Hi,
I am trying to monitor a wireless lan network with my xda. I have tried some packet monitor programs, like phatnet or vxSniffer, well I only got phatnet running, vxSniffer didn't work and left my xda totally unstable. The question is, did you get this xda working with any sniffer (network packet sniffer) in promiscuous mode, even though phatnet works I was not able to use the promiscuous feature (xda kept on displaying only these packets addressed to my device).
Do you know any running software or if I should install a new wireless driver to enable network monitoring?
Thanks!
Do you have PhatNet PRO?
The Personal edition does not allow Promiscuous Mode.
Part of my work in network administration is to locate and deal with "rogue" access points that might comprimise network security. Currently I'm using a Sharp Zaurus with Kismet to do this, but I don't always carry it with me and I DO always have my Cingular/AT&T 8525. I basically need a program that will capture all packets from the air into a file that can later be analyzed with Wireshark (Ethereal).
Yesterday I did a search of the Hermes threads looking for such a program and found several for MW5 and TyTn, (which I assume is another Hermes phone). None of them work, because they can't/don't put my WIFI interface into promiscuous mode.
From what I have read, it seems that the wireless drivers are the key here. I'm currently running ROM version vp3G 3.0.0 with Radio 1.41.00.10, which I downloaded from a link found here. Previously I had used several others of the excellent WM6 ROMs available on this forum, but never tried using the 8525 as a sniffer with any of them.
Question: Does anyone know of a ROM/software configuration for the 8525 that will allow promiscuous sniffing of WI-FI networks?
TIA
Walt
Damn, u want your phone to launch missles or something too?
yea and i want an tool to sniff the password of wpa-psk TKIP
thats where the best moment of my life.
Long as we are making requests, I need a packet sniffer that works for the gprs radio of my phone, not the wifi radio. Is there such a creature?
I am no pro at wifi sniffing, but this program had a promiscuous mode, I think.
http://www.airscanner.com/downloads/sniffer/sniffer.html
Long as we are making requests, I need a packet sniffer that works for the gprs radio of my phone, not the wifi radio. Is there such a creature?
I am no pro at wifi sniffing, but this program had a promiscuous mode, I think.
http://www.airscanner.com/downloads/...r/sniffer.html
Yesterday 12:23 PM
Click to expand...
Click to collapse
Now that WOULD be cool! Maybe illegal? Would sniffing data from a cellular connection be the same thing as a cellular wiretap?
I did try AirScanner, and it's a great sniffer, but it won't put the wireless I/F into promiscuous mode, so I can only look at packets addressed to my device.
What I'm really trying to learn here, missles notwithstanding ;D is whether or not this is a hardware limitation. If not, then I will continue to look for software and/or ROM drivers that will work.
Walt
try aircrack
larsuck said:
Long as we are making requests, I need a packet sniffer that works for the gprs radio of my phone, not the wifi radio. Is there such a creature?
Click to expand...
Click to collapse
Not sure what you'd achieve, as encryption is negotiated between each SIM and its authorising server. Intermediate equipment only gets to see the encrypted stream. Even if your chipset was capable of full-time reception, your battery would go down a lot quicker, and all you'd see is how many channels and timeslots are in use, if that!
I need to sniff the ip info of my data connection. I have tried almost every other means of getting it and am at my wits end. I figured it was probably encoded, but at this point I am grasping at straws.
I have used VXsniffer before (http://www.cambridgevx.com) on one of my Ipaq PDAs and it worked great but that was about 2 years ago. I have not been able to find any intrusive "sniffing" programs that have worked on my Tytn but there are tools out there that work with the current ROMs (VP3G's and Schaps) that are like Ministumbler and will show you AP locations. (Wififofum and SniffThis come to mind) They have their bugs but in general they work.
I searched for days when I first got my Tytn for an intrusive sniffer and never found anything.
Brad
I've used WiFiFoFum and Mini Stumbler (off-shoot of network stumbler). I can't say from memory if they do promiscuous or just passive scanning, but both produce results that can be analyzed in NetStumbler or Ethereal.
-Steve
walts said:
Part of my work in network administration is to locate and deal with "rogue" access points that might comprimise network security. Currently I'm using a Sharp Zaurus with Kismet to do this, but I don't always carry it with me and I DO always have my Cingular/AT&T 8525. I basically need a program that will capture all packets from the air into a file that can later be analyzed with Wireshark (Ethereal).
Yesterday I did a search of the Hermes threads looking for such a program and found several for MW5 and TyTn, (which I assume is another Hermes phone). None of them work, because they can't/don't put my WIFI interface into promiscuous mode.
