This website uses cookies to ensure you get the best experience on our website. Learn more
・[NEW] 2020/08/20
Raspberry Piの WiFiでモニタモードでパケットキャプチャする方法、もとい、AirDropを動かす方法
(ラズパイで Appleの AirDropプロトコルでファイルの送受信を OpenDropで行なう方法 NexMon OWL AWDL)
Tags: [Raspberry Pi], [電子工作], [セキュリティ]
● Raspberry Piの WiFiでモニタモードでパケットキャプチャする方法、もとい、AirDropを動かす方法
ラズパイで Appleの AirDropプロトコルでファイルの送受信を OpenDropで行なう方法 NexMon OWL AWDL
Nexmon
NexMon ラズパイの WiFiを「モニタモード」で動かす為のパッチ
# Raspberry Pi OS (previously called Raspbian)
# https://www.raspberrypi.org/downloads/raspberry-pi-os/
Raspberry Pi OS (32-bit) Lite
Minimal image based on Debian Buster
Version:August 2020
Release date:2020-08-20
Kernel version:5.4
bcm43455c0 7_45_189 Raspberry Pi B3+/B4 Raspbian Kernel 4.14/19, 5.4
sudo raspi-config nonint do_wifi_country JP
# Nexmon
# https://github.com/seemoo-lab/nexmon
# Build patches for bcm43430a1 on the RPI3/Zero W
# bcm434355c0 on the RPI3+/RPI4 using Raspbian/Raspberry Pi OS (recommended)
# Upgrade your Raspbian installation:
# apt-get update && apt-get upgrade
sudo apt update -y
# Install the kernel headers to build the driver and some dependencies:
sudo apt install -y raspberrypi-kernel-headers git libgmp3-dev gawk qpdf bison flex make
# Clone our repository:
cd
git clone https://github.com/seemoo-lab/nexmon.git --depth 1
cd nexmon
touch DISABLE_STATISTICS
# Go into the root directory of our repository: cd nexmon
# Check if /usr/lib/arm-linux-gnueabihf/libisl.so.10 exists,
# if not, compile it from source:
if [[ ! -f /usr/lib/arm-linux-gnueabihf/libisl.so.10 ]]; then \
cd buildtools/isl-0.10/ && ./configure && make -j4 && sudo make install && \
sudo ln -s /usr/local/lib/libisl.so \
/usr/lib/arm-linux-gnueabihf/libisl.so.10 && \
cd ../../ ; fi
# GNU Automake package
sudo apt install -y automake-1.15
# Check if /usr/lib/arm-linux-gnueabihf/libmpfr.so.4 exists,
# if not, compile it from source:
if [[ ! -f /usr/lib/arm-linux-gnueabihf/libmpfr.so.4 ]]; then \
cd buildtools/mpfr-3.1.4/ && ./configure && make -j4 && sudo make install && \
sudo ln -s /usr/local/lib/libmpfr.so \
/usr/lib/arm-linux-gnueabihf/libmpfr.so.4 && \
cd ../../ ; fi
# GNU Automake package
# sudo apt install -y automake-1.15
# WARNING: 'aclocal-1.15' is missing on your system.
# You should only need it if you modified 'acinclude.m4' or
# 'configure.ac' or m4 files included by 'configure.ac'.
# The 'aclocal' program is part of the GNU Automake package:
# <http://www.gnu.org/software/automake>
# It also requires GNU Autoconf, GNU m4 and Perl in order to run:
# <http://www.gnu.org/software/autoconf>
# <http://www.gnu.org/software/m4/>
# <http://www.perl.org/>
# make: *** [Makefile:425: aclocal.m4] Error 127
sudo su
# Then you can setup the build environment for compiling firmware patches
# Setup the build environment:
source setup_env.sh
# Compile some build tools and extract the ucode and flashpatches from the original firmware files:
make -j4
# bcm43455c0 7_45_189 Raspberry Pi B3+/B4 Raspbian Kernel 4.14/19, 5.4
# Go to the patches folder for the bcm43430a1/bcm43455c0 chipset:
cd patches/bcm43455c0/7_45_206/nexmon/
# Compile a patched firmware:
# -j1
make
# Generate a backup of your original firmware file:
make backup-firmware
# Install the patched firmware on your RPI3:
make install-firmware
cd ../../../../
# exit su
exit
# Install nexutil: from the root directory of our repository switch to the nexutil folder:
cd utilities/nexutil/
# Compile and install nexutil:
# -j1
make && sudo make install
cd ../../
# Optional: remove wpa_supplicant for better control over the WiFi interface:
sudo apt remove -y wpasupplicant
# Note: To connect to regular access points you have to execute nexutil -m0 first
nexutil -m0
# Using the Monitor Mode patch
# Thanks to the prior work of Mame82, you can setup a new monitor mode interface by executing:
sudo iw phy `iw dev wlan0 info | gawk '/wiphy/ {printf "phy" $2}'` interface add mon0 type monitor
