement rainbow tables in sgs2, or is there some way to hashing with aircrack?
Thx for your time,
Click to expand...
Click to collapse
Aircrack-ng is included to the package you installed. Just type aircrack-ng after switching wifi monitor mode
from a day to other, i can't use this
i didn't use somedays, and now i can't use, it is appears as delete, or simplely, not work. I did install applications in my sgs2.
But now i can't run it. I tried reinstall, but always put in the output:
"wmon on" not found
"wmod on" not found
"wmod monitor" not found
i did that in /, and i executed the install.sh in sdcard as you said in your post.
In internet i not found nothing, and i know programming bash a little, i tried solved gave wmon bit executable but is useless, i follow all steps rights as you said. The only one thing interesant when i execute install that is the output:
Installing Driver...
OK
Installing Utils...
OK
Creating Symlink...
link failed FIle exists
link failed File exists
//I think here is the fail of my steps, i think that make reference to /data/wmon, but i am not sure, i checked that files, but i can't solved
OK
Fixing Permissions...
OK
Temporary FIles Cleaning...
OK
Installation COmpleted! To start WiFi monitor mode just type : "wmod monitor"
I am sry if i am heavy, thx for your time.
This is pretty cool, I managed to make some progress, however got error at authorization stage at line:
aireplay-ng -1 0 -a MAC wlan0
Waiting for beacon frame (BSSID: .......) on channel -1
Couldn't determine current channel for wlan0, you should either force the operation with --ignore-negative-one or apply kernel patch
same error with injection
I'm pretty new to linux stuff, is there any way to bypass this?
Another thing is that I can't use wi-fi after using monitor mode, even if i shut it down (wmon off) until phone restart, is that alright?
Thanks in advance, and keep doing the great job!
Clitoris Errante said:
i didn't use somedays, and now i can't use, it is appears as delete, or simplely, not work. I did install applications in my sgs2.
But now i can't run it. I tried reinstall, but always put in the output:
"wmon on" not found
"wmod on" not found
"wmod monitor" not found
i did that in /, and i executed the install.sh in sdcard as you said in your post.
In internet i not found nothing, and i know programming bash a little, i tried solved gave wmon bit executable but is useless, i follow all steps rights as you said. The only one thing interesant when i execute install that is the output:
Installing Driver...
OK
Installing Utils...
OK
Creating Symlink...
link failed FIle exists
link failed File exists
//I think here is the fail of my steps, i think that make reference to /data/wmon, but i am not sure, i checked that files, but i can't solved
OK
Fixing Permissions...
OK
Temporary FIles Cleaning...
OK
Installation COmpleted! To start WiFi monitor mode just type : "wmod monitor"
I am sry if i am heavy, thx for your time.
Click to expand...
Click to collapse
I've to correct my scripts, but don't wait for it. Just type "export PATH=/data/local/bin:$PATH". You can also add this to your terminal emulator as launch commands or create a script in autostart folder:
Code:
su
cd /system/etc/init.d/
touch 17env
echo "#!/system/bin/sh\nexport PATH=/data/local/bin:$PATH\nexit 0" > 21env
makslll said:
This is pretty cool, I managed to make some progress, however got error at authorization stage at line:
aireplay-ng -1 0 -a MAC wlan0
Waiting for beacon frame (BSSID: .......) on channel -1
Couldn't determine current channel for wlan0, you should either force the operation with --ignore-negative-one or apply kernel patch
same error with injection
I'm pretty new to linux stuff, is there any way to bypass this?
Another thing is that I can't use wi-fi after using monitor mode, even if i shut it down (wmon off) until phone restart, is that alright?
Thanks in advance, and keep doing the great job!
Click to expand...
Click to collapse
I use "aireplay-ng -2 -b VICTIM -h FAKEDMAC wlan0"
aspartame21 said:
I've to correct my scripts, but don't wait for it. Just type "export PATH=/data/local/bin:$PATH". You can also add this to your terminal emulator as launch commands or create a script in autostart folder:
Code:
su
cd /system/etc/init.d/
touch 17env
echo "#!/system/bin/sh\nexport PATH=/data/local/bin:$PATH\nexit 0" > 21env
Click to expand...
Click to collapse
Where is this Terminal autostart folder? Also, I tried executing the first command and it gave me nothing but a "> " line. What should I do?
Hi guy,
first of all, thanks for your great job.
I've seen as you have uploaded a wmon_siyah4.5.1 version... does it work with that siyah version?
I have that kernel (and that version), and I get the error:
Code:
insmod: can't insert 'dhd.ko': invalid module format
error: SIOCGIFFLAGS (No such device)
just after run 'wmon on'.
Can you help me, please?
thanks

[App-Mod/Source] WifiTether for JB TouchWiz Roms

Before we start I have to throw out props to Eschelon, NxtGenCowboy, Virus, Ziggy471 and of course to the wifi-tether guys as well as cyanogen for the needed source/binaries (pre-11/18 versions) which allowed me to find the right path to get this 100% working. Also had awesome testers proxhack / jlmr731 and especially joshbeach. They all were essential to getting this all working. I still don't have a GS3 so poor Eschelon/NxtGenCowboy probably wiped/installed about 100 builds before this worked (and after when I lost source... grumble). Thanks to everyone that helped.
Legal/GPL Stuff
Carriers hate tethering, you all know that. Use at your own risk/with common sense & dont blame me for anything that goes wrong
WifiTether is under the GPLv3 license, so below is the source for the mods
Code:
Original Source - https://code.google.com/p/android-wifi-tether/
Modded Source - http://svn.ziggy471.com/treve-tether
Configuration:
*Latest Build recommended, these are just a few devices I have tested on*
Setup-Method:: (auto should have right defaults, might need to force)
Galaxy S3 - Netd-ndc with driver reload 2
Evo 3d SoftAP with driver reload 2
Sensation SoftAP with no driver reloads
Evo 4g SoftAP with no driver reloads
Click to expand...
Click to collapse
Other Settings
-Device-Profile: Leave this on auto (default)
-Netdndc Max Client Cmd: Required for GS3ish devices. If not enabled you will likely get an AP but cannot connect.
-MSS clamping: on (default)
-Routing fix: on (default)
Click to expand...
Click to collapse
Heres some geek details on basic binaries how the backend of wifi-tether works. The main modes I played with and required files are as detailed below:
Code:
[B]Netd-ndc mode[/B] (Wifi Tether JB Default)
-/system/bin/ndc (wrapper for netd)
-/system/bin/netd (actual netd service)
--Commands Executed
/system/bin/ndc softap stopap
/system/bin/ndc softap stop wlan0
/system/bin/ndc softap fwreload wlan0 AP
/system/bin/ndc softap start wlan0
/system/bin/ndc softap set wlan0 wlan0 SSID encryption key channel (maxclients) 0 8
/system/bin/ndc softap startap
/system/bin/ndc interface setcfg wlan0 192.168.2.254 255.255.255.0 up
[B]Netd mode[/B]
-/system/bin/netd (netd service)
--Commands are basically the same as above, but direct to netd service
[B]HostAP mode[/B] (used by stock tether app/fallback mode)
-/system/bin/hostap (hostap service, init.qcom.rc looks for config /data/hostapd/hostapd.conf)
New Options
Framework Tether(Fallback)
Use this if you have issues with wifitether mode. It forces on a wifihotspot using just framework. This has been reported to not throw up the paywall nag screen on some devices/carriers but YMMV. It may be able to be used nonroot as well if you ignore the initial warning.
Send NetdNDC Max Client CMD
This modifies the standard ndc command string to add in the Max Client parameter. More details are in post here
Wifi-Driver reload
This is the standard driver reload for wifi tether. It runs inside one script "./tether start|stop".
Wifi-Driver reload 2
This is a modified command that reloads firmware in a separate su request before the tether-edify code is run. May require SuperSU.apk
Use Cyanogen Hostapd Binary
This is the old method and is totally removed stating with the 11/20 update
The hostapd binary contained in atleast touchwiz JB contains extra fields explained above. If the extra commands are not working on X device you can try to fall back to this binary. This uses a dirty hack which installs hostapd and symlinks between versions for native or WifiTether mode. As long as you start and stop wifitether things should always line up. If you get into an issue where you crash things might get out of sync but should fix themselves next toggle of wifi tether. I have also added in menu items for the gs3 to manually swap binaries around.
