This is an old revision of the document!
To start off the Fon, or La Fonera router is a small wireless router that is sold to the customer at a relatively low price ($30) provided that the user agrees to connect the Fonera to their internet connection, and provide free internet to those who want it.
The device itself is based on the Atheros AR2315 chipset.
* 5V @ 2A power supply
* 1 ethernet jack
* RP-SMA antenna connector
* serial
* 16MB RAM
* 8MB Flash
* SPI-Bus
The Fon is able to run the OpenWRT Kamikaze flash image, and can thus run various pieces of software that are ported to it. Including the Aircrack-ng suite.
The first step to get Aircrack-ng running on the Fon is to get the OpenWRT image on it first.
Please note to be able to do this you either need a Fon that has SSH enabled.
Tutorial/Guide here This only works on Fons with firmware 7.0 r4 or below, though at the time of writing [2/12/2007] these people claim to have a way to enable SSH on newer firmwares.
If your Fon is not capable of being SSH'd into then you can use a serial console to flash the image as well.
Instructions for building your own image, and various other information about the Fon and OpenWRT can be found here
Before building the image however the Madwifi-Ng drivers must be patched to allow injection. The patch for the Madwifi-Ng driver can be found here Please make note that there are actually only two code changes made to the if_ath.c file, rest is just comments, and can and will be omitted when patching for OpenWRT.
To make your own injection capable image of the OpenWRT Kamikaze image follow the steps below However, if you're lazy, and don't think you can accomplish this, or just don't feel like you can do this you can download the image files at this site
However these packages are provided as is, and I will not be making any changes to their kernel configuration unless I need to or you can prove to me why I should make a certain change
svn co https://svn.openwrt.org/openwrt/trunk/
svn co https://svn.openwrt.org/openwrt/packages
svn up
ln -s ../../packages/*/* .
make menuconfig
make
make clean
tar xvjf madwifi-0.9.2.1.tar.bz2
rm -rf madwifi-0.9.2.1.tar.bz2 && tar cvjf madwifi-0.9.2.1.tar.bz2 madwifi-ng-0.9.2/ && rm -rf madwifi-0.9.2.1/
make
Now that all of this is done you should have some files in your bin directory.
Now you need to flash your Fon with the OpenWRT image. There are two ways to do this currently, one is to use the serial interface on the Fon, and the Redboot boot loader to flash a image, or you can ssh into the Fon and flash via the OpenWRT shell.
SSH and serial console guide can be found here
However in the ssh guide replace the files they use with the one I provided, or that you have built. If you built them substitute their wget commands with scp commands to get your image files into the /tmp directory.
Once you have successfully flashed your Fon boot it up, and ssh into it. Default login “root”, password “admin”
Now you need the aircrack-ng and libpthread ipk files. They can be found here or if you built them you should have no problem getting them over to your fon at this point.
Use the command
ipkg install <file name here>.ipk
for both of the files.
You now have the Aircrack-ng suite working on your Fon.
Also note that you need to use the wlanconfig tool to create a monitor mode interface. I suggest putting this into a script, and then putting said script into your PATH so that you can setup a monitor mode interface quickly.
wlanconfig ath create wlandev wifi0 wlanmode monitor
Enjoy
Written by SonicvanaJr
If you need help I can be found in the Aircrack-ng IRC channel.