This is an old revision of the document!
February 12, 2007
By: SonicvanaJr
To start off the Fon, or La Fonera router is a small wireless router that is sold to the customer at a relatively low price ($30) provided that the user agrees to connect the Fonera to their internet connection, and provide free internet to those who want it.
The Fon company seems to live to give their routers away for free sometimes.
I have personally seen, and taken advantage of three different instances where they have given away routers. So if you're broke, or cheap. Just wait around for their next “have a router on us” event :)
The device itself is based on the Atheros AR2315 chipset.
Characteristics:
The Fon is able to run the OpenWRT Kamikaze image, and can thus run various pieces of software that are ported to it. Including the Aircrack-ng suite.
The first step to get Aircrack-ng running on the Fon is to get the OpenWRT image on it first.
Please note to be able to do this you either need a Fon that has SSH enabled.
Tutorial/Guide here. This only works on Fons with firmware 7.0 r4 or below, though at the time of writing [2/12/2007] these people claim to have a way to enable SSH on newer firmwares.
If your Fon is not capable of being SSH'd into then you can use a serial console to flash the image as well.
Instructions for building your own image, and various other information about the Fon and OpenWRT can be found here
Before building the image however the Madwifi-Ng drivers must be patched to allow injection. The patch for the Madwifi-Ng driver can be found here Please make note that there are actually only two code changes made to if_ath.c file, rest is just comments, and can and will be omitted when patching for OpenWRT.
To make your own injection capable image of the OpenWRT Kamikaze image follow the steps below.
svn co https://svn.openwrt.org/openwrt/trunk/
svn co https://svn.openwrt.org/openwrt/packages
svn up
ln -s ../../packages/*/* .
make menuconfig
make
make clean
tar xvjf madwifi-0.9.2.1.tar.bz2
Example
/*-
* Copyright (c) 2002-2005 Sam Leffler, Errno Consulting
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer,
* without modification.
rm -rf madwifi-0.9.2.1.tar.bz2 && tar cvjf madwifi-0.9.2.1.tar.bz2 madwifi-ng-0.9.2/ && rm -rf madwifi-0.9.2.1/
make
Now that all of this is done you should have some files in your bin directory.
Now you need to flash your Fon with the OpenWRT image. There are two ways to do this currently, one is to use the serial interface on the Fon, and the Redboot boot loader to flash a image, or you can ssh into the Fon and flash via the OpenWRT shell.
SSH and serial console guide can be found here
However in the ssh guide replace the files they use with the one I provided, or that you have built. If you built them substitute their wget commands with scp commands to get your image files into the /tmp directory.
Once you have successfully flashed your Fon boot it up, and ssh into it. Default login “root”, password “admin”
Now you need the aircrack-ng and libpthread ipk files. They can be found here or if you built them you should have no problem getting them over to your fon at this point.
Use the command
ipkg install <file name here>.ipk
for both of the files.
You now have the Aircrack-ng suite working on your Fon.
Also note that you need to use the wlanconfig tool to create a monitor mode interface. I suggest putting this into a script, and then putting said script into your PATH so that you can setup a monitor mode interface quickly.
wlanconfig ath create wlandev wifi0 wlanmode monitor
Enjoy
If you need help I can be found in the Aircrack-ng IRC channel.
However, if you're lazy, or just don't feel like you can do this you can download the image files at this site
Please understand that these packages are provided as is, and I will not be making any changes to their kernel configuration unless I need to or you can prove to me why I should make a certain change