Benutzer-Werkzeuge

Webseiten-Werkzeuge


raspberry-pi-monitor-mode

Dies ist eine alte Version des Dokuments!


Raspberry Pi 3 B+ mit Wireless Monitor Mode Unterstützung aufsetzen

In diesem Artikel wird beschrieben wie ein Raspberry Pi 3 B+ mit einem speziellen Wireless-USB-Stick verwendet wird um Aufzeichnungen von 80 MHz breiten Kanälen aufzuzeichnen. Dies ist offensichtlich mit anderen Lösungen entweder sehr kostspielig (kommerzielle Lösung) oder äußert umständlich. Generell würde das hier beschriebene Verfahren auch mit älteren Raspberry Pis funktionieren, da die Onboard 11ac Schnittstelle nicht zum gewünschten Erfolg führte.

MicroSD Karte vorbereiten

  • Bitte zuerst Raspbian Stretch Lite von https://www.raspberrypi.org/downloads/raspbian/ herunterladen
  • Mit macOS kann man das Image einfach per Terminal/Konsole auf die MicroSD Karte schreiben, wer Windows nutzt kann dafür z.B. Etcher verwenden

Unter macOS verwendert man für dd das Ziel rdiskX (wobei X die Laufwerknummer ist) um das Image zu schreiben. Bitte genau prüfen welches das korrekte Laufwerk ist, sonst kann man sich hier selbst einen schlimmen Datenverlust erzeugen!

mbp:Downloads BennyE$ diskutil list
/dev/disk0 (internal, physical):
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:      GUID_partition_scheme                        *500.3 GB   disk0
   1:                        EFI EFI                     209.7 MB   disk0s1
   2:                 Apple_APFS Container disk1         500.1 GB   disk0s2

/dev/disk1 (synthesized):
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:      APFS Container Scheme -                      +500.1 GB   disk1
                                 Physical Store disk0s2
   1:                APFS Volume Macintosh HD            434.3 GB   disk1s1
   2:                APFS Volume Preboot                 20.7 MB    disk1s2
   3:                APFS Volume Recovery                515.1 MB   disk1s3
   4:                APFS Volume VM                      3.2 GB     disk1s4

/dev/disk2 (internal, physical):
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:     FDisk_partition_scheme                        *16.1 GB    disk2
   1:             Windows_FAT_32 NO NAME                 64.0 MB    disk2s1
   2:                      Linux                         15.5 GB    disk2s2

mbp:Downloads BennyE$ diskutil umountdisk /dev/disk2
Unmount of all volumes on disk2 was successful
mbp:Downloads BennyE$ sudo dd if=2018-06-27-raspbian-stretch-lite.img of=/dev/rdisk2 bs=1024k
Password:
1776+0 records in
1776+0 records out
1862270976 bytes transferred in 155.904460 secs (11944950 bytes/sec)
mbp:Downloads BennyE$ diskutil umountdisk /dev/disk2
Unmount of all volumes on disk2 was successful
  • Mit iostat kann man in einer separaten Konsole den Schreibvorgang auch prüfen
mbp:~ BennyE$ iostat disk2 10
              disk2       cpu    load average
    KB/t  tps  MB/s  us sy id   1m   5m   15m
  411.49    0  0.00   7  5 88  1.95 2.08 2.27
 1024.00   11 11.40   7  4 89  1.97 2.07 2.27
 1024.00   11 11.40   8  5 87  2.06 2.09 2.27
 1024.00   12 11.69  10  6 84  1.90 2.05 2.25
 1024.00   11 11.50  10  5 85  1.98 2.07 2.26
 1024.00   12 11.59   9  5 86  1.97 2.06 2.25
 1024.00   11 11.50  10  6 85  2.06 2.08 2.25
 1024.00   11 11.39   9  6 85  2.12 2.09 2.26
 1024.00   12 11.59   9  6 85  2.10 2.09 2.25
 1024.00   11 11.50   9  6 85  2.08 2.08 2.25
 1024.00   12 11.60   8  5 87  1.99 2.06 2.24
 1024.00   11 11.50  10  6 84  1.92 2.04 2.23
 1024.00   11 11.00  10  6 84  1.85 2.03 2.22
 1024.00   11 11.49   9  5 87  1.72 1.99 2.21
 1024.00   12 11.60  10  5 85  1.83 2.01 2.21
 1024.00   11 11.50   9  5 85  1.87 2.01 2.21
  134.46    4  0.54   9  5 86  2.33 2.10 2.24
    0.00    0  0.00   9  4 86  2.12 2.07 2.23
  • Die MicroSD Karte in den Raspberry Pi stecken und starten

Raspberry Pi einrichten

  • Beim ersten Start ist „SSH“ nicht aktiv und das Tastaturlayout steht auf Englisch
  • Der Login erfolgt mit dem Benutzer „pi“ und dem Passwort „raspberry“ (auf deutscher Tastatur daher „raspberrz“, zumindest bis man das korrekt einstellt)
  • Nach der Anmeldung dann „sudo raspi-config“ aufrufen
    • Localisation Options → Change Keyboard Layout → dort dann durch die Menüs das deutsche Tastaturlayout wählen
    • Localisation Options → Change Wi-fi Country → DE wählen
    • Interfacing Options → SSH wählen und einschalten
    • Nun kann man sich aus der Ferne per SSH anmelden

Passwort ändern

Da der Raspberry Pi nun aus der Ferne per SSH erreichbar ist, muss zuerst das Passwort des Benutzers „pi“ geändert werden!

Linux raspberrypi 4.14.50-v7+ #1122 SMP Tue Jun 19 12:26:26 BST 2018 armv7l

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Sat Nov 10 10:05:37 2018

SSH is enabled and the default password for the 'pi' user has not been changed.
This is a security risk - please login as the 'pi' user and type 'passwd' to set a new password.

pi@raspberrypi:~ $ 
pi@raspberrypi:~ $ passwd
Changing password for pi.
(current) UNIX password: 
Enter new UNIX password: 
Retype new UNIX password: 
passwd: password updated successfully

Die erste Aktualisierung

Kein rpi-update durchführen! Dadurch fehlen einige Dateien für den Kernel (Stichwort: /build Verzeichnis) und wir können keine eigenen Treiber / eigene Firmware bauen!

pi@raspberrypi:~ $ sudo apt-get update
Get:1 http://archive.raspberrypi.org/debian stretch InRelease [25.3 kB]
Get:2 http://raspbian.raspberrypi.org/raspbian stretch InRelease [15.0 kB]   
Get:3 http://archive.raspberrypi.org/debian stretch/main armhf Packages [181 kB]
Get:4 http://archive.raspberrypi.org/debian stretch/ui armhf Packages [34.3 kB]
Get:5 http://raspbian.raspberrypi.org/raspbian stretch/main armhf Packages [11.7 MB] 
Get:6 http://raspbian.raspberrypi.org/raspbian stretch/contrib armhf Packages [56.9 kB]
Get:7 http://raspbian.raspberrypi.org/raspbian stretch/non-free armhf Packages [95.2 kB]
Fetched 12.1 MB in 8s (1,362 kB/s)                                                                                                                   
Reading package lists... Done
pi@raspberrypi:~ $ sudo apt-get upgrade
Reading package lists... Done
Building dependency tree       
Reading state information... Done
Calculating upgrade... Done
The following packages will be upgraded:
  ca-certificates curl dhcpcd5 dpkg dpkg-dev fake-hwclock file firmware-atheros firmware-brcm80211 firmware-libertas firmware-misc-nonfree
  firmware-realtek libcurl3 libcurl3-gnutls libdpkg-perl libmagic-mgc libmagic1 libpam-systemd libpython2.7-minimal libpython2.7-stdlib libpython3.5
  libpython3.5-minimal libpython3.5-stdlib libraspberrypi-bin libraspberrypi-dev libraspberrypi-doc libraspberrypi0 libsystemd0 libudev1
  libwbclient0 openssh-client openssh-server openssh-sftp-server patch pi-bluetooth python-rpi.gpio python2.7 python2.7-minimal python3.5
  python3.5-minimal raspberrypi-bootloader raspberrypi-kernel samba-common shared-mime-info ssh systemd systemd-sysv tzdata udev
49 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Need to get 104 MB of archives.
After this operation, 867 kB of additional disk space will be used.
Do you want to continue? [Y/n] 

Damit ist der Raspberry Pi erstmal eine Zeit beschäftigt.

Weitere Pakete installieren

Nun installieren wir zusätzliche Pakete, um dann einen eigenen Treiber (der den Monitor Mode unterstützt) bauen zu können.

pi@raspberrypi:~ $ sudo apt-get install build-essential bc git dkms aircrack-ng tcpdump vim raspberrypi-kernel-headers -y
Reading package lists... Done
Building dependency tree       
Reading state information... Done
build-essential is already the newest version (12.3).
The following additional packages will be installed:
  ethtool git-man ieee-data liberror-perl libgpm2 libpcap0.8 vim-runtime
Suggested packages:
  python3-apport menu git-daemon-run | git-daemon-sysvinit git-doc git-el git-email git-gui gitk gitweb git-arch git-cvs git-mediawiki git-svn gpm
  ctags vim-doc vim-scripts
The following NEW packages will be installed:
  aircrack-ng bc dkms ethtool git git-man ieee-data liberror-perl libgpm2 libpcap0.8 raspberrypi-kernel-headers tcpdump vim vim-runtime
0 upgraded, 14 newly installed, 0 to remove and 0 not upgraded.
Need to get 31.5 MB of archives.
After this operation, 173 MB of additional disk space will be used.

An dieser Stelle empfehle ich den Raspberry Pi mit sudo reboot neuzustarten! In den folgenden Schritten werden wir Treiber kompilieren und dafür ist es gut wenn der aktualisierte Kernel läuft (und damit zum Quelltext passt den wir dafür ebenfalls heruntergeladen haben).

VIM und die Mausunterstützung

Wer schon einmal per SSH mit VIM gearbeitet hat und dann versucht hat etwas zu kopieren, der hat die Mausunterstützung von VIM sicher schon kennengelernt. Wer dies nicht möchte, schaltet diese Unterstützung aus.

pi@raspberrypi:~ $ sudo vi /etc/vim/vimrc.local
set mouse=
set ttymouse=

(mit :wq abspeichern und beenden)

Quellcode für Treiber herunterladen und kompilieren

Vielen Dank an das aircrack-ng Team die dies möglich machen! Weitere Details sind hier zu finden: https://github.com/aircrack-ng/rtl8812au

pi@raspberrypi:~ $ git clone https://github.com/aircrack-ng/rtl8812au
Cloning into 'rtl8812au'...
remote: Enumerating objects: 118, done.
remote: Counting objects: 100% (118/118), done.
remote: Compressing objects: 100% (86/86), done.
remote: Total 5924 (delta 49), reused 70 (delta 32), pack-reused 5806
Receiving objects: 100% (5924/5924), 12.50 MiB | 1.57 MiB/s, done.
Resolving deltas: 100% (4047/4047), done.

pi@raspberrypi:~ $ cd rtl8812au/
pi@raspberrypi:~/rtl8812au $ vi Makefile 

CONFIG_PLATFORM_I386_PC suchen und auf "n" setzen
CONFIG_PLATFORM_ARM_RPI suchen und auf "y" setzen

(vim mit :wq beenden und die obige Änderung speichern!)

rtl8812au Treiber mit DKMS kompilieren

pi@raspberrypi:~/rtl8812au $ sudo ./dkms-install.sh 
About to run dkms install steps...
Error! DKMS tree already contains: rtl8812au-5.1.5
You cannot add the same module/version combo more than once.

Kernel preparation unnecessary for this kernel.  Skipping...

Building module:
cleaning build area...
'make' KVER=4.14.71-v7+ && 'make' RTL8814=1 KVER=4.14.71-v7+.........................................................................................................................................................................................
cleaning build area...

DKMS: build completed.

8812au:
Running module version sanity check.
 - Original module
   - No original module exists within this kernel
 - Installation
   - Installing to /lib/modules/4.14.71-v7+/updates/

8814au.ko:
Running module version sanity check.
 - Original module
   - No original module exists within this kernel
 - Installation
   - Installing to /lib/modules/4.14.71-v7+/updates/

depmod....

DKMS: install completed.
Finished running dkms install steps.

Optional: Fehlerbehebung

Wer diese Fehlermeldung sieht, hat meinen Hinweis mit dem Reboot nicht beachtet. Bitte den Raspberry Pi neustarten und es dann erneut versuchen.

pi@raspberrypi:~/rtl8812au $ sudo ./dkms-install.sh 
About to run dkms install steps...

Creating symlink /var/lib/dkms/rtl8812au/5.1.5/source ->
                 /usr/src/rtl8812au-5.1.5

DKMS: add completed.
Error! echo
Your kernel headers for kernel 4.14.50-v7+ cannot be found at
/lib/modules/4.14.50-v7+/build or /lib/modules/4.14.50-v7+/source.
Error! echo
Your kernel headers for kernel 4.14.50-v7+ cannot be found at
/lib/modules/4.14.50-v7+/build or /lib/modules/4.14.50-v7+/source.
Finished running dkms install steps.

udev Regel zur Bezeichnungs der Schnittstellen

Mit dieser Regel ändern wir die Bezeichnung der Karten in einer verlässlichen Form.

pi@raspberrypi:~ $ sudo vi /etc/udev/rules.d/10-wlan.rules 
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:c0:ca:a5:AA:BB", ATTR{dev_id}=="0x0", ATTR{type}=="1", KERNEL=="wlan*", NAME="wlan1"
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:c0:ca:a5:CC:DD", ATTR{dev_id}=="0x0", ATTR{type}=="1", KERNEL=="wlan*", NAME="wlan2"
TODO:
- DHCP & Co für die wlan1/wlan2 Interfaces vermeiden

- 

#### Alles ab hier ist outdated und wurde oberhalb überarbeitet ####

An diesem Artikel wird noch gearbeitet und aktuell sind Erfahrungen mit BRCM on-board und TP-Link „Archer“ T2UH veröffentlicht. Die Erfahrungen mit dem Alfa Stick folgen.

