Hi All, Thanks for dropping by. Today I am going to tell you how to hack WiFi using your Android device. This is the second part of my WiFi hacking tutorial, How To Hack WiFi Using Android First part had a limitation that it works only for those devices which support bcmon app (devices with Broadcom bcm4329/bcm4330 WiFi chipsets.) In this post, I will explain how you can hack WiFi with any Android device.

How to Hack WiFi using Android without bcmon.


Following the instructions carefully will help you to hack WiFi using any Android device without bcmon or Broadcom chipsets. Make sure the following requirements are met before proceeding.

Requirements:

  • Rooted Android Device.
  • Some apks must be installed. Make sure you allow installation of apps from 'Unknown sources' in the security settings.
  • Supported OTG WiFi Adapter, for best results.
  • A few scripts which is shared below.
  • WPS Enabled WiFi (WPA/WPA2) in a close range

Instructions To Hack WiFi using Android Without bcmon supported Devices.


We still need to install bcmon app though it is probably not supported by your device. The idea is to create a folder of bcmon in the system folder and with some tweaks, make Reaver believe that the device is bcmon supported. Go ahead and follow the below given instructions.

  • Download Reaver [apk](RFA) and install it
  • Install Root Explorer from PlayStore. Alternatively you can use ES File Explorer also.
  • Download bcmon (Don't worry if your device is supported or not)
  • Install and open bcmon app
  • Leave it open for a few seconds and then go to home.(This step is to create a folder com.bcmon.bcmon in/Data/data)
  • Open root explorer or ESFE and browse to the bcmon apk previously downloaded.
  • Select it and press view or select it and choose the option 'extract'.
  • Open the assets from the extracted folder
  • Copy all the files to /Data/data/com.bcmon.bcmon/files.
  • Replace/Delete any folder or file if it is already there.

Using Custom Scripts To Activate Monitor Mode.


Since the device is not bcmon supported, we need to ensure RfA is less dependent on bcmon. This is for better results. We will use custom monitor-mode-activation scripts. Copy the below codes in a note editor and save with a .sh extension to somewhere you can remember easily. You can use ES File Explorer for this.

start.sh (enables monitor mode and exits)
#!/bin/bash
svc wifi disable
LD_LIBRARY_PATH=/data/data/com.bcmon.bcmon/files/libs
LD_PRELOAD=/data/data/com.bcmon.bcmon/files/libs/libfake_driver.so sh
cd /data/data/com.bcmon.bcmon/files/tools
./enable_bcmon
echo "rfasuccess"
exit
warm.sh

RfA will read the script and execute the commands internally. This is needed to execute reaver in the same terminal session as the script.
#!/bin/bash
LD_LIBRARY_PATH=/data/data/com.bcmon.bcmon/files/libs
LD_PRELOAD=/data/data/com.bcmon.bcmon/files/libs/libfake_driver.so sh
cd /data/data/com.bcmon.bcmon/files/tools
stop.sh (disables monitor mode)
#!/bin/bash
svc wifi enable
echo "rfasuccess"
  • Now open root explorer.
  • Navigate to bcmon.bcmon/files/tools/reaver
  • Long press,chose permissions and then check the execute boxes(all 3) & click OK.
  • Go to tools, long press enable_bcmon and grant it execute rights (all 3) & click OK .

Step By Step instructions to hack WiFi using Android


Now you have set up the scripts and required apps, we can move to the next steps. Follow the instructions correctly. This part specifically deals with Reaver App.
  • Open Reaver app & scan for networks 
  • Select any one in green color and which is in good range. For quick cracking & better results use OTG supported external WiFi adapter (If your device supports it)

  • Go to settings and open monitor-mode settings. Uncheck 'use bcmon' and click 'Browse' to load all the scripts.
  • start.sh is the activation script,warm.sh is the warm up script and stop.sh is the stop script.
  • Check the debugging mode option. 

  • Now go back to the attack screen and press test monitor-mode. Grant root permission if any popup comes. Press OK and press start attack. 

  • Rest of the steps are pretty much same as the previous tutorial. 
  • Wait until the WiFi password is cracked and displayed by Reaver. 

That's all. Good luck hacking WiFi. I am not responsible for any damages caused to your device. Unauthorized attempts to hack WiFi is a criminal offence punishable by law. Try it at your own risk.

Also Check Out: 

Post a Comment

  1. im unable to copey the files is this normal ?

    ReplyDelete
    Replies
    1. Make sure the device is properly rooted and has write access to the folders.

      Delete
  2. Getting error at the test monitor mode screen

    ReplyDelete
    Replies
    1. Probably device support issues.

