UPDATE: added injection support for bcm4329 firmware
I just uploaded a new patched firmware version for bcm4329, this version adds raw packet injection support.
Issues
Greetings,
We are a group of 3 researchers and in the last few weeks we have successfully added "monitor mode" support to the common broadcom wifi chipsets: BCM4329 and BCM4330. We have a working PoC on Galaxy S 2 and Nexus One.
We opened a new blog with all of the details at:
http://bcmon.blogspot.com
For the lazy ones the current status is:
bcm4329 - Fully working monitor mode on our Nexus One
bcm4330 - successful PoC - monitor mode on Galaxy S II
We havent tested it yet, but if you have a phone with one of those chipsets (and you most probably have one), it should also work on your phone too.
We would appreciate any comments on the forum or to our mail "contact dot bcmon at gmail dot com"
Its been a long day (with little sleep) so good night/morning and enjoy
Ruby, Yuval and Omri
UPDATE: if you had wireless-tools errors with airodump-ng try the new utils.zip version.
I just uploaded a new patched firmware version for bcm4329, this version adds raw packet injection support.
Issues
- Low injection speed - on my nexus one the injection is working really slow. It seems that the injection speed starts fine but then slows down to as slow as ~700ms per packet.
- Radiotap - we don't handle radiotap on packet injection. 'aireplay-ng' works fine with it but tools like 'reaver' seem to require it.
Greetings,
We are a group of 3 researchers and in the last few weeks we have successfully added "monitor mode" support to the common broadcom wifi chipsets: BCM4329 and BCM4330. We have a working PoC on Galaxy S 2 and Nexus One.
We opened a new blog with all of the details at:
http://bcmon.blogspot.com
For the lazy ones the current status is:
bcm4329 - Fully working monitor mode on our Nexus One
bcm4330 - successful PoC - monitor mode on Galaxy S II
We havent tested it yet, but if you have a phone with one of those chipsets (and you most probably have one), it should also work on your phone too.
We would appreciate any comments on the forum or to our mail "contact dot bcmon at gmail dot com"
Its been a long day (with little sleep) so good night/morning and enjoy
Ruby, Yuval and Omri
UPDATE: if you had wireless-tools errors with airodump-ng try the new utils.zip version.
Attachments
Last edited: