[ATTN DEVS]Monitor Mode Working on BCM4330 Chipset w/Aircrack

Search This thread


Senior Member
Oct 31, 2008
Hey guys im reposting this here, original thread can be found here

Since the Galaxy Nexus has the same wlan chipset as the Nexus S and Galaxy S2 we should be able to get this working as well, would love to see kernel dev's implement this functionality to all kernels!


We are a group of 3 researchers and in the last few weeks we have successfully added "monitor mode" support to the common broadcom wifi chipsets: BCM4329 and BCM4330. We have a working PoC on Galaxy S 2 and Nexus One.

We opened a new blog with all of the details at:

For the lazy ones the current status is:
bcm4329 - Fully working monitor mode on our Nexus One
bcm4330 - successful PoC - monitor mode on Galaxy S II
We havent tested it yet, but if you have a phone with one of those chipsets (and you most probably have one), it should also work on your phone too.

We would appreciate any comments on the forum or to our mail "contact dot bcmon at gmail dot com"

Its been a long day (with little sleep) so good night/morning and enjoy :)

Ruby, Yuval and Omri

UPDATE: if you had wireless-tools errors with airodump-ng try the new utils.zip version.

Can't wait to start auditing wifi networks with my Gnex :)
Last edited:


Senior Member
Feb 29, 2012
I cant imagine even after capturing enough ivs that decrypting the key would be very fast. WEP could work but WPA shouldn't even be tried. Except most WPA passwords now are just 10 numeric characters which are default on most gateways today. I've noticed that most people in my area aren't configuring their routers on their own. Even not being wep, default WPA is just as vulnerable if you can get a handshake.

Sent from my Galaxy Nexus using xda premium

Top Liked Posts