*You must have a proper setup busybox for the GS3 code to work right. It moves system files around - you might win a reflash if things really go bad*
*Cyanogen Hostapd Symlink option only*- Make a system backup, it modifies sys files so theres a chance it will break something
Bugs
You might have to toggle stuff on and off once first if you run into errors. I think there's an error on first creation of config
If you switch modes between native wifitether and fallback mode (or stock tethering), your phone may spontaneously combust(wifi crashes) after the routing mess that ensues. Just reboot and you'll be all set again.
Seems to work better on SuperSU - Probably due to the per-app permissions vs per command.
Download:
**EVERY BUILD YOU MUST UNINSTALL OLD VERSIONS FIRST OR ATLEAST CLEAR APP DATA, IT DOES NOT UPGRADE NICELY**
-If you have problems, scroll down and read FAQ in post2 before posting
WifiTether-TrevE_Mod_04-17-2013.apk - Link Soon
Older Versions:
WifiTether_TrevE_Mod_11_22_2012 (defaults to Wifi Driver Reload 1) - http://www.androidfilehost.com/?fid=9390195663897100312
WifiTether-TrevE_Mod_11_22_2012_driverReload2 (defaults to Wifi Driver Reload 2) - http://www.androidfilehost.com/?fid=9390208427046731813
Try to merge together what worked for everyone across different devices. There are 2 options in settings with mild enhancements
-Wifi-Driver Reload - Driver reload inside of tether script. Similar to 11/20 version
-Wifi-Driver Reload 2 - Driver reload outside of tether script. Similar to 11/18 version
Please report in with Carrier/Device and what option works best for you. Valid combinations are no reloads checked or one of the reload methods. Do not check both (theres no code to stop you from doing it now)
There is no code differences between the two apk versions, I just recently added in reload method 2 so rom devs can cook in whatever apk just works without changing settings.
Click to expand...
Click to collapse
Apparently I botched code along the line somewhere between 18-20. Please let me know which one of these versions you are on and what works.
WifiTether_TrevE_Mod_11_20_2012_insmodv3.apk - If v2 doesnt work this should - http://www.androidfilehost.com/?fid=9390169635556426691
If insmod v2 doesnt work, insmod v3 switches to insmod on load, rrmod to unload, then reloads the driver when finished with with mfgloader -u / mfgloader -l
WifiTether_TrevE_Mod_11_20_2012_insmodv2.apk - Hopefully working- http://www.androidfilehost.com/?fid=9390169635556426686
Driver Reload did not like loading with mfgloader in original build. This switches to insmod on load, mfgloader/rrmod to unload, then reloads the driver when finished with mfgloader -u / mfgloader -l
WifiTether_TrevE_Mod_11_20_2012.apk - Broken - Thanks halmo20 for catching that
GS3/E3D driver load/unload methods cleaned up, wifi driver reload checkbox should now be used, it was forced previously in code.
NetDndc Max client mode ported down to netd as well. Setting enables/disables with netd
all superuser code removed outside of tether binary, should have less popups for non-supersu users
Framework tether mode moved to setup
Fixed settings being applied reverting user settings at first start
All Cyanogen hostapd binary leftovers removed
Busybox check removed
WifiTether_TrevE_Mod_11_18_2012.apk - http://www.androidfilehost.com/?fid=9390190389996027907
Bam - Symlinks gone by default thanks joshbeach for all testing
New option Netdndc Max mode, this should be devices default setting.
Encryption works starting this build with netdndc max mode
WifiTether-TrevE_Mod_11-17-2012.apk - http://www.androidfilehost.com/?fid=9390188424645836869
cut down symlinks to only move hostapd around.
Made a checkbox that controls symlink code. Trying to axe it all. Moved this and fallback to settings screen. now save/load
define wifi.interface where it is undefined like on t0ltespr (hack to wire it to ndc settngs)
try to work with t0ltespr's /lib/ directory
cut down root code significantly (hopefully spam/timing issues resolved)
WifiTether_TrevE_Mod_11_15_12.apk -
Code cleanup
e3d code driver reload mess moved
samsung symlink mess in separate class, hoping to ditch this all soon
fallback mode in separate class, wired up to wifitether settings (encryption should work)
WifiTether_TrevE_Mod_11_12_12.apk - http://www.androidfilehost.com/?fid=9390169635556426338
Click to expand...
