This is an old revision of the document!
To start off the Fon, or La Fonera router is a small device that is sold to the customer at a relatively low price ($30) provided that the user agrees to connect the Fonera to their internet connection, and provide free internet to those who want it.
The device itself is based on the Atheros AR2315 chipset.
* 5V @ 2A power supply
* 1 ethernet jack
* RP-SMA antenna connector
* serial
* 16MB RAM
* 8MB Flash
* SPI-Bus
The Fon is able to run the OpenWRT Kamikaze flash image, and can thus run various pieces of software that are ported to it. Including the Aircrack-ng suite.
The first step to get Aircrack-ng running on the Fon is to get the OpenWRT image on it first.
Please note to be able to do this you either need a Fon that has SSH enabled.
Tutorial/Guide here This only works on Fons with firmware 7.0 r4 or below, though at the time of writing [2/12/2007] these people claim to have a way to enable SSH on newer firmwares.
If your Fon is not capable of being SSH'd into then you can use a serial console to flash the image as well.
Instructions for building your own image, and various other information about the Fon and OpenWRT can be found here
Before building the image however the Madwifi-Ng drivers must be patched to allow injection. The patch for the Madwifi-Ng driver can be found here Please make note that there are actually only two code changes made to the if_ath.c file, rest is just comments, and can and will be omitted when patching for OpenWRT.
To make your own injection capable image of the OpenWRT Kamikaze image follow the steps below However, if you're lazy, and don't think you can accomplish this, or just don't feel like you can do this you can download the image files at this site
However these packages are provided as is, and I will not be making any changes to their kernel configuration unless I need to or you can prove to me why I should make a certain change
First pull the SVN trunk and packages from the OpenWRT SVN server
- svn co https://svn.openwrt.org/openwrt/trunk/ 
- svn co https://svn.openwrt.org/openwrt/packages 
- You can then later update either of those by going into either the trunk or packages directory, and typingsvn up
Setup and build the image
- Create a symbolic link from the packages tree to the trunk/packages directory- Go into the trunk/packages directory and typeln -s ../../packages/*/* . 
 
- Now go into the trunk directory, and typemake menuconfig- Make sure that “Target System” is Atheros [2.6]
- Make sure the Aircrack-Ng package is selected in the Network section as a module.
- Make sure the libpthread package is selected in the Libraries section as a module.
- Exit out of the kernel configuration, and be sure to save your changes.
 
- Go to the trunk directory and typemake
- Once this is done typemake clean
Patch the madwifi source
- Go into the trunk/dl directory
- Extract the madwifi source by typingtar xvjf madwifi-0.9.2.1.tar.bz2
- Edit the madwifi-0.9.2.1/ath/if.c file- Open said file in your favorite text editor and at the beginning you will see a bunch of commented code. Remove one line of this code. I know this seems stupid, and is quite a dirty hack, but it must be done so that when the madwifi-ng package builds the other patches can be applied to it without any problems.
- Now apply the two lines of code found within the patch file mentioned at the beginning of tutorial. Again I know it sucks to do it by hand, but then again it is quite trivial, and easy, so don't complain to much. Once this is done save the file, and exit out of your text editor.
 
Repackage the madwifi-ng source
- rm -rf madwifi-0.9.2.1.tar.bz2 && tar cvjf madwifi-0.9.2.1.tar.bz2 madwifi-ng-0.9.2/ && rm -rf madwifi-0.9.2.1/ 
Rebuild the image, this time with the patched drivers
- Go into the trunk directory, and typemake
Now that all of this is done you should have some files in your bin directory.
- openwrt-atheros-2.6-vmlinux.lzma
- openwrt-atheros-2.6-root.jffs2-64k
- Some others (don't worry about them)
- A package directory containing the aircrack-ng ipk file, and libpthred ipk file
Now you need to flash your Fon with the OpenWRT image. There are two ways to do this currently, one is to use the serial interface on the Fon, and the Redboot boot loader to flash a image, or you can ssh into the Fon and flash via the OpenWRT shell.
SSH and serial console guide can be found here
However in the ssh guide replace the files they use with the one I provided, or that you have built. If you built them substitute their wget commands with scp commands to get your image files into the /tmp directory.
Once you have successfully flashed your Fon boot it up, and ssh into it. Default login “root”, password “admin”
Now you need the aircrack-ng and libpthread ipk files. They can be found here or if you built them you should have no problem getting them over to your fon at this point.
Use the command
ipkg install <file name here>.ipk
for both of the files.
You now have the Aircrack-ng suite working on your Fon.
Also note that you need to use the wlanconfig tool to create a monitor mode interface. I suggest putting this into a script, and then putting said script into your PATH so that you can setup a monitor mode interface quickly.
wlanconfig ath create wlandev wifi0 wlanmode monitor
Enjoy
Written by SonicvanaJr
If you need help I can be found in the Aircrack-ng IRC channel.
