Qualcomm QCACLD WiFi (Android) monitor mode
An update!
This method will work OUT-of-the-BOX, it seems someone over at CodeAurora actually flipped the switch
on monitor mode, so the kernel patch isn't really nescessary, only for they on older/unmaintained kernels.
Great news, less dirty tricks/patching needed. 1. A rooted Android environment.
2. Either compile a kernel yourself (NetHunter chroot works)
3. WiFi chipset that actually uses the QCACLD driver/firmware.
Older devices/drivers would need the patch from 'files', future kernels of 4.9, 4.14, 4.19
may have it WORKING from vendor. See "LIST_OF_DEVICES.txt" for known working phones.
Use issue reports for comments, new information that could help us get a working frame injection to it.Configure device to deliver 802.11 packets in raw mode. Below is the example of starting monitor mode and channel settings + tcpdump
Start monitor mode on adapter
echo "4" > /sys/module/wlan/parameters/con_modeStop monitor mode on adapter
ip link set wlan0 down
echo "0" > /sys/module/wlan/parameters/con_mode
ip link set wlan0 upI've found phones with frame injection support present. The phone is OnePlus 3T with lineageos 17.1, it has the QCACLD-2 driver, which QCACLD-3 replaced. However, finding the solution in QCACLD-2 to port to QCACLD-3 seems like an ok solution instead of fiddling around half blind in QCACLD-3, propably deactivated by Qualcomm.
Thread will be updated.
echo "4" > /sys/module/wlan/parameters/con_mode- 'iw phy0 info' output is over here
- Android QCACLD-3.0 patch to enable monitor mode - DOWNLOAD HERE
-
kimocoder
- Twitter: https://twitter.com/kimocoder
-
@Re4son
-
@johanlike (DJY)
-
Qualcomm
-
CodeAurora