Click to collapse
***This app is signed with my certificate, you will need to uninstall old versions of wifitether first to use this***
FAQ
AP Starts but unable to connect - Make sure Send Netd max client mode option is on if your on JellyBean. read p1 for required settings
Tether does not start / Adapter does not work after tether- Try to turn off Wifi-Driver Reload #1 and turn on Wifi-Driver Reload #2
Tether cuts off on on charger connect/disconnect- Try to turn off connection optimizer. More here from eyecon82 http://forum.xda-developers.com/showpost.php?p=34467459&postcount=148
mystery_tx_man suggests removing connection manager apk - http://forum.xda-developers.com/showpost.php?p=34838831&postcount=218
Phone takes back control of wifi- Youll notice a "What the hell" toast message. Somehow the phone moved wifi state, either you toggled an app that turns on wifi or some system process was thinking for you. Disable whatever is doing it.
cyrnel suggests disabling wireless network location services - http://forum.xda-developers.com/showpost.php?p=34721619&postcount=200
If you get it on screen shut off try changing "Wifi During Sleep" - on htc its menu -> settings - wifi -> menu -> Advanced -> Keep Wifi on during sleep -> Always
You get a Tmobile Hotspot page-
Changing APNs is reported to work by Gandoff without changing useragent- http://forum.xda-developers.com/showpost.php?p=34629321&postcount=191
Changing user agents works as described by mad_unix http://forum.xda-developers.com/showthread.php?p=34388089#post34388089 and free_man http://forum.xda-developers.com/showthread.php?p=34500399#post34500399
open1your1eyes0 has some vpn setup links which should also work - http://forum.xda-developers.com/showpost.php?p=34798223&postcount=211
XXXX still doesnt work - First try SuperSU. This will avoid a lot of headaches. Then make sure you are on latest version and that you have uninstalled/cleared app data when you went to a newer version. Read over the last few pages of thread at least too to make sure its not a known issue then go for it and post away. Make sure you include Carrier / Device / Rom / SU application.
Debugging Issues
For those people having issues on other gs3 like devices / roms / whatever I do not even have a gs3 so this is all blind. To try to help debugging I created a script to hopefully grab information needed. This should help from both working/nonworking devices to help eliminate the stupid symlink code and fix up other devices.
The scripts point is to try to get a working AP. If you can post how you did it and we can get source changed. By default it does no driver reloads and starts an Open AP with SSID TrevScript.
First grab the latest script from svn (ill update it with more info after I get some logs so make sure you have latest)
http://svn.ziggy471.com/treve-tether/ grab tetherdebug.sh
Code:
adb push tetherdebug.sh /system/xbin/
adb shell chmod 755 /system/xbin/tetherdebug.sh
adb shell busybox dos2unix /system/xbin/tetherdebug.sh
Make sure wifi is on but do not start witfitethering. All you want to do is run "Set Binaries to WifiTether" option in the menu of app then follow below code
Code:
adb shell su -c tetherdebug.sh
adb pull /data/local/tmp/tether.log
rename the file to tether_wifibinaries.log. Check to see if any AP is available.
now run "Set Binaries to Native" option in app and reboot device
adb reboot
When the device comes back up, rerun the script.
Code:
adb shell su -c tetherdebug.sh
adb pull /data/local/tmp/tether.log
rename the file to tether_nativebinaries.log. Check to see if any AP is available.
reboot after you get the file.
adb reboot
ADVANCED
If you know what you are doing you can try to find a working combo. I added in the following command line args
ARG1 = ENCRYPTION. NONE/WPA2
ARG2 = DRIVERRELOAD. NONE/insmod/mfgloader
ARG3 = DRIVERTOLOAD. /system/lib/modules/dhd.ko (or whatever module is, required if ARG2 is set)
Examples:
Make sure wifi is on but do not start witfitethering. All you want to do is run "Set Binaries to WifiTether" option in the menu of app to start with a known working base then follow below code
try no encryption with insmod where your wifi module is /system/lib/modules/dhd.ko
Code:
adb shell su -c tetherdebug.sh NONE insmod /system/lib/modules/dhd.ko
try no encryption with mfgloader where your wifi module is /system/lib/modules/dhd.ko
Code:
adb shell su -c tetherdebug.sh NONE mfgloader /system/lib/modules/dhd.ko
try wpa2 (password is Trev) with insmod where your wifi module is /system/lib/modules/dhd.ko
Code:
adb shell su -c tetherdebug.sh WPA2 insmod /system/lib/modules/dhd.ko
There shouldn't be personal information in the debug logs, the most I can think of that would be displayed is if you have an encryption passphrase set in wifitether. Sending the 2 files named with what mode you were in will help get it going elsewhere and hopefully kill the symlink code
mineeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
askldfjalskdnflkasf
Worked great right out the box on Synergy Rev 111. Great job Trev. :good:
worked like a charm
Thanks guys
downloading now. Thank you very much... great work...
