11

For some reason, I can't turn the built-in Wi-Fi adapter on the new Raspberry Pi 3 into monitor mode like I used to do on other platforms.

First I kill the processes that interfere with sudo airmon-ng check kill:

Found 4 processes that could cause trouble.
If airodump-ng, aireplay-ng or airtun-ng stops working after
a short period of time, you may want to kill (some of) them!

PID     Name
364     avahi-daemon
385     avahi-daemon
411     wpa_supplicant
629     dhcpcd
Process with PID 411 (wpa_supplicant) is running on interface wlan0
Killing all those processes...

Then I try to enable monitor mode with sudo airmon-ng start wlan0:

Interface       Chipset         Driver

wlan0           Unknown         brcmfmac_sdio - [phy0]mon0: ERROR while getting interface flags: No such device

                                (monitor mode enabled on mon0)

The output says it's enabled, but I can't use mon0.
How can I fix this and turn the adapter into monitor mode?

eden881
  • 237
  • 1
  • 2
  • 7

3 Answers3

15

You cannot. Not all chipsets/wifi drivers support monitor mode. Broadcom is known for lacking in open source drivers functionality support.

It is already public knowledge the RPi 3 current driver implementation does not support monitor mode.

PSA: The Raspberry Pi 3's embedded WiFi card does not support promiscuous mode.

If you are buying a replacement, do not go for a cheap realtek one, lots of bugs. Buy ralink or atheros, and check first if the chipset (and monitor mode) is well supported by the Linux kernel.

I am personally happy with this 8-10 Euro ralink, bought in Aliexpress: (link dead several times, replaced by the characteristics): 2T2R 300Mbps Dual Band 2.4GHz 5.8GHz-Ralink RT5572N WiFi USB-Adapter

see also https://unix.stackexchange.com/questions/252210/wi-fi-problems-using-asus-usb-n13-adapter-realtek

Rui F Ribeiro
  • 1,736
  • 8
  • 15
  • 1
    your link is dead unfortunately. Do you mind providing a raw model number to future proof this post? – fIwJlxSzApHEZIl Sep 08 '16 at 18:25
  • Changed for a new one. It is a moving target unfortunately. Will think later on how to improve it. – Rui F Ribeiro Sep 08 '16 at 20:03
  • @RuiFRibeiro Are both monitor and injection mode supported for that particular chipset you suggested? – Motun Sep 26 '16 at 21:29
  • Ralink usually supports monitor mode; injection mode has to be tested; for that it is safer to buy something more expensive, and atheros model known to support it – Rui F Ribeiro Sep 27 '16 at 01:00
6

The default firmware does not allow monitor mode. The Nexmon project has patches to enable that.

Mr. White
  • 161
  • 1
  • 1
  • Indeed it appears the next project, that surfaced around the end of 2016, and provides firmware patches, changed the possible answer. Interesting. – Rui F Ribeiro Jul 21 '17 at 15:52
1

For a better and updated answer look at this RPi SO answer.

The firmware used in the BCM4339 (Nexus 5) as well as the BCM43438 (RPI3) got a built-in monitor mode.

The point here, is that the Firmware does support a lot of interesting things, but the kernel drivers does not. In addition the awesome Nexmon security researchers have patched and upgraded both. They also provide PoC code for both Active Jamming using the RPi and are currently working on a limited SDR functionality.

not2qubit
  • 275
  • 2
  • 8