Aircrack with monitor mode on android - Part 2: Setup an ARM Development environment

(This post is a work in progress, please come back later)

Why

We need to setup a linux machine to compile our arm kernel and modules,

in order to do this I've opted to make a linux virtual machine.

There are various reasons why a virtual machine is preferred vs the linux box I'm using daily,

first of all a development box can break quite easily,

you'll be using a lot of tools which depends on libraries that can get updated and break things,

also you need to have some specific versions of some apps for compatibility reasons

and it is not a good idea to browse the web using old apps as they can be remotely exploited,

so it is a good idea to have a separate box where you have total control on what you update and what not.

Also, by having a linux virtual machine you can easily transfer the virtual hard disk image on another computer

and continue your development like nothing has happened or share the virtual machine between windows and linux,

it also allows for easy backups, you can just make a copy of the virtual hard disk, try something and if it breaks, no problem,

just restore the backup file. so win win!

Setup the virtual machine

Go to http://www.virtualbox.org and download the latest available version for your host os, download the Extension Pack too and install both.

We'll be using lubuntu 12.10 as our linux guest machine, as it is a good starting point for what we need, also by using lxde it is lightweight to run inside a virtual machine,

so go to http://www.lubuntu.net and download the (Intel x86) desktop CD image,

once you have the iso, create a new virtualbox machine.

I won't go into much detail here as there are a lot of resources about this, just make sure to enable PAE into system tab.

When the installation process finishes and you're asked to reboot, click ok, eventually the virtual machine may hang up at this point,

just wait a minute then turn off the virtual macchine, start again and boot your new lubuntu box,

on your first login you'll be asked to update some packages, do it right away,

we need an up-to-date installation as we'll need various tools and by having a stable, current release, any tool we need is just an apt-get install away,

once we're happy with our environment we may froze the current software so we'll be sure not to occur into compatibility issues and we'll selectively update

things from now and then.

Once you've updated everything head over to install Guest Addition and reboot the virtual machine.

we need now to setup our arm development environment!

Setup the development environment

Thanks to AMLogic effort to release kernel sources and info on how to compile the kernel,

we can setup or arm development environment for amlogic boards.

First of all we need to setup a standard development environment so open a terminal, and install a dev env using this:

$ sudo apt-get install build-essential

this will install gcc, make and some standard libs

Share files between host os, guest os and android device

We'll need to transfer a lot of files between host os, guest os and the android device,

there are many ways to do this, I've chosen to setup an ftp server on the guest os and to make it available

on the internal network so it can be accesses by both the host os and the android device.

Download and setup vsftpd, on the guest os (the arm dev machine) do:

$ sudo apt-get install vsftpd

this will install vsftpd. by default write access is disabled so if you try to upload a file

you'll get this error message:

"

200 PORT command successful. Consider using PASV.
550 Permission denied.

"

to allow write access, edit /etc/vsftpd.conf and find this line:

# Uncomment this to enable any form of FTP write command.

#write_enable=yes

uncomment the line above, you may also want to further customize the ftp server by disabling anonymous logins 

and so on, when you're happy with the config, save and restart vsftpd by using

$ sudo service vsftpd restart

now you can login to your ftp server and upload/download files.

Download, configure and install some tools

create the dir tools on your home, here we'll download and compile some tools.

binwalk a firmware analysis tool

get the latest version of binwalk from http://code.google.com/p/binwalk/ ,

libwalk needs some libraries like libmagic and libcurl so

download ftp://ftp.astron.com/pub/file/file-5.12.tar.gz ,

configure & sudo make install libmagic.

install libcurl by sudo apt-get install libcurl4-gnutls-dev

now for binwalk, extract the file, go to src and ./configure

it should now find everything it needs, if you miss some packages then download the dependencies

(if you've followed this from the start, you should how have everything it needs)

then sudo make install

voilà we now have binwalk and we can analyze the boot image of our device, this way we can gather

info on where the kernel is addressed inside the boot image

(This post is a work in progress, please come back later)

Aircrack with monitor mode on android - Part 1: Take control over your W6HD.

(this post is a work in progress, please come back later)
As said before, this guide is tailored around Ramos W6HD,
the first thing we need to do is to get root access and install a debian system using chroot.