And working great....
BAM!
Sent from the 3rd Galaxy
Confirmed working on Beans build2, you totally rock.
+1 encryption breaks, unsecure works great.
Sent from my SCH-I535 using xda premium
cannot connect with wifi encryption
other than that working
big thanks
Works great without enabling the WiFi-Encryption, but when I do, it doesn't work...btw I'm on Synergy R111.
Confirmed working on CleanROM 4.5!! (unsecured)
+1 setting encryption breaks it. (setting it back to open fixes it)
progress!
Thank you so much!!
Thank you very much for this. Been wanting to punch myself in the nuts every time I have to use the hotspot app because of the constant data drops.
Sent from my SCH-I535 using Tapatalk 2
VRBLJ1 stock. Not working no matter what settings I use. Not the one from the play store, neither this one. :/
Can't get it to show up in the Wifi list of connections on my laptop under any condition.
Ended up using this: https://play.google.com/store/apps/details?id=kr.core.technology.wifi.hotspot&hl=en
Bypasses the stock security check perfectly and uses native tethering.
How can I make this work on sprint gs3 tw jb leak
Sent from my SPH-L710 using xda app-developers app
open1your1eyes0 said:
VRBLJ1 stock. Not working no matter what settings I use. Not the one from the play store, neither this one. :/
Can't get it to show up in the Wifi list of connections on my laptop under any condition.
Ended up using this: https://play.google.com/store/apps/details?id=kr.core.technology.wifi.hotspot&hl=en
Bypasses the stock security check perfectly and uses native tethering.
Click to expand...
Click to collapse
^^^This! Thank you this worked after trying the moded wifi tether with no success.
Sent from my GT-N8013 using Tapatalk 2
Working on Jelly "Beans" build 2
Awesome! Works great! I was about to switch back to ICS because of not being able to tether and I am glad I waited! Thank you so much for this!
Works for me on stock SPRINT JBTW gs3. Amazing!
Not working for me on stock Sprint JB LJ7.
Few things I've seen
-Encryption doesnt work.
Ill look into it, but I know its a longrunning bug for some devices. Use access control for now. I dont actually have a GS3 so its kinda a wonder this works at all
-Tether doesnt work
Please give some more details- what mode are you in regular or fallback?
does tethering turn on and show statistics at bottom of screen? if not what does the log show inside of wifitether? if so does windows see the accesspoint?
As far as Sprint LJ7 ill download the rom and check it but answers to above will help. a logcat of it turning on and off would be most helpful I threw a bunch of debugging lines in

[APP][2.2+][ROOT][WiFi] Reaver-GUI for Android

{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Reaver for Android v1.30
Reaver-WPS GUI for rooted devices with bcm4329/4330 wifi chipset or working external wifi card.
INFO:
Reaver for Android, short RfA, is a simple-to-use Reaver-GUI for Android devices with monitor-mode support.
It has some very cool features:
Detects automatically WPS-enabled routers.
All Reaver-Settings are accessible from a simple-to-use GUI.
Activates and deactivates Monitor-Mode automatically when needed.
Provides a simple way to connect when Reaver finds the WPA-Key.
External script support
Project status: PRE-FINAL
What does this mean?
There are some features which are not implemented yet.
Developement will continue very soon.​
Installation
Download/install bcmon.apk from HERE and RfA.apk from the bottom of this post. RfA may also download bcmon automatically.
Run bcmon, if it crashes try a second time.
If all runs fine, start RfA. If not, your device may be not bcmon compatible. Please see second post.
After selecting an WPS-enabled router, click on "Test Monitor-Mode".
Now you can use RfA, don't uninstall bcmon.
Steps 1 - 4 are only for the installation, they don't have to be repeated once done.
FAQ:
What is this awesome app actually usefull for?
Well, RfA is able to unveil the actual WPA(2)-Key of many routers within 2 - 10 hours.
WHAT?! I though WPA(2) is safe?
It used to be, but then many router models got WiFi Protected Setup, short WPS, implemeted, which is pretty vulnerable. (Details)
Basically it's a Brute-Force attack with Reaver against a 8 digit pin with 10^4 + 10^3 possibilities.
What is Reaver?
Reaver-WPS is a pentesting tool developed by Tactical Network Solutions.
It attacks WPS-enabled routers and after the WPS-Pin is cracked, it retrieves the actual WPA-key.
Reaver provides only a terminal interface, which is ok for notebooks etc., however it's a pain on Android devices.
Because of this I developed RfA.
Doesn't Reaver requires monitor-mode and so can't work on Android?
Yes, Reaver needs monitor-mode, but thanks to bcmon (or external wifi cards) some Android devices are now monitor-mode capable.​
bcmon compatibility
Developed and tested on: Nexus 7 2012 (Stock 4.3)
RfA *should* work on all devices with bcmon support (Broadcom bcm4329/bcm4330 chipsets)
Simply try by installing bcmon. Don't worry, if something goes wrong a simple reboot should fix everything.
For external wifi cards please see second post.
Tested & works on:
Nexus 7 2012 (Stock 4.3, Cyanogen 9)
Huawei Honour (Cyanogen Mod based ROM)
bcmon does NOT work on:
Samsung Galaxy S3/4/5
HTC One
LG G2
Nexus 4/5
Nexus 7 (2013)​
Credits & used tools:
Monitor-Mode over bcmon.apk:
Omri Ildis, Ruby Feinstein & Yuval Ofir
See: bcmon.blogspot.com
Reaver-WPS:
Tactical Network Solutions
See: code.google.com/p/reaver-wps/​
Disclaimer
Attention: Hacking of networks is illegal without having the permission of the owner! The developer is not responsible for any damage etc. this app could cause.
This software is only intended to show a big security hole, not to be able to surf in the neighbours Wifi​
XDA:DevDB Information
Reaver-GUI for Android, App for all devices (see above for details)
Contributors
SOEDI, bcmon team & Tactical Network Solutions
Version Information
Status: Stable
Current Stable Version: 1.30
Stable Release Date: 2014-07-01
Beta Release Date: 2013-11-04
Created 2013-09-24
Last Updated 2014-09-27
Second Post
If anyone has working Andorid drivers for external Wifi cards, please let me know,
If the layout looks strange on your phone, please send me a screenshot, so I can fix it
I have only a tablet and HD phone (emulator works to slow), so can't test the layout properly.
Usage of custom-scripts
To make RfA less dependent from bcmon, which seems to be dicontinued, I introduced custom monitor-mode-activation scripts.
Please note that those scripts only have sense for you, if you are already able to use monitor-mode on your device. Ether via special firmware for the internel wifi card or a kernel, which properly supports external wifi cards. Those scripts serve only as a "connector" between your wifi interface and RfA.
In order to enable this function you need to open RfA settings, tap on "Monitor-Mode settings" and disable the "Use bcmon" checkbox.
There are 3 different scripts you can specify:
Activation script
This script will be executed in it's own directory.
It should enable monitor-mode and exit.
Example:
Code:
#!/bin/bash
svc wifi disable
LD_LIBRARY_PATH=/data/data/com.bcmon.bcmon/files/libs
LD_PRELOAD=/data/data/com.bcmon.bcmon/files/libs/libfake_driver.so sh
cd /data/data/com.bcmon.bcmon/files/tools
./enable_bcmon
echo "rfasuccess"
exit
Click to expand...
Click to collapse
Warm-up script
RfA will read in this script as textfile and execute the commands internally. This is needed to execute reaver in the same terminal session as the script.
It should do all prepartions before Reaver is started. At least it has to cd into the directory where the reaver binary is.
Example:
Code:
#!/bin/bash
LD_LIBRARY_PATH=/data/data/com.bcmon.bcmon/files/libs
LD_PRELOAD=/data/data/com.bcmon.bcmon/files/libs/libfake_driver.so sh
cd /data/data/com.bcmon.bcmon/files/tools
Click to expand...