From what I have read, it seems that the wireless drivers are the key here. I'm currently running ROM version vp3G 3.0.0 with Radio 1.41.00.10, which I downloaded from a link found here. Previously I had used several others of the excellent WM6 ROMs available on this forum, but never tried using the 8525 as a sniffer with any of them.
Question: Does anyone know of a ROM/software configuration for the 8525 that will allow promiscuous sniffing of WI-FI networks?
TIA
Walt
Click to expand...
Click to collapse
I have never heard of promisc mode being possible on any WM device. I believe i've read that it is in fact a hardware limitation. but who knows, with all the hacked drivers that float around maybe someone will get around this.
now that i mention it... it could be sufficient to disassemble the wireless drivers / ip stack (they are NOT on the radio rom) and NOP out the function that checks the mac address. or change the branch instruction at the end of it to "always execute" as if it were matching the device's own mac address. hmm. it wouldn't be true promisc mode, but it could work.
think i might give it a go myself.
in the mean time, if youre concerned about rogue APs on your network, check out my recent post about my discovery of how to enable Internet Sharing over WiFi (turns the phone into an Access Point):
http://forum.xda-developers.com/showthread.php?t=332360
not directly related, but might be of interest.
fluxist
larsuck said:
I need to sniff the ip info of my data connection. I have tried almost every other means of getting it and am at my wits end. I figured it was probably encoded, but at this point I am grasping at straws.
Click to expand...
Click to collapse
Tried vxIPConfig from Cambridge (http://www.cambridgevx.com) ?
gregnash said:
Tried vxIPConfig from Cambridge (http://www.cambridgevx.comhttp://www.cam.com) ?
Click to expand...
Click to collapse
Looks like it could be a winner. Since I do not know enough of the teck behind it all, if someone tries this out and it works out, report back your findings for the rest of us
GB
walts said:
Question: Does anyone know of a ROM/software configuration for the 8525 that will allow promiscuous sniffing of WI-FI networks?
Click to expand...
Click to collapse
For trinity and hermes, I've found nothing. Drivers... you know
But Airscanner is the best, I'm using it on an Ipaq...
Ciao
larsuck said:
I need to sniff the ip info of my data connection. I have tried almost every other means of getting it and am at my wits end. I figured it was probably encoded, but at this point I am grasping at straws.
Click to expand...
Click to collapse
try to tether and run www.speedtest.net unless your network is on a proxy
from your computer it will be easy to dermine the IP. www.speedtest.com is easy because it tels your speed + ip and carrier connection
gemblaster said:
Looks like it could be a winner. Since I do not know enough of the teck behind it all, if someone tries this out and it works out, report back your findings for the rest of us
GB
Click to expand...
Click to collapse
vxIPConfig is not a packet sniffing tool like Wireshark (Ethereal) or the like. It gives you "ipconfig /release" and "ipconfig /renew" functions and can give you TCP, UDP and IP stats but can’t actually capture the packets and view the encapsulation headers.
AirScanner and vxSniffer are the only 2 moderately priced utilities that can do that for WindowsMobile that I am aware of.
Park City said:
vxIPConfig is not a packet sniffing tool like Wireshark (Ethereal) or the like. It gives you "ipconfig /release" and "ipconfig /renew" functions and can give you TCP, UDP and IP stats but can’t actually capture the packets and view the encapsulation headers.
AirScanner and vxSniffer are the only 2 moderately priced utilities that can do that for WindowsMobile that I am aware of.
Click to expand...
Click to collapse
Just checked those two out and our Hermes WiFi adapter doesn't support promiscuous mode
Memnoch30 said:
Just checked those two out and our Hermes WiFi adapter doesn't support promiscuous mode
Click to expand...
Click to collapse
Is there anyone that understands the inner workings of our WiFi adaptors and drivers that may be able to shed some light if there would be a hack that would make our Hermes compatable with these programs? If so then maybe the search could be over . So far this looks like the closest it's come.
Sniffing
I also am in the field of network security.
I use Wififofum for searching and logging all wireless networks. It has filters such as show only non secure etc. It also has GPS log support. You can then convert the log files to upload as a overlay on google earth.
Airscanner works great on the trinity as a packet sniffer of the wireless.
Just my 2cents
It doesn't matter how many programs you try it won't work. Promiscuous mode is being prevented by the driver. The only possible work around would be if someone made a new driver using an open source driver. Since HTC has not released any open source drivers for their device I see no possible solution.
has anyone found out a way to do this on wp7? and broadcast the signal via wifi like we use to do on windows mobile with wmwifi router? without the cell phone providers knowing?