Image auf MicroSD Karte schreiben

rdisk4 wg. dem Macbook, die Nummer weicht auf anderen Systemen ab - also bitte darauf achten dass man nicht versehentlich eine falsche Platte/Karte überschreibt.

BennyE$ sudo dd if=2018-06-27-raspbian-stretch-lite.img of=/dev/rdisk4 bs=1024k
Password:
1776+0 records in
1776+0 records out

Raspberry Pi einrichten

Kein rpi-update durchführen! Dadurch fehlen einige Dateien für den Kernel (Stichwort: /build Verzeichnis) und wir können keine eigene Firmware bauen!

sudo raspi-config
-> Keyboard einstellen
-> Interfacing -> SSH einschalten
-> Land für die Wireless Schnittstelle festlegen (z.B. DE)

sudo apt-get update && sudo apt-get upgrade

root@raspberrypi:/home/pi# apt-get remove wpasupplicant

root@raspberrypi:/home/pi# sudo apt-get install tcpdump
root@raspberrypi:/home/pi# sudo apt-get install aircrack-ng

TODO: wlan* in denyinterfaces von dhcpcd.conf eintragen, sonst zieht das die Interfaces hoch (ohne dass man dies möchte)

pi@raspberrypi:~ $ sudo raspi-config
-> Eigenes Passwort festlegen! (Tastatur vorher auf korrektes Layout prüfen!)

sudo reboot

Zusammenfassung: Was funktioniert und was nicht?

Es gibt verschiedene Wahlmöglichkeiten für die Wireless-Schnittstelle, die unterschiedlich gut (oder schlecht) funktionieren. Optimal wäre der Aufbau wohl mit einem externen USB-Wireless-Stick (mit Monitor Mode), einem PiJuice (für Stromversorgung auch ohne Netzteil), einem AP auf der on-board Karte damit der Pi während der Analyse von einem separaten Laptop gesteuert werden kann.

Broadcom BCM43455 (onboard Raspberry Pi 3 B+)

Mit „nexmon“ Firmware-Patch funktioniert der „monitor mode“, allerdings sind keine DATA Pakete sichtbar sondern nur Beacons und Multicast. (Es ist möglich dass zukünftige Korrekturen/Erweiterungen die Funktion doch noch nachrüsten.)

Status: :-\

Ein schreckliches Stück Hardwaregeschichte das es nicht wert ist gekauft zu werden. Die Treiberunterstützung vom Hersteller ist traurig schlecht. In 2018 offiziell einen Treiber bis Kernel v3.16 anzubieten ist schon wirklich dreist (und sich dafür mit Linux-Unterstützung zu rühmen). Es gibt modifizierte Treiber z.B. im GitHub Repository von Ulli Kroll, die zumindest auf v4.14 kompilieren, aber auch nicht für den „monitor mode“ funktionieren. Der Versuch den Stick mit airmon-ng zu initialisieren führt dazu dass sich der Kernel weghängt. Sowohl HW v1.0 als auch v2.0 funktionieren nicht für den Monitor Mode (habe beide Varianten getestet).

Status: m(

Alfa AWUS036ACH Dual Band USB Adapter AC1200

https://www.amazon.de/Alfa-AWUS036ACH-Dual-Adapter-AC1200/dp/B00VEEBOPG/

Erfahrungen folgen, wenn der Stick da ist … sieht zumindest beeindruckend aus! :D

root@raspberrypi:/home/pi# lsusb
Bus 001 Device 006: ID 0bda:8812 Realtek Semiconductor Corp. RTL8812AU 802.11a/b/g/n/ac 2T2R DB WLAN Adapter
Bus 001 Device 005: ID 1c4f:0002 SiGma Micro Keyboard TRACER Gamma Ivory
Bus 001 Device 004: ID 0424:7800 Standard Microsystems Corp. 
Bus 001 Device 003: ID 0424:2514 Standard Microsystems Corp. USB 2.0 Hub
Bus 001 Device 002: ID 0424:2514 Standard Microsystems Corp. USB 2.0 Hub
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub

$ dmesg
...
[ 1337.625879] usb 1-1.3: new high-speed USB device number 6 using dwc_otg
[ 1337.756767] usb 1-1.3: New USB device found, idVendor=0bda, idProduct=8812
[ 1337.756780] usb 1-1.3: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1337.756788] usb 1-1.3: Product: 802.11n NIC
[ 1337.756797] usb 1-1.3: Manufacturer: Realtek
[ 1337.756806] usb 1-1.3: SerialNumber: 123456

Dieser Treiber führt nicht zum Erfolg: git clone https://github.com/gnab/rtl8812au Dieser Treiber könnte evtl. der richtige sein: git clone -b v5.3.4 https://github.com/aircrack-ng/rtl8812au.git

pi@raspberrypi:~ $ sudo apt-get install build-essential bc git dkms aircrack-ng tcpdump -y
pi@raspberrypi:~ $ git clone https://github.com/aircrack-ng/rtl8812au
Cloning into 'rtl8812au'...
remote: Enumerating objects: 113, done.
remote: Counting objects: 100% (113/113), done.
remote: Compressing objects: 100% (82/82), done.
remote: Total 5919 (delta 46), reused 67 (delta 31), pack-reused 5806
Receiving objects: 100% (5919/5919), 12.50 MiB | 6.16 MiB/s, done.
Resolving deltas: 100% (4044/4044), done.
pi@raspberrypi:~ $ cd rtl8812au/
pi@raspberrypi:~/rtl8812au $ 
pi@raspberrypi:~/rtl8812au $ 
pi@raspberrypi:~/rtl8812au $ grep RPI *
grep: core: Is a directory
grep: hal: Is a directory
grep: include: Is a directory
Makefile:CONFIG_PLATFORM_ARM_RPI = n
Makefile:ifeq ($(CONFIG_PLATFORM_ARM_RPI), y)
grep: os_dep: Is a directory
grep: platform: Is a directory
README.md:For Raspberry (RPI)
pi@raspberrypi:~/rtl8812au $ sudo apt install vim
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following additional packages will be installed:
  libgpm2 vim-runtime
Suggested packages:
  gpm ctags vim-doc vim-scripts
The following NEW packages will be installed:
  libgpm2 vim vim-runtime
0 upgraded, 3 newly installed, 0 to remove and 0 not upgraded.
Need to get 6,231 kB of archives.
After this operation, 30.2 MB of additional disk space will be used.
Do you want to continue? [Y/n] 
Get:1 http://mirror.netcologne.de/raspbian/raspbian stretch/main armhf libgpm2 armhf 1.20.4-6.2 [33.0 kB]
Get:2 http://mirror.netcologne.de/raspbian/raspbian stretch/main armhf vim-runtime all 2:8.0.0197-4+deb9u1 [5,407 kB]
Get:3 http://mirror.netcologne.de/raspbian/raspbian stretch/main armhf vim armhf 2:8.0.0197-4+deb9u1 [790 kB]
Fetched 6,231 kB in 0s (6,757 kB/s)
Selecting previously unselected package libgpm2:armhf.
(Reading database ... 67904 files and directories currently installed.)
Preparing to unpack .../libgpm2_1.20.4-6.2_armhf.deb ...
Unpacking libgpm2:armhf (1.20.4-6.2) ...
Selecting previously unselected package vim-runtime.
Preparing to unpack .../vim-runtime_2%3a8.0.0197-4+deb9u1_all.deb ...
Adding 'diversion of /usr/share/vim/vim80/doc/help.txt to /usr/share/vim/vim80/doc/help.txt.vim-tiny by vim-runtime'
Adding 'diversion of /usr/share/vim/vim80/doc/tags to /usr/share/vim/vim80/doc/tags.vim-tiny by vim-runtime'
Unpacking vim-runtime (2:8.0.0197-4+deb9u1) ...
Selecting previously unselected package vim.
Preparing to unpack .../vim_2%3a8.0.0197-4+deb9u1_armhf.deb ...
Unpacking vim (2:8.0.0197-4+deb9u1) ...
Setting up libgpm2:armhf (1.20.4-6.2) ...
Processing triggers for libc-bin (2.24-11+deb9u3) ...
Processing triggers for man-db (2.7.6.1-2) ...
Setting up vim-runtime (2:8.0.0197-4+deb9u1) ...
Setting up vim (2:8.0.0197-4+deb9u1) ...
update-alternatives: using /usr/bin/vim.basic to provide /usr/bin/vim (vim) in auto mode
update-alternatives: using /usr/bin/vim.basic to provide /usr/bin/vimdiff (vimdiff) in auto mode
update-alternatives: using /usr/bin/vim.basic to provide /usr/bin/rvim (rvim) in auto mode
update-alternatives: using /usr/bin/vim.basic to provide /usr/bin/rview (rview) in auto mode
update-alternatives: using /usr/bin/vim.basic to provide /usr/bin/vi (vi) in auto mode
update-alternatives: using /usr/bin/vim.basic to provide /usr/bin/view (view) in auto mode
update-alternatives: using /usr/bin/vim.basic to provide /usr/bin/ex (ex) in auto mode
pi@raspberrypi:~/rtl8812au $ vi Makefile 
CONFIG_PLATFORM_I386_PC = y durch CONFIG_PLATFORM_I386_PC ersetzen
CONFIG_PLATFORM_ARM_RPI = n durch CONFIG_PLATFORM_ARM_RPI = 

pi@raspberrypi:~/rtl8812au $ 
pi@raspberrypi:~/rtl8812au $ 
pi@raspberrypi:~/rtl8812au $ make

Status: :?: FIXME

Broadcom BCM43455 (onboard Raspberry Pi 3 B+) für Wireless Monitor Mode vorbereiten

Dieser Vorgang (Änderung der Firmware) kann den Raspberry Pi irreperabel beschädigen!

pi@raspberrypi:~ $ sudo su
root@raspberrypi:/home/pi# sudo apt-get install raspberrypi-kernel-headers git libgmp3-dev gawk qpdf bison flex make
Reading package lists... Done
Building dependency tree       
Reading state information... Done
make is already the newest version (4.1-9.1).
make set to manually installed.
The following additional packages will be installed:
  git-man libbison-dev liberror-perl libfl-dev libgmp-dev libgmpxx4ldbl libqpdf17 libsigsegv2 m4
Suggested packages:
  bison-doc gawk-doc git-daemon-run | git-daemon-sysvinit git-doc git-el git-email git-gui gitk gitweb git-arch
  git-cvs git-mediawiki git-svn gmp-doc libgmp10-doc libmpfr-dev m4-doc
The following NEW packages will be installed:
  bison flex gawk git git-man libbison-dev liberror-perl libfl-dev libgmp-dev libgmp3-dev libgmpxx4ldbl libqpdf17
  libsigsegv2 m4 qpdf raspberrypi-kernel-headers
0 upgraded, 16 newly installed, 0 to remove and 0 not upgraded.
Need to get 24.5 MB of archives.
After this operation, 140 MB of additional disk space will be used.
Do you want to continue? [Y/n] 

-> Y

Werkzeug zur Modifikation der Firmware vorbereiten

root@raspberrypi:/home/pi# git clone https://github.com/seemoo-lab/nexmon.git
Cloning into 'nexmon'...
remote: Enumerating objects: 33085, done.
remote: Total 33085 (delta 0), reused 0 (delta 0), pack-reused 33085
Receiving objects: 100% (33085/33085), 355.78 MiB | 6.05 MiB/s, done.
Resolving deltas: 100% (14894/14894), done.
Checking out files: 100% (33209/33209), done.
root@raspberrypi:/home/pi# cd nexmon/
root@raspberrypi:/home/pi/nexmon# cd buildtools/isl-0.10/
root@raspberrypi:/home/pi/nexmon/buildtools/isl-0.10# ./configure
(warten)
root@raspberrypi:/home/pi/nexmon/buildtools/isl-0.10# make
(warten)
root@raspberrypi:/home/pi/nexmon/buildtools/isl-0.10# make install
(warten)
root@raspberrypi:/home/pi/nexmon/buildtools/isl-0.10# ln -s /usr/local/lib/libisl.so /usr/lib/arm-linux-gnueabihf/libisl.so.10

root@raspberrypi:/home/pi/nexmon/buildtools/isl-0.10# cd ..
root@raspberrypi:/home/pi/nexmon/buildtools# cd ..

root@raspberrypi:/home/pi/nexmon# source setup_env.sh
root@raspberrypi:/home/pi/nexmon# make
(warten)

Der Raspberry Pi 3 B+ verwendet den BCM43455 für Wireless.

root@raspberrypi:/home/pi/nexmon# cd patches/bcm43455c0/7_45_154/nexmon/

root@raspberrypi:/home/pi/nexmon/patches/bcm43455c0/7_45_154/nexmon# make


          ###########   ###########   ##########    ##########           
         ############  ############  ############  ############          
         ##            ##            ##   ##   ##  ##        ##          
         ##            ##            ##   ##   ##  ##        ##          
         ###########   ####  ######  ##   ##   ##  ##    ######          
          ###########  ####  #       ##   ##   ##  ##    #    #          
                   ##  ##    ######  ##   ##   ##  ##    #    #          
                   ##  ##    #       ##   ##   ##  ##    #    #          
         ############  ##### ######  ##   ##   ##  ##### ######          
         ###########    ###########  ##   ##   ##   ##########           