Click to collapse
Stop script
This script will be executed in it's own directory.
It should disable monitor-mode and exit.
Code:
#!/bin/bash
svc wifi enable
echo "rfasuccess"
Click to expand...
Click to collapse
Additional Information
You have also to specify your wifi-interface.
The given examples are those scripts, which RfA uses by default when you enable the "Use bcmon" checkbox.
The activation and stop script have to echo "rfasuccess" in order to tell RfA that they were executed properly. With this method you can also implement a sort of error-checking, by returning "rfasuccess" only when everything went fine.
Click to expand...
Click to collapse
Interesting.... nice job.
But better not let this get into the wrong hands, with these Admin Password hacking apps going on, anyone can take over someones router.
Sent from my super rare, old Scroll Excel running Android 2.3 using the offical app.
DOES DAT APP RUN ON DEVICES STILL ROCKIN 2.3?
Great job folks.
But for some reason user mode bcmode do not work well on HTC HD2 and my custom firmware, so I am using system module bcmon which create eth0 monitor interface instead of wlan0 (wifi0).
Can you please add interface selection or auto-detect interface in monitor mode ?
Tnx !
interface support
Hi,
RfA supports wlan0 and eth0 interface.
The problem seems to be the startup script and location of the Reaver binary, which seems to be different on your HD2.
Please describe exactly how you start monitor-mode, so I can update RfA
regards,
SOEDI
SOEDI said:
Please describe exactly how you start monitor-mode, so I can update RfA
Click to expand...
Click to collapse
Ok.
I have downloaded module src code from https://code.google.com/p/bcmon/source/browse/#svn/trunk/bcm4329/driver/src/bcm4329
Compile for my kernel and use with script that switch drivers with:
Code:
insmod bcm4329.ko firmware_path=fw_bcm4329.bcmon.bin
Firmware version is from https://code.google.com/p/bcmon/source/browse/#svn/trunk/bcm4329/fw
After that I can use sniffer like airodump (airodump -i eth0) and aireplay without need to switch monitor mode with airmon.
---------- Post added at 08:01 AM ---------- Previous post was at 07:11 AM ----------
Ahh, I have just researched the problem.
Problem is at enable_bcmon
Code:
./enable_bcmon
error: SIOCGIFFLAGS (No such device)
error: SIOCGIFFLAGS (No such device)
Couldn't find device index: No such device
I have also tried to start reaver with ./reaver -i eth0 -b 90:F6:52:C0:22:9C -c 1 -a -vv -w -S, but old problem with this drivers occurred, failed to associate to AP (it is not range problem, it is old known inject problem with kernel module driver)
Just have to find a way to make new bcmon working.
[/COLOR]Ahh, I have just researched the problem.
Problem is at enable_bcmon
Code:
./enable_bcmon
error: SIOCGIFFLAGS (No such device)
error: SIOCGIFFLAGS (No such device)
Couldn't find device index: No such device
I have also tried to start reaver with ./reaver -i eth0 -b 90:F6:52:C0:22:9C -c 1 -a -vv -w -S, but old problem with this drivers occurred, failed to associate to AP (it is not range problem, it is old known inject problem with kernel module driver)
Just have to find a way to make new bcmon working.
Click to expand...
Click to collapse
Ok, I see where the problem is....
The method to activate Monitor-Mode over bcmon.apk is:
Code:
define some paths
./enable_bcmon
But if you have self compiled modules:
Code:
sh setup.sh
?define tools path?.
Also on the bcmon website they said they fixed injection. Have you installed the newest firmware files and modules?
If you want to use bcmon.apk instead, maybe try to reinstall BusyBox. Some users reported this fixed their problems.
After you got your Monitor-Mode working, post it and I will update RfA.
reagrds,
SOEDI
First of all thank You SOEDI
Finally someone did it.. reaver is on android...
However i find the job of making it functional only half done...
as i understood from reaver forums it works best with wireless cards based on RTL8187 chipsets
in addition on the site of those modded bcmon drivers there is a statement that it doesn't support radiotap (be it mode or whatever) wich reaver seems to require..
so my idea is why not expanding Your application by adding linux kernel driver to support usb OTG (on the go) plugged in the android device's usb port...
search for phrase "android pcap" in google and You'll find it on kismet wireless
sorry for lack of link.. aperently i'd have to write 9 additional posts to post one
there is a source code down on that site too.. and it's monitor mode with no root priviledges..
plus additionally You also could add a functionality to Your gui to choose between built-in card and the one plugged in via USB-OTG to select wich one the gui is going to use..
