Sunday, July 14, 2013

Monitor Mode Reloaded

Since most of you experienced some trouble during the kernel compilation...
We worked hard during the last months to bring an easy to use solution that won’t require kernel modifications.

The new solution is a normal android APK that you can try to install on your **ROOTED** device.
It should work on most devices with the supported chipset, but we won't know until you try it :)

Currently tested on the following devices:
  • GS 1 - Cyanogen 7
  • GS 2 - Cyanogen 9 & 10
  • Nexus One - Cyanogen 7
  • Nexus 7 - Cyanogen 9

We are currently working on GS3&4 support (which have a different broadcom chipset), we will release it “when it’s done”.

As usual:
please note that this code is experimental and you use it at your own risk and we are not responsible nor liable for any damage or loss of data. Sometimes unexpected things might go wrong and you might end up with a device that is no longer functional. Be warned and please take the responsibility yourself--it is your own risk and no one else can be held responsible.

You can download the apk from our google code page:
https://code.google.com/p/bcmon/
(Direct link: https://bcmon.googlecode.com/files/bcmon.apk)

Our slides from RECon:
https://www.dropbox.com/sh/le8zeczpddf3nx0/fdXn4LSxGI

Video of the lecture:
<coming soon...>

Thursday, May 9, 2013

Wardriving from your pocket: Reversing the Broadcom chipset with Wireshark @ REcon 2013!

We are going to present our research next month at REcon,
Sorry for keeping all of you waiting for our new version - we are working on some exciting improvements, among them - an easy solution for many of you who are having issues running BCMON on their devices due to the complexity of the current solution, compatability for many new devices and more!
we can assure you it's worth the wait. ;-)




Saturday, January 26, 2013

New firmware for BCM4330


I've added a new firmware version for the BCM4330. The version has 2 major changes:
  • Improved stability - this version should resolve crashes you may have encountered.
  • Packet Injection - The firmware now supports packet injection*
* We still have some work to do on the driver to enable the use of aircrack tools. At the moment you can only inject raw packets via python, or any other way you like :)

TODO: The driver doesn't report physical parameters (i.e. channel, rssi, etc..) correctly.

The new firmware:

Galaxy SII (I9100) bundle - CM9 stable:

python packet injection code

import socket
s = socket.socket(socket.AF_PACKET, socket.SOCK_RAW)
s.bind(('wlan0', 0))
s.send('Hello World'*20)