            S E C U R E   M O B I L E   N E T W O R K I N G               


                               presents:                                  

              # ###   ###  #   # # ###  ###   ###  # ###                  
              ##   # #   #  # #  ##   ##   # #   # ##   #                 
              #    # #####   #   #    #    # #   # #    #                 
              #    # #      # #  #    #    # #   # #    #                 
              #    #  #### #   # #    #    #  ###  #    #                 

                The C-based Firmware Patching Framework                   


                           !!! WARNING !!!                                
    Our software may damage your hardware and may void your hardware’s    
     warranty! You use our tools at your own risk and responsibility      


  COLLECTING STATISTICS read /home/pi/nexmon/STATISTICS.md for more information
  COMPILING src/injection.c => obj/injection.o (details: log/compiler.log)
  COMPILING src/patch.c => obj/patch.o (details: log/compiler.log)
  COMPILING src/console.c => obj/console.o (details: log/compiler.log)
  COMPILING src/version.c => obj/version.o (details: log/compiler.log)
  COMPILING src/sendframe.c => obj/sendframe.o (details: log/compiler.log)
  COMPILING src/monitormode.c => obj/monitormode.o (details: log/compiler.log)
  COPYING UCODE /home/pi/nexmon/firmwares/bcm43455c0/7_45_154/ucode.bin => gen/ucode.bin
  COMPRESSING UCODE gen/ucode.bin => gen/ucode_compressed.bin
  GENERATING C FILE gen/ucode_compressed.bin => src/ucode_compressed.c
  COMPILING src/ucode_compressed.c => obj/ucode_compressed.o (details: log/compiler.log)
  COMPILING /home/pi/nexmon/patches/common/wrapper.c => obj/wrapper.o (details: log/compiler.log)
  COMPILING /home/pi/nexmon/patches/common/argprintf.c => obj/argprintf.o (details: log/compiler.log)
  COMPILING /home/pi/nexmon/patches/common/helper.c => obj/helper.o (details: log/compiler.log)
  COMPILING /home/pi/nexmon/patches/common/udptunnel.c => obj/udptunnel.o (details: log/compiler.log)
  COMPILING /home/pi/nexmon/patches/common/ucode_compression_code.c => obj/ucode_compression_code.o (details: log/compiler.log)
  COMPILING /home/pi/nexmon/patches/common/objmem.c => obj/objmem.o (details: log/compiler.log)
  COMPILING /home/pi/nexmon/patches/common/securitycookie.c => obj/securitycookie.o (details: log/compiler.log)
  COMPILING /home/pi/nexmon/patches/common/radiotap.c => obj/radiotap.o (details: log/compiler.log)
  COMPILING /home/pi/nexmon/firmwares/bcm43455c0/7_45_154/flashpatches.c => obj/flashpatches.o (details: log/compiler.log)
  GENERATING LINKER FILE gen/nexmon.pre => gen/nexmon.ld
  GENERATING LINKER FILE gen/nexmon.pre => gen/flashpatches.ld
  GENERATING LINKER FILE gen/memory.ld
  LINKING OBJECTS => gen/patch.elf (details: log/linker.log, log/linker.err)
  GENERATING MAKE FILE gen/nexmon.pre => gen/nexmon.mk
  GENERATING MAKE FILE gen/nexmon.pre => gen/flashpatches.mk
  APPLYING FLASHPATCHES gen/flashpatches.mk => brcmfmac43455-sdio.bin (details: log/flashpatches.log)
  APPLYING PATCHES gen/nexmon.mk => brcmfmac43455-sdio.bin (details: log/patches.log)
  BUILDING DRIVER for kernel 4.14 brcmfmac_4.14.y-nexmon/brcmfmac.ko (details: log/driver.log)

root@raspberrypi:/home/pi/nexmon/patches/bcm43455c0/7_45_154/nexmon# make backup-firmware
cp /lib/firmware/brcm/brcmfmac43455-sdio.bin brcmfmac43455-sdio.bin.orig
root@raspberrypi:/home/pi/nexmon/patches/bcm43455c0/7_45_154/nexmon# make install-firmware


          ###########   ###########   ##########    ##########           
         ############  ############  ############  ############          
         ##            ##            ##   ##   ##  ##        ##          
         ##            ##            ##   ##   ##  ##        ##          
         ###########   ####  ######  ##   ##   ##  ##    ######          
          ###########  ####  #       ##   ##   ##  ##    #    #          
                   ##  ##    ######  ##   ##   ##  ##    #    #          
                   ##  ##    #       ##   ##   ##  ##    #    #          
         ############  ##### ######  ##   ##   ##  ##### ######          
         ###########    ###########  ##   ##   ##   ##########           

            S E C U R E   M O B I L E   N E T W O R K I N G               


                               presents:                                  

              # ###   ###  #   # # ###  ###   ###  # ###                  
              ##   # #   #  # #  ##   ##   # #   # ##   #                 
              #    # #####   #   #    #    # #   # #    #                 
              #    # #      # #  #    #    # #   # #    #                 
              #    #  #### #   # #    #    #  ###  #    #                 

                The C-based Firmware Patching Framework                   


                           !!! WARNING !!!                                
    Our software may damage your hardware and may void your hardware’s    
     warranty! You use our tools at your own risk and responsibility      


  COLLECTING STATISTICS read /home/pi/nexmon/STATISTICS.md for more information
  COMPILING src/version.c => obj/version.o (details: log/compiler.log)
  GENERATING LINKER FILE gen/nexmon.pre => gen/nexmon.ld
  GENERATING LINKER FILE gen/nexmon.pre => gen/flashpatches.ld
  LINKING OBJECTS => gen/patch.elf (details: log/linker.log, log/linker.err)
  GENERATING MAKE FILE gen/nexmon.pre => gen/nexmon.mk
  GENERATING MAKE FILE gen/nexmon.pre => gen/flashpatches.mk
  APPLYING FLASHPATCHES gen/flashpatches.mk => brcmfmac43455-sdio.bin (details: log/flashpatches.log)
  APPLYING PATCHES gen/nexmon.mk => brcmfmac43455-sdio.bin (details: log/patches.log)
  BUILDING DRIVER for kernel 4.14 brcmfmac_4.14.y-nexmon/brcmfmac.ko (details: log/driver.log)
  COPYING brcmfmac43455-sdio.bin => /lib/firmware/brcm/brcmfmac43455-sdio.bin
  UNLOADING brcmfmac
  RELOADING brcmfmac

root@raspberrypi:/home/pi/nexmon/patches/bcm43455c0/7_45_154/nexmon# cd ..
root@raspberrypi:/home/pi/nexmon/patches/bcm43455c0/7_45_154# cd ..
root@raspberrypi:/home/pi/nexmon/patches/bcm43455c0# cd ..
root@raspberrypi:/home/pi/nexmon/patches# cd ..