Rooting Ramos W6HD.
There are various ways to root the w6hd, the easiest one is to flash a firmware which
already has root.
We'll also need play store access to easily download some apps like connectbot, vnc, Screen Standby and so on, so let's just use a firmware which already come with gapps.
We'll use Librehat's ICS HatMod.
Make a backup copy of all your data, then download ICS_HatMod_for_W6HD_1.9.7z,
and unzip it in the root of your sdcard.
I suggest you to use a card reader to transfer the files since the usb connection of the ramos
is not so speedy.
Fully charge your w6hd then turn it off.
Insert the sdcard with the new firmware then keep pressing the M button and turn on he device
via the power button. hold both buttons until you see the android image with a progress bar
in the bottom, now you can release the buttons, wait until the flash process is finished,
the device will reboot and then you now have a firmware with gapps + root access.
setup your device as usual then download these apps from play store:


Screen Standby #root
https://play.google.com/store/apps/details?id=com.nkahoang.screenstandby
We'll use this app to turn off the screen while keeping the tablet on.
To prevent your tablet from going to suspend mode, go to
Settings->Display->Suspension and select "Never timeout".
this way the tablet will be always on until you put it in suspend mode by pressing once
the power button.
Learn to use Screen Standby as we'll leave the tablet on with the screen off to save power most of the time

also please note that we're going to compile our own kernel and flash our own firmware,
thanks to amlogic effort to release the kernel source, however we need temporary root access
to make a copy of some files.
Once you've installed a root file manager or a terminal emulator, grab a copy of these files:
/proc/config.gz This file contains the compile-time configuration settings for the kernel in gzip,
luckily it seems that they've compiled the kernel with the CONFIG_IKCONFIG_PROC enabled
that's why config.gz is available. having the kernel configuration means that we can just use this
configuration as a starting point and configure the remaining options for the kernel.
take a look at the configuration and you'll see why for some devices we can't just build a module
but we'll also need to recompile the kernel.
some devices will work with just a module however so I'm building a list of devices,
also since the kernel source supports different amlogic boards, I'm testing out also this method
for other devices.. come back later!

 (work in progress)
Part 2: Setup an ARM Development environment

(this post is a work in progress, please come back later)

How to run aircrack on android (intro)

(this post is a work in progress, please come back later)

First of all, the answer: yes it is possible to make aircrack work, to get monitor mode and even injection work on some android devices, even by using the internal network card.

However keep in mind that A LOT of requisites are to be met,

most notably the network card must support monitor mode,

it is ok if monitor mode is not supported by default on your device, since we'll be replacing the module which handles the card anyway.
just make sure that the card you're going to use, either internal or external is supported by linux and someone managed to make monitor and injection work, we'll just handle the glue to make it all work on the android device.
by the way considering that most internal card are crippled so they consume less power and also the poor reception they have, you should go with an external card anyway.

now that you have the answer, let me clarify some points.

first of all, for this guide I'll be using an external wifi usb card since my ramos has an rtl8182cu wifi card which has some problem getting injection work.

My W6HD has a micro usb otg port so i just resorted to my trusty tp-link TL-WN422G rev 2
which sports an Atheros AR9271 single-chip USB,
I also have a Trendnet TEW-424UB rev3 laying around which is based upon a Realtek RTL8187B so I'll add support for that also.

The fight with the realtek 8182cu isn't lost yet, it is just that for now I just want the overall procedure to work, getting the internal card to work is not a priority yet as I find it useful to have the internal card handled by android, this way I can just remotely connect via ssh to my tablet and still be able

to use the external card for aircrack.

I haven't finished to write this guide yet, the procedure works as I've succesfully made the tablet recognize the card, enable the monitor mode and inject (injection is not the strong point of wn422g, but at this point is just a matter of hardware. choose a very compatible card as said before!), I've tested it against my own home network and it succesfully captured data and cracked the password (tried both wep and wpa),

since it took me a lot of time to get everything work and since I didn't write every step down I thought

to redo everything from scratch and to write down every step and share everything with you all.
The process will cover rooting the device, installing a full debian system (with development tools on the device), setting up a cross compile environment on a linux pc, cross compile modules, and so on.

it will be a long ride!
The kernel source we'll be using supports these platforms:

M3 (M3_SKT_V1) platform (MACH_MESON3_REFF01)
M3 (WA) platform (MACH_MESON3_REFF02)
M3 (Shuttle) platform (MACH_MESON3_REFF03)
M3 (Ramos) platform (MACH_MESON3_REFF04)
M3 (SOCKET) platform (MACH_MESON3_REFF05)
M3 (Ainol) platform (MACH_MESON3_REFF06)
M3 (Malata) platform (MACH_MESON3_REFF07)
M3 F08 platform (MACH_MESON3_REFF08)
M3 F09 platform (MACH_MESON3_REFF09)
M3 (Asus) MBX platform (MACH_MESON3_REFF10)
M3 (Gadmei) platform (MACH_MESON3_REFF11)
M3 (Gadmei Portrait 1280*800) (MACH_MESON3_REFF11_P800)
M3 (Gadmei BC 4329) (MACH_MESON3_REFF11_4329)
MT720 (Keenhi M3 1024*600) platform (MACH_MESON3_REFF14)
M3 MBX platform (MACH_MESON3_REFF16)
M3 Bestv MBX platform (MACH_MESON3_REFF20)

so while I'll be focusing on building modules and kernel for the Ramos W6HD, by following
this guide you should gain enough knowledge for adding support for usb devices on your tablet, granted that you have access on the kernel source.
you can also always resort to standard android kernel source however I won't cover this process
in this guide, maybe I'll write up something about this in the future.

I like to put everything online as soon as I write it so you'll find here the current work in progress,

once everything is written I'll double check everything and rewrite a proper guide.

meanwhile enjoy the mess.

WHY:

Last year I bought an android tablet,

a Ramos W6HD which has some nice features,

I messed around with it a lot as it was (and still is) my first tablet.

After trying whatever app I stumbled upon I finally settled down using it as an ebook reader

for tech books as they usually contain a lot of images and my eReader (a Bebook Mini) can't handle these.

However, having a linux system (yeah I know android and all the kernel issue, however it seems that somehow they're rejoining the fun)

with this kind of hardware and use it just to read some books is an offense to human kind!
another reason to make a guide is that I see some apps popup on play store that are just a bunch of linux commands put together using android ui facilities. while this is all legit I think overall it is a bit morally questionable so let's just show you the nitty gritty details so both you and me will learn a thing or two.
if you find an easier way to do the things I'll show you, feel free to leave a comment
and I'll integrate your ideas.
This guide is intended for Ramos W6HD however you can adapt it to any android device which meets the requirements.
Let's begin!
Part 1 - Taking control over your W6HD.
Part 2: Setup an ARM Development environment

(this post is a work in progress, please come back later)

MooMoorize! Lite

Here we are again!
What if you lived in a country for half your age?
It happens that, once you've grown, you make a tribute to the healthy and unhealthy life in the country!
How? By making a game with a lot of differents animals!
Then you play it to improve your memory.
it is important to have a good memory, to moomoorize.. erhm, memorize the important things in life!
So.. improve your memory with this pretty game!
MooMoorize! Lite

pasoftdev is looking for a 2D artist, let's develop videogames!

pasoftdev is looking for a 2D artist/graphician/designer.
we're developing videogames for mobile platforms.
if you're interested, get in touch with us,
send an email to pasoftdev at gmail.com with a showreel/portfolio,
no prior knowledge is required. just love for making videogames ;)

Wood Games 3D

Today I want to share with you all a really cool free game available at the android market. it is called Wood Games 3D and features simple but addictives minigames that will have you compete in 7 different disciplines. it can get really addictive and it also features online leaderboards and challenges. best of all, it is free for you to try out. so, go now and try it! ;)

Catch The Android!

ok ok, following with the intent of ruining this blog with my creations..
today I'll share with you a nice little free game I've made, it is called Catch The Android!
and it is available now in the android market. go check it out! leave comments and suggestions and I'll work them out in the next versions. also leave your best score in the comments ;)

Save that Droid!

Hello,
I've made a pretty arcade game called Save That Droid! for android devices, let me know what you think about it ;)
Here's a quick video of the game:





It is available now at the android market. check it out!

What if it starts raining androids?

Hello everyone,

long time since the last update, I was very busy in my personal life but I've done some nice things
regarding wiimotes and pc, I hope I'll have some time to post everything in this blog.
Anyway for now I want to share with you all a very cool android Live Wallpaper.
ok ok let's be honest-to-the-bone, I started programming android apps and I wanted to make
this wallpaper just for fun so.. why don't you check it out ?;)
It is called "It's Raining Androids!", I'm costantly updating it with more ideas and features and..
well, that's it!
see ya!