How to run aircrack-ng on your Android.

Screenshot_2014-03-21-20-14-00

Here are the steps needed to build ath9k_htc.ko external module (& dependencies), and run aircrack-ng (& friends) on your Android. Enjoy!

1. Find your device properties so you can find the correct kernel sources. I use the following simple script which also prints out the next ‘make’ commands we need to type. Feel free to adjust the script to your system.

#!/bin/bash

CCOMPILER=arm-eabi-

# get properties from device
build_fingerprint=`adb shell getprop ro.build.fingerprint | tr -d "\r"`
board_platform=`adb shell getprop ro.board.platform | tr -d "\r"`
product_brand=`adb shell getprop ro.product.brand | tr -d "\r"`
manufacturer=`adb shell getprop ro.product.manufacturer | tr -d "\r"`
product_code=`adb shell getprop ril.product_code | tr -d "\r"`
product_model=`adb shell getprop ro.product.model | tr -d "\r"`
product_name=`adb shell getprop ro.product.name | tr -d "\r"`
product_device=`adb shell getprop ro.product.device | tr -d "\r"`
version_sdk=`adb shell getprop ro.build.version.sdk | tr -d "\r"`
version_release=`adb shell getprop ro.build.version.release | tr -d "\r"`

echo "manufacturer    = $manufacturer"
echo "product_brand   = $product_brand"
echo "board_platform  = $board_platform"
echo "product_code    = $product_code"
echo "product_model   = $product_model"
echo "product_name    = $product_name"
echo "product_device  = $product_device"
echo "version_sdk     = $version_sdk"
echo "version_release = $version_release"
echo "fingerprint     = $build_fingerprint"

echo
echo "run:"
echo "make ARCH=arm CROSS_COMPILE=${CCOMPILER} ${product_device}_defconfig"
echo "make ARCH=arm CROSS_COMPILE=${CCOMPILER} menuconfig"
echo "make ARCH=arm CROSS_COMPILE=${CCOMPILER} modules_prepare"
echo "make ARCH=arm CROSS_COMPILE=${CCOMPILER} modules"
echo "make ARCH=arm CROSS_COMPILE=${CCOMPILER} zImage"

run the script from your shell (make sure you have ‘adb’ in your PATH):

$ ./getprop
manufacturer    = unknown
product_brand   = Asus
board_platform  = tegra
product_code    =
product_model   = ME301T
product_name    = omni_me301t
product_device  = me301t
version_sdk     = 19
version_release = 4.4.2
fingerprint     = Asus/omni_me301t/me301t:4.4.2/KVT49L/eng.zbuild.20140314.170603:userdebug/test-keys

run:
make ARCH=arm CROSS_COMPILE=arm-eabi- me301t_defconfig
make ARCH=arm CROSS_COMPILE=arm-eabi- menuconfig
make ARCH=arm CROSS_COMPILE=arm-eabi- modules_prepare
make ARCH=arm CROSS_COMPILE=arm-eabi- modules
make ARCH=arm CROSS_COMPILE=arm-eabi- zImage

2. Find the kernel sources for your device. I had to switch to OMNI and then use OMNI kernel – this was the easiest for my device, but perhaps you will be luckier.
https://github.com

3. Configure your kernel to build ath9k_htc module. Here are the commands I typed for my own device:

make ARCH=arm CROSS_COMPILE=arm-eabi- me301t_defconfig
make ARCH=arm CROSS_COMPILE=arm-eabi- menuconfig

Enable the following options:

[*] Networking support  --->
	-*-   Wireless  --->
		<*>   cfg80211 - wireless configuration API
		<M>   Generic IEEE 802.11 Networking Stack (mac80211)

Device Drivers  --->
	[*] Network device support  --->
		[*]   Wireless LAN  --->
			<M>   Atheros Wireless Cards  --->
				<M>   Atheros 802.11n wireless cards support
				<M>   Atheros HTC based wireless cards support

On some kernels you might need to ensure the followings:

file drivers/net/wireless/ath/Makefile :

obj-$(CONFIG_ATH9K_HW)          += ath9k/

file drivers/net/wireless/ath/Kconfig :

source "drivers/net/wireless/ath/ath9k/Kconfig"

And build the kernel modules & kernel:

make ARCH=arm CROSS_COMPILE=arm-eabi- modules_prepare
make ARCH=arm CROSS_COMPILE=arm-eabi- modules
make ARCH=arm CROSS_COMPILE=arm-eabi- zImage

4. Package your kernel & modules or deploy your modules directly to your device. Each manufacturer/device uses its own kernel-update procedure, so find a kernel package for your device to know what the right procedure for your own device.

5. Download the aircrack binaries and required utils from here:
https://code.google.com/p/bcmon/source/browse/#svn%2Ftrunk%2Futils

(More about compiling your own aircrack-ng/iw/wireless_tools – next time)

Advertisements

11 Comments

  1. Could you post the rom with the modules installed? I have a me301t and have tried myself to compile the modules but some of them won’t load.

  2. Can you teach me how to add wifi driver on android through Ubuntu? I dont understand step number 1 and 2. Look’s like you do so easy 🙂

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s