Neuen Treiber bootfest machen:
root@raspberrypi:/home/pi# cp nexmon/patches/bcm43455c0/7_45_154/nexmon/brcmfmac_4.14.y-nexmon/brcmfmac.ko /lib/modules/4.14.71-v7+/kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
root@raspberrypi:/home/pi# depmod -a
root@raspberrypi:/home/pi# reboot

Pakete mitschneiden

root@raspberrypi:/home/pi# ip link set dev wlan0 down
root@raspberrypi:/home/pi# iw phy `iw dev wlan0 info | gawk '/wiphy/ {printf "phy" $2}'` interface add mon0 type monitor
root@raspberrypi:/home/pi# ip link set dev mon0 up
root@raspberrypi:/home/pi# iwconfig mon0 channel X

root@raspberrypi:/home/pi# tcpdump -i mon0

Mir ist bis bisher nicht gelungen dass da auch „DATA“ sichtbar wird, bisher scheinen dies nur „No DATA“ Pakete zu sein.

pi@raspberrypi:~ $ sudo tcpdump -vvvi mon0
tcpdump: listening on mon0, link-type IEEE802_11_RADIO (802.11 plus radiotap header), capture size 262144 bytes
14:50:23.515075 1040101307us tsft 6.0 Mb/s 5560 MHz 11a -48dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:23.617424 1040203707us tsft 6.0 Mb/s 5560 MHz 11a -48dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:23.719838 1040306107us tsft 6.0 Mb/s 5560 MHz 11a -48dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:23.822248 1040408507us tsft 6.0 Mb/s 5560 MHz 11a -48dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:23.924618 1040510907us tsft 6.0 Mb/s 5560 MHz 11a -48dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:24.027050 1040613307us tsft 6.0 Mb/s 5560 MHz 11a -48dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:24.129420 1040715707us tsft 6.0 Mb/s 5560 MHz 11a -48dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:24.231824 1040818106us tsft 6.0 Mb/s 5560 MHz 11a -48dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:24.334231 1040920507us tsft 6.0 Mb/s 5560 MHz 11a -48dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:24.334337 1040921064us tsft 24.0 Mb/s 5560 MHz 11a -50dBm signal 0dBm noise Data IV:72bc Pad 20 KeyID 1
14:50:24.436624 1041022907us tsft 6.0 Mb/s 5560 MHz 11a -48dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:24.539040 1041125307us tsft 6.0 Mb/s 5560 MHz 11a -48dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:24.641409 1041227707us tsft 6.0 Mb/s 5560 MHz 11a -48dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:24.743823 1041330107us tsft 6.0 Mb/s 5560 MHz 11a -48dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:24.846251 1041432507us tsft 6.0 Mb/s 5560 MHz 11a -48dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:24.948625 1041534907us tsft 6.0 Mb/s 5560 MHz 11a -48dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:25.051063 1041637307us tsft 6.0 Mb/s 5560 MHz 11a -48dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:25.153422 1041739707us tsft 6.0 Mb/s 5560 MHz 11a -48dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:25.255820 1041842107us tsft 6.0 Mb/s 5560 MHz 11a -48dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:25.358259 1041944507us tsft 6.0 Mb/s 5560 MHz 11a -48dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:25.460626 1042046907us tsft 6.0 Mb/s 5560 MHz 11a -48dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:25.563047 1042149307us tsft 6.0 Mb/s 5560 MHz 11a -48dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:25.665424 1042251707us tsft 6.0 Mb/s 5560 MHz 11a -48dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:25.767822 1042354107us tsft 6.0 Mb/s 5560 MHz 11a -48dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:25.870252 1042456507us tsft 6.0 Mb/s 5560 MHz 11a -48dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:25.972624 1042558907us tsft 6.0 Mb/s 5560 MHz 11a -48dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:26.075046 1042661307us tsft 6.0 Mb/s 5560 MHz 11a -48dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:26.177423 1042763707us tsft 6.0 Mb/s 5560 MHz 11a -48dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:26.279835 1042866107us tsft 6.0 Mb/s 5560 MHz 11a -48dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:26.279949 1042866665us tsft 24.0 Mb/s 5560 MHz 11a -50dBm signal 0dBm noise Data IV:72d0 Pad 20 KeyID 1
14:50:26.382260 1042968507us tsft 6.0 Mb/s 5560 MHz 11a -47dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:26.484626 1043070907us tsft 6.0 Mb/s 5560 MHz 11a -48dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:26.587047 1043173307us tsft 6.0 Mb/s 5560 MHz 11a -48dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:26.689426 1043275707us tsft 6.0 Mb/s 5560 MHz 11a -48dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:26.791819 1043378107us tsft 6.0 Mb/s 5560 MHz 11a -48dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:26.894261 1043480507us tsft 6.0 Mb/s 5560 MHz 11a -49dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:26.996630 1043582908us tsft 6.0 Mb/s 5560 MHz 11a -49dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:27.099050 1043685308us tsft 6.0 Mb/s 5560 MHz 11a -49dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:27.201432 1043787707us tsft 6.0 Mb/s 5560 MHz 11a -49dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:27.303829 1043890107us tsft 6.0 Mb/s 5560 MHz 11a -49dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:27.406250 1043992508us tsft 6.0 Mb/s 5560 MHz 11a -48dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:27.508631 1044094908us tsft 6.0 Mb/s 5560 MHz 11a -47dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:27.611057 1044197308us tsft 6.0 Mb/s 5560 MHz 11a -47dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:27.713433 1044299708us tsft 6.0 Mb/s 5560 MHz 11a -47dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:27.815836 1044402108us tsft 6.0 Mb/s 5560 MHz 11a -47dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:27.918257 1044504508us tsft 6.0 Mb/s 5560 MHz 11a -47dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:28.020605 1044606908us tsft 6.0 Mb/s 5560 MHz 11a -47dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:28.123058 1044709308us tsft 6.0 Mb/s 5560 MHz 11a -48dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:28.225432 1044811708us tsft 6.0 Mb/s 5560 MHz 11a -48dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:28.327834 1044914108us tsft 6.0 Mb/s 5560 MHz 11a -48dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:28.327971 1044914665us tsft 24.0 Mb/s 5560 MHz 11a -50dBm signal 0dBm noise Data IV:72e5 Pad 20 KeyID 1
14:50:28.430265 1045016508us tsft 6.0 Mb/s 5560 MHz 11a -48dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:28.524239 1045110868us tsft 24.0 Mb/s 5560 MHz 11a -79dBm signal 0dBm noise Request-To-Send TA:94:e9:6a:08:5a:c3 (oui Unknown) 
14:50:28.524305 1045110915us tsft 24.0 Mb/s 5560 MHz 11a -53dBm signal 0dBm noise Clear-To-Send RA:94:e9:6a:08:5a:c3 (oui Unknown) 
14:50:28.524408 1045111030us tsft 24.0 Mb/s 5560 MHz 11a -55dBm signal 0dBm noise BA RA:94:e9:6a:08:5a:c3 (oui Unknown) 
14:50:28.532588 1045118908us tsft 6.0 Mb/s 5560 MHz 11a -47dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:28.534060 1045120912us tsft 24.0 Mb/s 5560 MHz 11a -74dBm signal 0dBm noise 
14:50:28.534125 1045120963us tsft 24.0 Mb/s 5560 MHz 11a -50dBm signal 0dBm noise Acknowledgment RA:94:e9:6a:08:5a:c3 (oui Unknown) 
14:50:28.534617 1045121416us tsft 24.0 Mb/s 5560 MHz 11a -79dBm signal 0dBm noise BA RA:dc:08:56:00:1b:d9 (oui Unknown) 
14:50:28.551067 1045137904us tsft 24.0 Mb/s 5560 MHz 11a -75dBm signal 0dBm noise 
14:50:28.551131 1045137954us tsft 24.0 Mb/s 5560 MHz 11a -49dBm signal 0dBm noise Acknowledgment RA:94:e9:6a:08:5a:c3 (oui Unknown) 
14:50:28.635051 1045221308us tsft 6.0 Mb/s 5560 MHz 11a -47dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:28.737437 1045323708us tsft 6.0 Mb/s 5560 MHz 11a -46dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:28.839810 1045426108us tsft 6.0 Mb/s 5560 MHz 11a -47dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:28.942255 1045528508us tsft 6.0 Mb/s 5560 MHz 11a -48dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:29.044640 1045630908us tsft 6.0 Mb/s 5560 MHz 11a -48dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:29.147056 1045733308us tsft 6.0 Mb/s 5560 MHz 11a -48dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:29.249439 1045835708us tsft 6.0 Mb/s 5560 MHz 11a -48dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:29.351839 1045938108us tsft 6.0 Mb/s 5560 MHz 11a -48dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:29.454254 1046040508us tsft 6.0 Mb/s 5560 MHz 11a -49dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:29.556647 1046142908us tsft 6.0 Mb/s 5560 MHz 11a -49dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:29.659049 1046245308us tsft 6.0 Mb/s 5560 MHz 11a -49dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:29.761445 1046347708us tsft 6.0 Mb/s 5560 MHz 11a -49dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:29.863844 1046450108us tsft 6.0 Mb/s 5560 MHz 11a -49dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:29.966251 1046552508us tsft 6.0 Mb/s 5560 MHz 11a -48dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:30.068646 1046654908us tsft 6.0 Mb/s 5560 MHz 11a -48dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:30.171046 1046757308us tsft 6.0 Mb/s 5560 MHz 11a -47dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:30.273445 1046859708us tsft 6.0 Mb/s 5560 MHz 11a -47dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:30.273547 1046860266us tsft 24.0 Mb/s 5560 MHz 11a -49dBm signal 0dBm noise Data IV:72f9 Pad 20 KeyID 1
14:50:30.375841 1046962108us tsft 6.0 Mb/s 5560 MHz 11a -47dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:30.478284 1047064509us tsft 6.0 Mb/s 5560 MHz 11a -47dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:30.580646 1047166909us tsft 6.0 Mb/s 5560 MHz 11a -47dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:30.683048 1047269308us tsft 6.0 Mb/s 5560 MHz 11a -47dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
14:50:30.785450 1047371709us tsft 6.0 Mb/s 5560 MHz 11a -47dBm signal 0dBm noise Beacon (V11-Home) [6.0* 9.0 12.0* 18.0 24.0* 36.0 48.0 54.0 Mbit] ESS CH: 112, PRIVACY
^C
84 packets captured
84 packets received by filter
0 packets dropped by kernel
2 packets dropped by interface