So.. how about it? it could be mindblowing if You'd suceed
I'd bet You'd probably make a lot of peapole happy out there
sorry 4 my eventual spelling mistakes engilsh is not my native though..
regards
GusT.
Radiotap Headers
Hi,
The new bcmon.apk method supports radiotap headers, tested and worked At least with bcm4330 on Nexus7.
Monitor-Mode over USB-OTG would be cool, but I'm working on 3 other projects, so this will take some time...
At least it's working pretty good for a beta release
For me, the precess stops at "Switching wlan0 to channel 6".
I have a Galaxy S2 (i think it has a bcm4330 chipset) and android 4.2.2
I got stuck on "Waiting for bacon from etc etc.." is it normal?
ElmirBuljubasic said:
I got stuck on "Waiting for bacon from etc etc.." is it normal?
Click to expand...
Click to collapse
typically that means nobody is using the AP at that time
Reaver
Stuck on waiting for beacon:
Usually this is a range problem.
Try to start another attack, maybe on a different router.
Stuck on switching wlan0 to channel....:
The only solution I have is to simply restart the attack.
Usually this fixes the problem...
Hey great job on getting this working! Been waiting for this for a while, the aircrack solutions out there just take too long for a phone to crack through wpa/wpa2.
I'm having some issues though btw im on samsung galazy s2x which has the bcm4330. First off the bcmon starts up and enables monitor mode just fine but when I come to scan networks in reaver it nevers successfully finds any. I've tried to increase scan time and i've enables scan fix but nothing seems to work. I know my device is in monitor mode since i can scan for networks on another app, I can also reveice data packets but it's just not working on here any ideas? thanks awesome work!
The solution is pretty simple:
RfA scans in Managed-Mode, then enables Monitor-Mode and passes the data to Reaver.
So RfA can handle the Monitor-Mode on it’s own, no need to start bcmon first
Simply start RfA with wifi on
regards,
SOEDI
Thanks for the clarification now once I've scanned for networks connections come up like it should but i'm getting a new problem when testing monitoring mode it fails. I believe that this could be because of bcmon since the app doesn't seem to properly install the modded drivers. I could be wrong. I think i'm running into compatibility issues with my rom. I'm using MIUI I'm gonna try cyanogenmod to see if it helps anything.
hi
great work but im having a problem i have a htc wildfire s
evry time i start cracking a network i get (illigal instruction ./reaver wlan....)
and then nothing i think this is from my rom mostly but im not sure
my phone is fully rooted thx in advance
Alright well guess mini was causing problems with it so I guess that's not compatible working great on 4.3
Sent from my SGH-T989 using XDA Premium 4 mobile app
I'm on 09/26 cm 10.2 nightly and using galaxy s2, router is Linksys wrt110. First I wasn't able to get past "switching wlan0 to channel 1"
And if I enabled monitor mode in bcmon before scanning in rfa no router is found. how I got it to work was to scan first and once I found my router i tested for monitor mode. Before starting attack i used home button and then open bcmon and enabled monitor mode ( I had already said yes to install tool on first run), press and held home button and went back to rfa and started attack.
This was the result.
I do have a question though.. This was tested on my own router and my password is set to 0123456789 on the router. So what exactly do I have to enter from the result to connect?
I tried this on Kali as well and I got similar result, can remember if it was exact same.
I tried the WPA psk and the pin as passwords and was not able to connect to router. And my router is set to wpa2. Is that why? I kno this is off topic but I'm curious
Sent from my GT-I9100 using Tapatalk 4 Beta
Wow, seems like RfA has some problems with the S2.
Cool workaround!
Regarding your problem:
The shown WPA PSK is the hash of your real WPA Key.
Sometimes Reaver fails to get the plaintext Key and shows instead the hash.
However, if you use the hash as WPA Key it should work. Had tried this a few times and worked fine
regards,
SOEDI
EDIT:
Of course, you have to use the hash withoud the ' ' as key. Wanted only to mention this
RfA should have shown a Dialog with the Key and a connect button. Did it?

Categories

Resources