I'd like to know this too. Then I could use it to give my nook wifi
deadwrong03 said:
has anyone found out a way to do this on wp7? and broadcast the signal via wifi like we use to do on windows mobile with wmwifi router? without the cell phone providers knowing?
Click to expand...
Click to collapse
Official tethering doesn't even exist right now, and neither does stealth WiFi tethering.
But some phones have USB tethering working via some dialing codes I believe.
Would it be possible for a Windows Mobile device to emulate an USB 3G modem?
I know it's possible to use them for tethering, but IMO it'd be cool if they were compatible with 3G Routers like this TP-LINK one, allowing anyone to basically use their windows mobile phone as an USB 3G modem.
I'm guessing these devices don't support mobile phones because the phone doesn't advertise itself as an USB modem, but requires PC-side drivers (modem driver) to work. This could be because the phone itself determines what number to call and how to establish a connection, rather than the device operating it as USB host.
So, would it be possible to 'fake' being one of the supported USB 3G modems, and covertly connecting to 3G on the phone's own terms ?
On my phone, just use start/settings/connections/USB to PC (or connect to PC). And choose 'Internet Sharing - Use phone as modem). Or Wi-Fi router if you want to use your mobi as a router!
Yeah like I said I know how to tether using the conventional methods...
However, these use RNDIS I think, which is not particularly 'detected' as a real USB modem. So, 3G routers won't register the device as a modem, even though the device is more than capable to act as one.
Hence my question, whether it's possible to emulate a true USB modem.
I've heard some people say that when they're rooted, their wireless tether, another Android device such as a tablet or phone can't pick it up do to it being an adhoc network.
Question is, what's an adhoc network?
And how come MY wireless tether can be picked up by my Android tablet. But someone elses wireless tether doesn't work on their Android tablet?
Sent from my SPH-D710 using XDA App
xjs1200x said:
I've heard some people say that when they're rooted, their wireless tether, another Android device such as a tablet or phone can't pick it up do to it being an adhoc network.
Question is, what's an adhoc network?
And how come MY wireless tether can be picked up by my Android tablet. But someone elses wireless tether doesn't work on their Android tablet?
Sent from my SPH-D710 using XDA App
Click to expand...
Click to collapse
On wireless computer networks, ad-hoc mode is a method for wireless devices to directly communicate with each other. Operating in ad-hoc mode allows all wireless devices within range of each other to discover and communicate in peer-to-peer fashion without involving central access points (including those built in to broadband wireless routers).
To set up an ad-hoc wireless network, each wireless adapter must be configured for ad-hoc mode versus the alternative infrastructure mode. In addition, all wireless adapters on the ad-hoc network must use the same SSID and the same channel number.
An ad-hoc network tends to feature a small group of devices all in very close proximity to each other. Performance suffers as the number of devices grows, and a large ad-hoc network quickly becomes difficult to manage. Ad-hoc networks cannot bridge to wired LANs or to the Internet without installing a special-purpose gateway.
Ad hoc networks make sense when needing to build a small, all-wireless LAN quickly and spend the minimum amount of money on equipment. Ad hoc networks also work well as a temporary fallback mechanism if normally-available infrastructure mode gear (access points or routers) stop functioning.
Infrastructure mode wireless networking bridges (joins) a wireless network to a wired Ethernet network. Infrastructure mode wireless also supports central connection points for WLAN clients.
A wireless access point (AP) is required for infrastructure mode wireless networking. To join the WLAN, the AP and all wireless clients must be configured to use the same SSID. The AP is then cabled to the wired network to allow wireless clients access to, for example, Internet connections or printers. Additional APs can be added to the WLAN to increase the reach of the infrastructure and support any number of wireless clients.
Compared to the alternative, ad-hoc wireless networks, infrastructure mode networks offer the advantage of scalability, centralized security management and improved reach. The disadvantage of infrastructure wireless networks is simply the additional cost to purchase AP hardware.
Note that home wireless routers all feature a built-in AP to support infrastructure mode.
awesome information thanks.
But any ideas for the 2nd question? about connecting android devices to other adhoc networks that work and dont work......
Think of it like this. Hotspot mod (infrastructure) on this phone is like connecting to a router. Wireless tether (ad hoc) is like doing internet connection sharing on a computer. You'll have to find a mod for the device that can't see or connect to ad hoc, to make it work. There are different ways to accomplish the same thing in different devices. With a galaxy tab, it's replacing a file. I'm probably wrong but with the Xoom, you need a modded kernel.
Also, as the saying goes, Google is your friend.
I couldn't connect my wife's laptop to the hotspot on my phone until I lowered the security on the hotspot settings to WPA. Default was WPA2. Something to keep in mind if a device won't connect.