Skip to content
This repository has been archived by the owner on Apr 8, 2022. It is now read-only.

Airodump doesn't run on a Nexus 6P #53

Open
TheMMcOfficial opened this issue Aug 14, 2018 · 23 comments
Open

Airodump doesn't run on a Nexus 6P #53

TheMMcOfficial opened this issue Aug 14, 2018 · 23 comments

Comments

@TheMMcOfficial
Copy link

TheMMcOfficial commented Aug 14, 2018

Current Behavior

The app crash often and I can't capture any trafic with airodump-ng...

Expected Behavior

Maybe the app need a fix for the crash and maybe I do something wrong.

Device details

Nexus 6P
stock Oreo 8.0
Kali nethunther kernel
v1.5-beta.7 version of the app

I first Compile the Nexmon firmware with the Nexmon github. After I have installed the firmware and transfert the armeabi utilities. (I don't know if they are the right version I use a Nexus 6p). After I have download the app and try to capture anything. I have download the firmware and test the tools everything seems fine but nothing works.

I have managed to make the tcpdump in command line in androidsu with this command: LD_PRELOAD=/su/lib/libnexmon.so tcpdump

But if I want to use airodump-ng I fot this error: "CANNOT LINK EXECUTABLE "sh": "/su/lib/libnexmon.so" is 32-bit instead of 64-bit"

@chrisk44
Copy link
Owner

The app tests run fine?

@TheMMcOfficial
Copy link
Author

I have run the test 2 times the first time the app as crash before the end of the test the second time everything seems fine I will rerun the test tonight and send you a screenshot just to be sure.

@JuniorJPDJ
Copy link

you have tcpdump in 32bit version and airodump in 64bit version, and you try to use same library (32bit) with both
use other library or other airodump

@TheMMcOfficial
Copy link
Author

yes I have a check mark for all the tools ! so it means that the test run ok except when the app crash.

@TheMMcOfficial
Copy link
Author

screenshot_20180814-214323

@chrisk44
Copy link
Owner

Use the "copy test command" option of the app and select airodump. Then run the command in a root shell and see what happens. Since the tests run fine, the command should too.

@TheMMcOfficial
Copy link
Author

screenshot_20180818-130513

@chrisk44
Copy link
Owner

Do you get a command prompt after the error or does it just block?

@TheMMcOfficial
Copy link
Author

It blocks their I need to perform some "ctl + c" to be able to get a prompt or the terminal will crash if I don't kill it after few secondes.

@chrisk44
Copy link
Owner

Then that's why the tests run fine. I don't know why it blocks there, but I have seen the error before. It's because you are running a 64bit device, and the binaries are 32bit, the lib is 32bit, but the shell is 64bit. I think there is a problem with linking.

@chrisk44 chrisk44 changed the title No trafic capture with airodump-ng on a Nexus 6P Airodump doesn't run on a Nexus 6P Aug 21, 2018
@TheMMcOfficial
Copy link
Author

TheMMcOfficial commented Aug 21, 2018

The shell app that I use is the nethunter terminal should I use an other app ? Or is their a way to compile all the file in 64 bits instead of 32 ?

@chrisk44
Copy link
Owner

No that's fine.
No. I tried, but it spits out so many errors that I just get lost after a while.

@TheMMcOfficial
Copy link
Author

TheMMcOfficial commented Sep 9, 2018

I'm now on lineageOS 15.1 (oreo 8.1). I have compile the nexmon utilities and create the folder /system/su/lib, /xbin , /lib64. I have run the test command of your app same result.

With the arm64 libnexmon.so:

LD_PRELOAD=/system/su/lib64/libnexmon.so /data/user/0/com.hijacker/files/bin/airodump-ng wlan0                              
CANNOT LINK EXECUTABLE "/data/user/0/com.hijacker/files/bin/airodump-ng": "/system/su/lib64/libnexmon.so" is 64-bit instead of 32-bit

With the armeabi:

LD_PRELOAD=/system/su/lib/libnexmon-armeabi.so /data/user/0/com.hijacker/files/bin/airodump-ng wlan0
CANNOT LINK EXECUTABLE "sh": "/system/su/lib/libnexmon-armeabi.so" is 32-bit instead of 64-bit

With the armeabi-v7a:

LD_PRELOAD=/system/su/lib/libnexmon-armeabi-v7a.so /data/user/0/com.hijacker/files/bin/airodump-ng wlan0
CANNOT LINK EXECUTABLE "sh": "/system/su/lib/libnexmon-armeabi-v7a.so" is 32-bit instead of 64-bit

With the airodump-ng compile with nexmon:

LD_PRELOAD=/system/su/lib64/libnexmon.so /system/su/xbin/airodump-ng wlan0                                                  
CANNOT LINK EXECUTABLE "/system/su/xbin/airodump-ng": "/system/su/lib64/libnexmon.so" is 64-bit instead 
LD_PRELOAD=/system/su/lib/libnexmon-armeabi.so /system/su/xbin/airodump-ng wlan0        
CANNOT LINK EXECUTABLE "sh": "/system/su/lib/libnexmon-armeabi.so" is 32-bit instead of 64-bit
LD_PRELOAD=/system/su/lib/libnexmon-armeabi-v7a.so /system/su/xbin/airodump-ng wlan0    
CANNOT LINK EXECUTABLE "sh": "/system/su/lib/libnexmon-armeabi-v7a.so" is 32-bit instead of 64-bit

@kimocoder
Copy link

I'll join here instead then. Experiencing exact same issue as @TheMMcOfficial

@TheMMcOfficial
Copy link
Author

TheMMcOfficial commented Oct 5, 2019

Ok I found a way to deauth on the 802.11n wifi. You need to download this version of android

angler-opr6.170623.019-factory-9fd72ad6 (8.0.0 (OPR6.170623.019, Sep 2017))

from this website: https://developers.google.com/android/images#angler.
Flush all your data on the device and flash those images. Flash them all vendor, system... After the os installed. Flash twrp and boot the system for the 1st time.
Setup the cellphone and reboot in TWRP. Flash Magisk you can flash nethunter too if you want to but I think the kernel is not stable....

For compiling the tools take the nexmon repo and do:

cd nexmon
source setup_env.sh
make
cd patches/bcm4358/7_112_300_14_sta/nexmon/
make
make backup-firmware
make install-firmware
cd ../../../../utilities/
make -j8 (if you go 8 physical core in your system)
make install

To be sure you can go to the aircrack dir and do: make and make install.

@TheMMcOfficial
Copy link
Author

For the Hijacker app on oreo I don't think it use libnexmon.so and the firmware 7_112_300_14. For the crash of the Hijacker app I don't know if it related to the unstable kernel of nethunter or if it's the app not 100% compatible with android 8.

@kimocoder
Copy link

@TheMMcOfficial I got it working on Android 7 on the Nexus 6P stock kernel

@TheMMcOfficial
Copy link
Author

TheMMcOfficial commented Nov 16, 2019

@kimocoder yes hijacker is made for android 7 with the nexmon firmware include in the app. But you can't do injection.... I succeeded a deauth on my 2,4ghz device but I don't succeeded on 802.1ac (5ghz). For nethunther, I need to check if I can find a fix for the kernel with the duckhunter addon and if I can work around the windows fixes for fast typing who block the duckyscript payload to be run... On linux it works well tho.

@kimocoder
Copy link

kimocoder commented Nov 16, 2019

I've made an Oreo kernel for Nexus 6P, based on jcad's Android 7 kernel 👍

https://github.com/kimocoder/android_kernel_huawei_angler/tree/nethunter-8.0

It is loaded in Kali project installer too 👍

@kimocoder
Copy link

Android 8 also working now 🥇
here we also got frame injection from Nexmon on the internal adapter 👍

@TheMMcOfficial
Copy link
Author

ok nice I will try it when I will got time to! Good job!

@kimocoder
Copy link

kimocoder commented Nov 16, 2019

I put it here:
https://gitlab.com/kimocoder/kali-nethunter-devices/commits/master

It's not pushed to NetHunter yet, we also enabled OTG ACA (y-cable power) support but we we'll try enhance a bit further first 👍

Android 8.0 supported, Android 8.1 will have trouble with Nexmon, but besides that it works great.

Hijacker app works for Android 7.1.2, not for Android 8 but I've just provided logcat logs to dev.

Nexmon has full monitor + frame injection via radiotap, but for Android 8 you will have to compile "fw_bcmdhd.bin" yourself or simply use the one below:

https://gitlab.com/kimocoder/kali-nethunter-devices/blob/9c9c41c74f31995f310388c7a86a41fa70141daf/oreo/angler/vendor/firmware/fw_bcmdhd.bin

(will find a way to include it on the NetHunter installer)

For installing with NetHunter installer for now, you will need to clone

git clone https://gitlab.com/kalilinux/nethunter/build-scripts/kali-nethunter-project -b 2019.4

And then copy the "kali-nethunter-devices" folder into it and run...

./build.py -d angler -o -k -nb

@TQMatvey
Copy link

Can someone help me getting internal monitor and frame injection on nexus 6p with hijacker or nexmon please?

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

No branches or pull requests

5 participants