# To activate monitor mode in the firmware, simply set the interface up:
sudo ifconfig mon0 up
# At this point, monitor mode is active. There is no need to call airmon-ng.
# The interface already set the Radiotap header, therefore, tools like tcpdump or airodump-ng can be used out of the box:
tcpdump -i mon0
# Optional: To make the RPI3 load the modified driver after reboot:
# Find the path of the default driver at reboot: modinfo brcmfmac #the first line should be the full path
modinfo brcmfmac | grep filename
# filename: /lib/modules/5.4.51-v7l+/kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
ls -l /lib/modules/5.4.51-v7l+/kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
# -rw-r--r-- 1 root root 401820 Jul 20 07:51 /lib/modules/5.4.51-v7l+/kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
# Backup the original driver: mv "<PATH TO THE DRIVER>/brcmfmac.ko" "<PATH TO THE DRIVER>/brcmfmac.ko.orig"
sudo mv /lib/modules/5.4.51-v7l+/kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko /lib/modules/5.4.51-v7l+/kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko.orig
# Copy the modified driver (Kernel 4.9): cp /home/pi/nexmon/patches/bcm43430a1/7_45_41_46/nexmon/brcmfmac_kernel49/brcmfmac.ko "<PATH TO THE DRIVER>/"
# Copy the modified driver (Kernel 4.14): cp /home/pi/nexmon/patches/bcm43430a1/7_45_41_46/nexmon/brcmfmac_4.14.y-nexmon/brcmfmac.ko "<PATH TO THE DRIVER>/"
# i@raspberrypi:~/nexmon/patches/bcm43455c0/7_45_206/nexmon $ ls -l brcmfmac_5.4.y-nexmon/brcmfmac.ko
# -rw-r--r-- 1 pi pi 406292 Sep 6 12:41 brcmfmac_5.4.y-nexmon/brcmfmac.ko
sudo cp ~/nexmon/patches/bcm43455c0/7_45_206/nexmon/brcmfmac_5.4.y-nexmon/brcmfmac.ko /lib/modules/5.4.51-v7l+/kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
# Probe all modules and generate new dependency: depmod -a
sudo depmod -a
# The new driver should be loaded by default after reboot: reboot
sudo reboot
# * Note: It is possible to connect to an access point or run your own access point in parallel to the monitor mode interface on the wlan0 interface.
# Open Wireless Link
# Howto: Use AirDrop on a Raspberry Pi 3
# May 16, 2019
# https://owlink.org/2019/05/16/howto-use-airdrop-on-raspberry-pi-3.html
# Install OWL
# https://github.com/seemoo-lab/owl
sudo apt install -y libpcap-dev libev-dev libnl-3-dev \
libnl-genl-3-dev libnl-route-3-dev cmake
cd
git clone https://github.com/seemoo-lab/owl.git --depth 1
cd owl
git submodule update --init
mkdir build
cd build
cmake ..
make -j4
sudo make install
# Install OpenDrop
# https://github.com/seemoo-lab/opendrop
sudo apt install -y python3 python3-pip libjpeg-dev libopenjp2-7-dev
cd
git clone https://github.com/seemoo-lab/opendrop.git --depth 1
sudo pip3 install ./opendrop
# Receive files via AirDrop
sudo iw phy `iw dev wlan0 info | gawk '/wiphy/ {printf "phy" $2}'` interface add mon0 type monitor
sudo ifconfig mon0 up
sudo nexutil -k6
# AWDL
sudo owl -i mon0 -N
pi@raspberrypi:~ $ sudo owl -i mon0 -N
.oOXWMMMMWXOx:
.oOOOx:'''''''''''':OOOx:
oXOo' ........ ':OXx.
.oOOO''''''''''OOOo.
oXOo' 'oOO:
:oOOOOXXXXOOOOo:.
oXO:' ':OXo
.:xOXXXXXXOx:.
.xXMMMMMMMMMMMMMMMMXx.
'XWWWWWWMMMMMMMMMMMMMMMMMMMMMMWWWWWWX'
oWMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMWo
OMMMMMMWWMMMMMMMMMMMMMMWWWMMMMMO
OMMWx' 'xWMMMMWx' 'oXMMO
:MW: oMMx 'WM:
XM' .xOOo. :o .xOOo. WX
WX :MMMMMX :MMMMMX xW
XW 'WMMMMX .xx. 'WMMMWX XX
'Wx 'xWMx' OMMO 'xWMx' xM'
'XX: 'XX' :XX'
'xXOx:..................:xXWx'
'xXMMMMMMMMMMMMMMMMMMWO'
Open Wireless Link
https://owlink.org
13:05:56 INFO : WLAN device: mon0 (addr dc:a6:32:00:00:00)
13:05:56 INFO : Host device: awdl0
13:21:19 INFO : WLAN device: mon0 (addr dc:a6:32:11:22:33)
13:21:19 INFO : Host device: awdl0
13:21:21 INFO : add peer 6a:3:d5:44:55:66 ()
13:21:26 INFO : remove peer 6a:3:d5:44:55:66 ()
13:21:27 INFO : add peer 6a:3:d5:44:55:66 ()
13:21:51 INFO : remove peer 6a:3:d5:44:55:66 ()
13:21:55 INFO : add peer 6a:3:d5:44:55:66 ()
13:22:09 INFO : remove peer 6a:3:d5:44:55:66 ()
opendrop receive
# ImportError: libtiff.so.5: cannot open shared object file: No such file or directory
sudo apt install -y libtiff5
pi@raspberrypi:~ $ opendrop receive
Key file or certificate does not exist
Create new self-signed certificate in /home/pi/.opendrop/keys
Announcing service: host raspberrypi, address fe80::1111:2222:3333:4444, port 8771
Starting HTTPS server
Tags: [Raspberry Pi], [電子工作], [セキュリティ]
●関連するコンテンツ(この記事を読んだ人は、次の記事も読んでいます)
![【メモリ8GB】Raspberry Pi 4 Model B 8GBを KSYで最安値で購入。ベンチマークレビュー](data:image/svg+xml,<svg xmlns="http://www.w3.org/2000/svg" width="48" height="48"><rect fill-opacity="0"/></svg>)
【メモリ8GB】Raspberry Pi 4 Model B 8GBを KSYで最安値で購入。ベンチマークレビュー
【技適取得】ラズパイ4B 8GBモデルを入手。従来の Pi3、Pi3B+と速度比較
【Vulkan】Raspberry Pi 4 Model Bで Vulkanドライバをビルドして 3Dグラフィックのデモを動かす
【v3dv】ラズパイ4Bで Vulkan APIを動かす、VK_ICD_FILENAMES broadcom_icd.armv7l.json
Raspberry Pi 4 Model Bに標準搭載の Boot用 EEPROM、ファームウェアのアップデート手順
Raspberry Pi 4 Model Bから新規搭載の Boot用 EEPROMのファームを更新する方法、起動しない場合の復旧方法
NVIDIA Jetson Nano 開発者キットを買ってみた。メモリ容量 4GB LPDDR4 RAM
Jetson Nanoで TensorFlow PyTorch Caffe/Caffe2 Keras MXNet等を GPUパワーで超高速で動かす!
PIP機能付きの 4K対応の 4入力 1出力の HDMIセレクターを買ってみた、HDMI機器が複数有る場合に便利
ピクチャ イン ピクチャ機能付き 4K入力対応の 4入力 1出力 HDMI切り換え機 HDSFX0401P
EDID保持機能付きの 4K対応の 4入力 2出力の マトリックス切り替え HDMIセレクター、液晶画面 2台と使用で最強
TESmart HMA0402A30 マトリックス切り替えで液晶画面 2台に接続できて更に EDID保持の便利機能付き HDMI切り換え機
[HOME]
|
[BACK]
リンクフリー(連絡不要、ただしトップページ以外は Web構成の変更で移動する場合があります)
Copyright (c)
2020 FREE WING,Y.Sakamoto
Powered by 猫屋敷工房 & HTML Generator
http://www.neko.ne.jp/~freewing/raspberry_pi/raspberry_pi_wifi_monitor_mode/