      Delete
    2. Did it will support samsung galaxy star 2

      Delete
    3. Make sure u copy all of bcmons lib files to ur /sustem/lib/ folder too

      Delete
  3. getting message after strting attack
    as


    Failed to retrieve a mac address for interface wlan0
    Switching wlan0 to channel 1

    please help

    ReplyDelete
  4. after installing bcmon on my unite 2, i opened it and waited for 5 minutes, then i go to sdcard0/data but there is no folder named as com.bcmon

    ReplyDelete
    Replies
    1. Its /data/data
      U must go to the root directory

      Delete
  5. Thanks. For sharing...
    Done above process successfully...
    Bt When i go to atack screen and tap on start attack...
    it says.. something like

    Bcmon.bcmon/files/(something).so is 32bit not 64 bit..
    so tell me what to do now..
    I have lenovo a6000 with resurrection Remix 64 bit ROM installed

    ReplyDelete
  6. I'm trying an error that only position independent executable

    ReplyDelete
    Replies
    1. http://forum.xda-developers.com/google-nexus-5/development/fix-bypassing-pie-security-check-t2797731

      Delete
  7. Thanks. For sharing...
    Done above process successfully...
    Bt When i go to atack screen and tap on start attack...
    it says.. something like

    Bcmon.bcmon/files/(something).so is 32bit instead of 64 bit..
    so tell me what to do now..
    I have redmi note 3

    ReplyDelete
  8. after clicking on start attack its showing start script and then the stop script ... after that its saying "monitor mode disabled successfully ALl scripts should are tested now, RFA is ready to use" what do i have to do next

    And what are the steps you mentioned as "rest of the steps are pretty same " ?

    ReplyDelete
    Replies
    1. Kindly check the post here for steps http://www.hackcave.net/2015/10/how-to-hack-wifi-using-android.html

      Delete
    2. This link is not working... Am facing same issue

      Delete
    3. Link is not working.... Even am facing same issue

      Delete
    4. me too, are you able to solve it?

      Delete
  9. It says something like
    Warning
    linker : could not load library "(data/data com.bmon.bmon /file/linlbs/libfake

    ReplyDelete
  10. not working.for is it neccesory to root mobile

    ReplyDelete
  11. unexpected e_machine:40 error... Pls solve this... X86 based machine error.... Im using zenfone 5... Intel Atom chipset

    ReplyDelete
  12. It says
    Usage : svc WiFi [enable|disable]
    Turn WiFi on or off.

    ReplyDelete
  13. I have an error that says sh not found and no directory what does that mean?

    ReplyDelete
  14. could not load library "libcap.so.1" "./reaver";
    any IDEA?

    ReplyDelete
  15. its getting error control the wifi manager kindly resolve it fast sir .

    waitning for your positive reply sir .

    thanks

    ReplyDelete
  16. HELP asap please..
    I followed your instructions very carefully line by line but after tapping [TEST MONITOR MODE], I got the following error message..
    -------------------------
    1. Debug:activation script

    Stdout:


    StdErr:

    sh: /storage/sdcard0/Me/Wifi: No such file or directory

    2.Error

    Monitor-Mode activation failed.
    Something went wrongyou should enable debug mode and check your scripts.
    -----------------------

    The debug mode has ✔ on it and the scripts are exactly the same as i copied it from your post ⬆above⬆...

    please help me :(

    ReplyDelete
    Replies
    1. MY Xperia Z1 has smae problem...PLZ HELP

      Delete
    2. Just put all 3 sh files (start, stop, warm) scripts in root directory and check all execute permission right and then brows this scripts in a root direcrory

      Delete
  17. showing error sh:./storage/emulated/legacy/start.sh:no such file file or directory

    ReplyDelete
  18. cant execute enable_bcmon command it gives not found

    ReplyDelete
  19. When i tap on start attack it shows a dialog box saying:
    "
    Stdout
    rfasuccess
    Stderr
    bmon_wrapper_loaded
    "
    Afer i tap ok the attack begins but keet showing two lines for hours:
    "
    Switching wlan0 to channel 1
    Waiting for becon from 'ssid of network'
    "
    Plz help what should i do

    ReplyDelete
  20. Hi..
    Am Ritesh..
    I have cyanogenmod ROM.
    I have installed everything and the monitor mode is success...
    When I hit START ATTACK in RfA it again comes the same page..
    I have tried it for many times but still I get the same page..
    Mobile model: gti 8552(cynogenmod)

    ReplyDelete
  21. If SD card doesn't grant permission for changing the permission then what am i supposedto do

    ReplyDelete
  22. Plz i have a little problem
    I can't do change permissions in root explorer for reaver and enable_bcmon

    Can you help me :)

    ReplyDelete
  23. Do i have to rooted my phone first?. do you have any methods that dont need to root?

    ReplyDelete
    Replies
    1. Penetrate pro app

      It works without root on SOME wifi's
      Most of which are easy to hack anyway :P

      Delete
  24. Working. But some times its going Error!!!

    ReplyDelete
  25. I can't install bcmon. When I click the link, it takes me to a 404.

    ReplyDelete
  26. To those with sh not found issues, the problem for me was the shebang and appended "sh" on the lines with .so files.

    Change shebang from #!/bin/bash to #!/bin/sh and removing "sh" from lines thereafter fixed the issues for me.

    Additionally, the binaries in this hack are not PIE compatible, so you may need to disable selinux on Android 5.0+ using a custom linker. Google is your friend.

    ReplyDelete
  27. can dis method work for s3 i9300?

    ReplyDelete
  28. The link to download bcmon doesn't work

    ReplyDelete
  29. Great tutorial and i have done everything perfectly as u said but at the end when i start attack its displaying-
    Tmp-mksh stdin3 sh not found
    Error only position independent
    Executables pie are supported.
    Plz help me out i think m almost there....any help would be appreciated

    ReplyDelete
  30. Reaver isn't finding any routers. It just says no networks found. Please help

    ReplyDelete
  31. error 404 appeared when i click the bcmon link. Where can I download it sir?

    ReplyDelete

 
Top