[TUTORIAL] How to use aircrack-ng with the bleeding-edge wifi drivers - maemo.org

HtheB | # 1 | 2011-01-07, 11:50 | Report

First of all, thank you lxp for making the wifi drivers!

In this tutorial, I will explain (the n00b way) on how to use aircrack-ng on the N900.

remember: use this tutorial only for educational purposes
oh and if something happens to your N900, go to your mommy and cry... because I'm not responsible

(hehe)

Allright let's start.

Step 1:
Donate lxp for the wifi drivers to get the files. (Donate buttons are at the bottom)
You will receive the drivers.

Step 2:
When you got the drivers and downloaded them on your PC/Mac, just copy the file (wl1251-maemo-0.1.tar.gz) into your N900 using the usb cable in the MyDocs. When done, disconnect the cable.

Step 3:
(this part is from the inlcuded README file)

Installation:

Open X Terminal

type the following commands to unpack the file:

Code:

~$ cd MyDocs
~/MyDocs$ tar -xzvf wl1251-maemo-0.1.tar.gz

Step 4:
Now let's install aircrack-ng and the drivers:

Code:

~/MyDocs$ sudo gainroot

/home/user/MyDocs/# apt-get install aircrack-ng

/home/user/MyDocs/# cd wl1251-maemo/binary/kernel-power

/home/user/MyDocs/wl1251-maemo/binary/kernel-power # dpkg -i kernel-power_2.6.28-maemo46-wl1_armel.deb

/home/user/MyDocs/wl1251-maemo/binary/kernel-power #dpkg -i kernel-power-modules_2.6.28-maemo46-wl1_armel.deb

/home/user/MyDocs/wl1251-maemo/binary/kernel-power # dpkg -i kernel-power-flasher_2.6.28-maemo46-wl1_armel.deb

/home/user/MyDocs/wl1251-maemo/binary/kernel-power # dpkg -i kernel-power-bootimg_2.6.28-maemo46-wl1_armel.deb

* Install customized osso-wlan (optional)
This fixes a bug where WLAN gets stuck, when you are connected to an access point and go out-of-range.

WARNING: Installing the customized osso-wlan will break seamless upgrades to new PR versions.
Most likely you will have to reinstall normal osso-wlan version before you can do OTA upgrades.

You can also skip this step, but keep in mind that the above mentioned bug can occur. If this bug is triggered you have 3 options:
manually unset ssid, unload and reload driver or reboot your phone.

Code:

/home/user/MyDocs/wl1251-maemo/binary/kernel-power # cd ../osso-wlan

/home/user/MyDocs/wl1251-maemo/osso-wlan # dpkg -i osso-wlan_3.0.20+0m5-1_armel.deb

Side note: The packages osso-wlan-dbg and osso-wlan-doc are also included but not needed.

Step 5:
This step is only needed if you have multiboot on your N900 (credits goes to stlpaul):

Code:

/home/user/MyDocs/wl1251-maemo/binary/kernel-power # cd /boot
/boot # mv zImage-2.6.28-maemo46-wl1 multiboot/vmlinuz-2.6.28.10power46-wl1

if you haven't installed leafpad type:

Code:

/boot # apt-get install leafpad

Next, create the file /etc/multiboot.d/01-Maemo-2.6.28.10power46-wl1.item using leafpad:

Code:

/boot # leafpad /etc/multiboot.d/01-Maemo-2.6.28.10power46-wl1.item

and write this into leafpad:

Code:

ITEM_NAME="Maemo 2.6.28.10power46-wl1"
ITEM_KERNEL=2.6.28.10power46-wl1
ITEM_MODULES=ext3

save the file

Power off and boot your phone again while the keyboard is slide open.
Select the kernel from the boot list:
Maemo 2.6.28.10power46-wl1

Step 6:
Using the driver:
This procedure is required after every reboot of your phone, if you want to use this driver!

Open X Terminal

Code:

~$ sudo gainroot

* Load the driver

Code:

 /home/user # cd MyDocs/wl1251-maemo/binary/compat-wireless
 /home/user/MyDocs/wl1251-maemo/binary/compat-wireless # sh load.sh

* Unloading the driver (just in case you run into problems and want to switch back to the stock wl12xx driver)

Code:

/home/user/MyDocs/wl1251-maemo/binary/compat-wireless # sh unload.sh

Step 7:
Follow this tutorial:
http://www.youtube.com/watch?v=9LRSxQ7UoAc
This is the EASIEST video there is
(watch and follow the tutorial from 1:25 till end)
just keep in mind that you have to type in wlan0 instead of mon0!

But before you start video, you have to know this:
the Drivers has to be loaded.
When you open X terminal and everytime you open a new X Terminal, you need to be root

That's all !

Edit:
Yes, you NEED the install the new kernel!

Edit 2:
I will upload a video soon how to do it on your N900

Last edited by HtheB; 2011-01-11 at 01:57.

The Following 38 Users Say Thank You to HtheB For This Useful Post:
aBs0lut3z33r0, abyn900, Amirovic, Andy1210, bobbydoedoe, caco3, cct, Creamy Goodness, dashti, epitaph, funkmunk, g0r, hansaka, HellFlyer, hesham, inkirby, jaimex2, jbh_denmark, kingoddball, kulas, leetut, longcat, Mentalist Traceur, Minhaz, moepda, mveplus, nicholes, Radicalz38, SalmanAbbas, stevomanu, tele, Tiboric, youmeego

Radicalz38 | # 2 | 2011-01-07, 12:00 | Report

Hi!
1st I think the installation of kernel-power-headers_2.6.28-maemo46-wl1_armel.deb is not neccesary unless you want to make your own module in the device(For developers only)

2nd the installation of kernel-power-bootimg_2.6.28-maemo46-wl1_armel.deb and the whole multiboot is also optional. You won't need all that unless you have nitdroid installed.

Those I mentioned take up a huge amount of rootfs space so unless they are needed I don't think you should include them on your tutorial.

And lastly thanks for the video tutorial

nicholes | # 3 | 2011-01-07, 13:02 | Report

thanks for starting new, freash, noob tutorial including video!!

one qustion do i really need download kernel-power-headers_2.6.28-maemo46-wl1_armel.deb????

i am googing to get it tomorrow and hope everything will go fine
THANKS! again

Last edited by nicholes; 2011-01-07 at 13:05.

saud khan | # 4 | 2011-01-07, 21:14 | Report

hi,
i followed the tutorial and its not working for me. i never get a handshake

where am i going wrong?

jd4200 | # 5 | 2011-01-07, 21:32 | Report

Originally Posted by saud khan View Post

hi,
i followed the tutorial and its not working for me. i never get a handshake

where am i going wrong?

Are you listening on one channel, or channel hopping?

The Following User Says Thank You to jd4200 For This Useful Post:
Mentalist Traceur

Mentalist Traceur | # 6 | 2011-01-07, 21:32 | Report

Hmmm, the headers may indeed be unnecessary. I installed them when I got the driver just because, well, it was in the instructions. I thought maybe they got used later on in the install process. Not sure.

Quick note (all credits to hawaii for doing this way before I ever did, putting me up to this and answering some of my questions along the way that helped me make sure I was on the right path): You can use scratchbox (remarkably easy to set up inside a Debian virtual machine) to compile the latest Aircrack-NG code (using SVN to get it, which is preinstalled in Scratchbox, if I remember correctly) for the N900. If I ever get the motivation and figure out how, I will see if I can take over maintenance of the current aircrack-ng package in the repositories, and push out the latest versions that way. But until then, the aforementioned is a good way to relatively painlessly get the latest versions of aircrack-ng.

The Following User Says Thank You to Mentalist Traceur For This Useful Post:
moepda

saud khan | # 7 | 2011-01-07, 21:37 | Report

Originally Posted by jd4200 View Post

Are you listening on one channel, or channel hopping?

what do you mean by this? :$ i am a bit new to this

jd4200 | # 8 | 2011-01-07, 22:04 | Report

Originally Posted by saud khan View Post

what do you mean by this? :$ i am a bit new to this

I'd recommend that you do some reading on the topic and on the aircrack-ng suite before you start out, or else your going to get confused very easy.

But to answer your question.
When you find the access point that you want to capture that handshake of, you must tell airodump to only listen on that channel the router is on.
To do this just add the -c switch to the command, so:
airodump-ng -c "A" -w "B" --bssid "C" wlan0
(where "A" is the channel, "B" is the name of the capture file, and "C" is the MAC address of the router)

Only experiment with this on you own router, especially when using aireplay-ng; you can really p*ss people off otherwise.

The Following 2 Users Say Thank You to jd4200 For This Useful Post:
Mentalist Traceur, moepda

SavageBrat | # 9 | 2011-01-07, 22:04 | Report

ok.have a question with the multi boot, is it require as i haven't installed nitroid..it looks like it can all be run in terminal..thanks

saud khan | # 10 | 2011-01-07, 22:09 | Report

sorry i didnt know the technical terms but yes i am doing what you just recommended but it doesnt work. i even followed the tutorial on aircrack-ng website and still i dont get any handshake

can you please tell me exactly what i have to do to get the handshake? i just want to check if i am doing something wrong. do we have to do something about iw? when i type airmon-ng start wlan0 i get an error saying neigther the sysfs interface nor the iw command is available.

Originally Posted by jd4200 View Post

I'd recommend that you do some reading on the topic and on the aircrack-ng suite before you start out, or else your going to get confused very easy.

But to answer your question.
When you find the access point that you want to capture that handshake of, you must tell airodump to only listen on that channel the router is on.
To do this just add the -c switch to the command, so:
airodump-ng -c "A" -w "B" --bssid "C" wlan0
(where "A" is the channel, "B" is the name of the capture file, and "C" is the MAC address of the router)

Only experiment with this on you own router, especially when using aireplay-ng; you can really p*ss people off otherwise.