Irritationen mit dem Country Code

pi@raspberrypi:~ $ iw reg get
global
country 00: DFS-UNSET
	(2402 - 2472 @ 40), (N/A, 20), (N/A)
	(2457 - 2482 @ 20), (N/A, 20), (N/A), AUTO-BW, NO-IR
	(2474 - 2494 @ 20), (N/A, 20), (N/A), NO-OFDM, NO-IR
	(5170 - 5250 @ 80), (N/A, 20), (N/A), AUTO-BW, NO-IR
	(5250 - 5330 @ 80), (N/A, 20), (0 ms), DFS, AUTO-BW, NO-IR
	(5490 - 5730 @ 160), (N/A, 20), (0 ms), DFS, NO-IR
	(5735 - 5835 @ 80), (N/A, 20), (N/A), NO-IR
	(57240 - 63720 @ 2160), (N/A, 0), (N/A)

pi@raspberrypi:~ $ iw reg set DE
command failed: Operation not permitted (-1)
pi@raspberrypi:~ $ sudo !!
sudo iw reg set DE
pi@raspberrypi:~ $ iw reg get
global
country DE: DFS-ETSI
	(2400 - 2483 @ 40), (N/A, 20), (N/A)
	(5150 - 5250 @ 80), (N/A, 20), (N/A), NO-OUTDOOR, AUTO-BW
	(5250 - 5350 @ 80), (N/A, 20), (0 ms), NO-OUTDOOR, DFS, AUTO-BW
	(5470 - 5725 @ 160), (N/A, 26), (0 ms), DFS
	(5725 - 5875 @ 80), (N/A, 13), (N/A)
	(57000 - 66000 @ 2160), (N/A, 40), (N/A)

Weitere relevante Kommandos/Ausgaben für WLAN

pi@raspberrypi:~ $ iw dev
phy#0
	Interface wlan0
		ifindex 3
		wdev 0x1
		addr b8:27:eb:8d:c3:bc
		type managed
		channel 34 (5170 MHz), width: 20 MHz, center1: 5170 MHz
		txpower 31.00 dBm
pi@raspberrypi:~ $ 
pi@raspberrypi:~ $ 
pi@raspberrypi:~ $ iw phy0 info
Wiphy phy0
	max # scan SSIDs: 10
	max scan IEs length: 2048 bytes
	max # sched scan SSIDs: 16
	max # match sets: 16
	max # scan plans: 1
	max scan plan interval: 508
	max scan plan iterations: 0
	Retry short limit: 7
	Retry long limit: 4
	Coverage class: 0 (up to 0m)
	Device supports T-DLS.
	Supported Ciphers:
		* WEP40 (00-0f-ac:1)
		* WEP104 (00-0f-ac:5)
		* TKIP (00-0f-ac:2)
		* CCMP-128 (00-0f-ac:4)
		* CMAC (00-0f-ac:6)
	Available Antennas: TX 0 RX 0
	Supported interface modes:
		 * IBSS
		 * managed
		 * AP
		 * monitor
		 * P2P-client
		 * P2P-GO
		 * P2P-device
	Band 1:
		Capabilities: 0x1022
			HT20/HT40
			Static SM Power Save
			RX HT20 SGI
			No RX STBC
			Max AMSDU length: 3839 bytes
			DSSS/CCK HT40
		Maximum RX AMPDU length 65535 bytes (exponent: 0x003)
		Minimum RX AMPDU time spacing: 16 usec (0x07)
		HT TX/RX MCS rate indexes supported: 0-7
		Bitrates (non-HT):
			* 1.0 Mbps
			* 2.0 Mbps (short preamble supported)
			* 5.5 Mbps (short preamble supported)
			* 11.0 Mbps (short preamble supported)
			* 6.0 Mbps
			* 9.0 Mbps
			* 12.0 Mbps
			* 18.0 Mbps
			* 24.0 Mbps
			* 36.0 Mbps
			* 48.0 Mbps
			* 54.0 Mbps
		Frequencies:
			* 2412 MHz [1] (20.0 dBm)
			* 2417 MHz [2] (20.0 dBm)
			* 2422 MHz [3] (20.0 dBm)
			* 2427 MHz [4] (20.0 dBm)
			* 2432 MHz [5] (20.0 dBm)
			* 2437 MHz [6] (20.0 dBm)
			* 2442 MHz [7] (20.0 dBm)
			* 2447 MHz [8] (20.0 dBm)
			* 2452 MHz [9] (20.0 dBm)
			* 2457 MHz [10] (20.0 dBm)
			* 2462 MHz [11] (20.0 dBm)
			* 2467 MHz [12] (disabled)
			* 2472 MHz [13] (disabled)
			* 2484 MHz [14] (disabled)
	Band 2:
		Capabilities: 0x1062
			HT20/HT40
			Static SM Power Save
			RX HT20 SGI
			RX HT40 SGI
			No RX STBC
			Max AMSDU length: 3839 bytes
			DSSS/CCK HT40
		Maximum RX AMPDU length 65535 bytes (exponent: 0x003)
		Minimum RX AMPDU time spacing: 16 usec (0x07)
		HT TX/RX MCS rate indexes supported: 0-7
		VHT Capabilities (0x00001020):
			Max MPDU length: 3895
			Supported Channel Width: neither 160 nor 80+80
			short GI (80 MHz)
			SU Beamformee
		VHT RX MCS set:
			1 streams: MCS 0-9
			2 streams: not supported
			3 streams: not supported
			4 streams: not supported
			5 streams: not supported
			6 streams: not supported
			7 streams: not supported
			8 streams: not supported
		VHT RX highest supported: 0 Mbps
		VHT TX MCS set:
			1 streams: MCS 0-9
			2 streams: not supported
			3 streams: not supported
			4 streams: not supported
			5 streams: not supported
			6 streams: not supported
			7 streams: not supported
			8 streams: not supported
		VHT TX highest supported: 0 Mbps
		Bitrates (non-HT):
			* 6.0 Mbps
			* 9.0 Mbps
			* 12.0 Mbps
			* 18.0 Mbps
			* 24.0 Mbps
			* 36.0 Mbps
			* 48.0 Mbps
			* 54.0 Mbps
		Frequencies:
			* 5170 MHz [34] (disabled)
			* 5180 MHz [36] (20.0 dBm)
			* 5190 MHz [38] (disabled)
			* 5200 MHz [40] (20.0 dBm)
			* 5210 MHz [42] (disabled)
			* 5220 MHz [44] (20.0 dBm)
			* 5230 MHz [46] (disabled)
			* 5240 MHz [48] (20.0 dBm)
			* 5260 MHz [52] (20.0 dBm) (no IR, radar detection)
			* 5280 MHz [56] (20.0 dBm) (no IR, radar detection)
			* 5300 MHz [60] (20.0 dBm) (no IR, radar detection)
			* 5320 MHz [64] (20.0 dBm) (no IR, radar detection)
			* 5500 MHz [100] (20.0 dBm) (no IR, radar detection)
			* 5520 MHz [104] (20.0 dBm) (no IR, radar detection)
			* 5540 MHz [108] (20.0 dBm) (no IR, radar detection)
			* 5560 MHz [112] (20.0 dBm) (no IR, radar detection)
			* 5580 MHz [116] (20.0 dBm) (no IR, radar detection)
			* 5600 MHz [120] (20.0 dBm) (no IR, radar detection)
			* 5620 MHz [124] (20.0 dBm) (no IR, radar detection)
			* 5640 MHz [128] (20.0 dBm) (no IR, radar detection)
			* 5660 MHz [132] (20.0 dBm) (no IR, radar detection)
			* 5680 MHz [136] (20.0 dBm) (no IR, radar detection)
			* 5700 MHz [140] (20.0 dBm) (no IR, radar detection)
			* 5720 MHz [144] (20.0 dBm) (no IR, radar detection)
			* 5745 MHz [149] (20.0 dBm)
			* 5765 MHz [153] (20.0 dBm)
			* 5785 MHz [157] (20.0 dBm)
			* 5805 MHz [161] (20.0 dBm)
			* 5825 MHz [165] (20.0 dBm)
	Supported commands:
		 * new_interface
		 * set_interface
		 * new_key
		 * start_ap
		 * join_ibss
		 * set_pmksa
		 * del_pmksa
		 * flush_pmksa
		 * remain_on_channel
		 * frame
		 * set_wiphy_netns
		 * set_channel
		 * tdls_oper
		 * start_sched_scan
		 * start_p2p_device
		 * connect
		 * disconnect
		 * crit_protocol_start
		 * crit_protocol_stop
		 * Unknown command (122)
	Supported TX frame types:
		 * managed: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
		 * monitor: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
		 * P2P-client: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
		 * P2P-GO: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
		 * P2P-device: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
	Supported RX frame types:
		 * managed: 0x40 0xd0
		 * monitor: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
		 * P2P-client: 0x40 0xd0
		 * P2P-GO: 0x00 0x20 0x40 0xa0 0xb0 0xc0 0xd0
		 * P2P-device: 0x40 0xd0
	software interface modes (can always be added):
	valid interface combinations:
		 * #{ managed } <= 1, #{ monitor } <= 1, #{ P2P-device } <= 1, #{ P2P-client, P2P-GO } <= 1,
		   total <= 4, #channels <= 2
		 * #{ managed } <= 1, #{ AP } <= 1, #{ monitor } <= 1, #{ P2P-client } <= 1, #{ P2P-device } <= 1,
		   total <= 5, #channels <= 1
	Device supports scan flush.
raspberry-pi-monitor-mode.1541857243.txt.gz · Zuletzt geändert: 2018/11/10 13:40 von benny

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki