Hi All, Thanks for dropping by. Today I am going to tell you how to hack WiFi using your Android device. This is the second part of my WiFi hacking tutorial, How To Hack WiFi Using Android First part had a limitation that it works only for those devices which support bcmon app (devices with Broadcom bcm4329/bcm4330 WiFi chipsets.) In this post, I will explain how you can hack WiFi with any Android device.

How to Hack WiFi using Android without bcmon.


Following the instructions carefully will help you to hack WiFi using any Android device without bcmon or Broadcom chipsets. Make sure the following requirements are met before proceeding.

Requirements:

  • Rooted Android Device.
  • Some apps must be installed. Make sure you allow installation of apps from 'Unknown sources' in the security settings.
  • Supported OTG WiFi Adapter, for best results.
  • A few scripts which are shared below.
  • WPS Enabled WiFi (WPA/WPA2) in a close range

Instructions To Hack WiFi using Android Without bcmon supported Devices.


We still need to install bcmon app though it is probably not supported by your device. The idea is to create a folder of bcmon in the system folder and with some tweaks, make Reaver believe that the device is bcmon supported. Go ahead and follow the instructions given below

  • Download Reaver [apk](RFA) and install it. Alternate Link
  • Install Root Explorer from PlayStore. Alternatively, you can use ES File Explorer also.
  • Download bcmon (Don't worry if your device is supported or not) Alternate Link
  • Install and open bcmon app
  • Leave it open for a few seconds and then go to home. (This step is to create a folder com.bcmon.bcmon in/Data/data)
  • Open root explorer or ESFE and browse to the bcmon app previously downloaded.
  • Select it and press view or select it and choose the option 'extract'.
  • Open the assets from the extracted folder
  • Copy all the files to /Data/data/com.bcmon.bcmon/files.
  • Replace/Delete any folder or file if it is already there.

Using Custom Scripts To Activate Monitor Mode.


Since the device is not bcmon supported, we need to ensure RfA is less dependent on bcmon. This is for better results. We will use custom monitor-mode-activation scripts. Copy the below codes in a note editor and save with a .sh extension to somewhere you can remember easily. You can use ES File Explorer for this.

start.sh (enables monitor mode and exits)



warm.sh
RfA will read the script and execute the commands internally. This is needed to execute reaver in the same terminal session as the script.

stop.sh (disables monitor mode)

  • Now open root explorer.
  • Navigate to bcmon.bcmon/files/tools/reaver
  • Long press,chose permissions and then check the execute boxes(all 3) & click OK.
  • Go to tools, long press enable_bcmon and grant it execute rights (all 3) & click OK.

Step By Step instructions to hack WiFi using Android


Now you have set up the scripts and required apps, we can move to the next steps. Follow the instructions correctly. This part specifically deals with Reaver App.
  • Open Reaver app & scan for networks 
  • Select any one in green color and which is in a good range. For quick cracking & better results use OTG supported external WiFi adapter (If your device supports it)

  • Go to settings and open monitor-mode settings. Uncheck 'use bcmon' and click 'Browse' to load all the scripts.
  • start.sh is the activation script, warm.sh is the warm up script and stop.sh is the stop script.
  • Check the debugging mode option. 

  • Now go back to the attack screen and press test monitor-mode. Grant root permission if any popup comes. Press OK and press start attack. 

  • Rest of the steps are pretty much same as the previous tutorial. 
  • Wait until the WiFi password is cracked and displayed by Reaver. 

That's all. Good luck hacking WiFi. I am not responsible for any damages caused to your device. Unauthorized attempts to hack WiFi is a criminal offense punishable by law. Try it at your own risk.

Also Check Out: 

Post a Comment

  1. im unable to copey the files is this normal ?

    ReplyDelete
    Replies
    1. Make sure the device is properly rooted and has write access to the folders.

      Delete
    2. ya man i tried everything but works on root only

      Delete
  2. Getting error at the test monitor mode screen

    ReplyDelete
    Replies
    1. Probably device support issues.

      Delete
    2. Did it will support samsung galaxy star 2

      Delete
    3. Make sure u copy all of bcmons lib files to ur /sustem/lib/ folder too

      Delete
  3. getting message after strting attack
    as


    Failed to retrieve a mac address for interface wlan0
    Switching wlan0 to channel 1

    please help

    ReplyDelete
  4. after installing bcmon on my unite 2, i opened it and waited for 5 minutes, then i go to sdcard0/data but there is no folder named as com.bcmon

    ReplyDelete
    Replies
    1. hey on my Xperia Z1 also there is no such folder as com.bcmon.bcmon..
      Why..PLZ HELP

      Delete
    2. Its /data/data
      U must go to the root directory

      Delete
    3. Let me guess u used ESFE right?I had the same problem, for some reason ES isn't showing the contents of DATA folder on ANY phone...or on most of them.
      Just use some other Root Explorer. Cheers

      Delete
    4. Enable Root explorer option in ESFE.
      And allow root access.
      It will show root files.

      Delete
  5. Thanks. For sharing...
    Done above process successfully...
    Bt When i go to atack screen and tap on start attack...
    it says.. something like

    Bcmon.bcmon/files/(something).so is 32bit not 64 bit..
    so tell me what to do now..
    I have lenovo a6000 with resurrection Remix 64 bit ROM installed

    ReplyDelete
  6. I'm trying an error that only position independent executable

    ReplyDelete
    Replies
    1. http://forum.xda-developers.com/google-nexus-5/development/fix-bypassing-pie-security-check-t2797731

      Delete
  7. Thanks. For sharing...
    Done above process successfully...
    Bt When i go to atack screen and tap on start attack...
    it says.. something like

    Bcmon.bcmon/files/(something).so is 32bit instead of 64 bit..
    so tell me what to do now..
    I have redmi note 3

    ReplyDelete
  8. after clicking on start attack its showing start script and then the stop script ... after that its saying "monitor mode disabled successfully ALl scripts should are tested now, RFA is ready to use" what do i have to do next

    And what are the steps you mentioned as "rest of the steps are pretty same " ?

    ReplyDelete
    Replies
    1. Kindly check the post here for steps http://www.hackcave.net/2015/10/how-to-hack-wifi-using-android.html

      Delete
    2. Same here it shows monitor mode successfully disabled rfa is ready to use.

      Delete
    3. This link is not working... Am facing same issue

      Delete
    4. Link is not working.... Even am facing same issue

      Delete
    5. me too, are you able to solve it?

      Delete
    6. it happens to me too. were u able to find any fix?????

      Delete
    7. I've had the same issue. The solution is to make sure that you are not connected to any wifi networks before you start the attack. Wifi must be turned on but you should not be connected to any networks. If you keep getting connected automatically then forget the network. Hope this helped. This worked for me.

      Delete
  9. It says something like
    Warning
    linker : could not load library "(data/data com.bmon.bmon /file/linlbs/libfake

    ReplyDelete
    Replies
    1. Did u find the answer it shows the same fr me

      Delete
    2. Did u find the reason? The same problem goes fr me

      Delete
  10. not working.for is it neccesory to root mobile

    ReplyDelete
    Replies
    1. my device is rooted but it says not successful.please note that some file system (e.g sd card)do not allow perm. changes

      pls help

      Delete
  11. unexpected e_machine:40 error... Pls solve this... X86 based machine error.... Im using zenfone 5... Intel Atom chipset

    ReplyDelete
  12. It says
    Usage : svc WiFi [enable|disable]
    Turn WiFi on or off.

    ReplyDelete
  13. I have an error that says sh not found and no directory what does that mean?

    ReplyDelete
  14. could not load library "libcap.so.1" "./reaver";
    any IDEA?

    ReplyDelete
  15. its getting error control the wifi manager kindly resolve it fast sir .

    waitning for your positive reply sir .

    thanks

    ReplyDelete
  16. HELP asap please..
    I followed your instructions very carefully line by line but after tapping [TEST MONITOR MODE], I got the following error message..
    -------------------------
    1. Debug:activation script

    Stdout:


    StdErr:

    sh: /storage/sdcard0/Me/Wifi: No such file or directory

    2.Error

    Monitor-Mode activation failed.
    Something went wrongyou should enable debug mode and check your scripts.
    -----------------------

    The debug mode has ✔ on it and the scripts are exactly the same as i copied it from your post ⬆above⬆...

    please help me :(

    ReplyDelete
    Replies
    1. MY Xperia Z1 has smae problem...PLZ HELP

      Delete
    2. I'm getting the exact same thing

      Delete
    3. Getting the exact same thing

      Delete
    4. Just put all 3 sh files (start, stop, warm) scripts in root directory and check all execute permission right and then brows this scripts in a root direcrory

      Delete
    5. I have the exactly same problem :( Someone Please help us.

      Delete
    6. I'm getting same error. Not sure what to do to fix.

      Delete
    7. Thanks so much munavaar!!!!!!!!!!!!!!!!!!!!!
      This methods works!!!!!!!!!!!!!!!!!

      Delete
  17. showing error sh:./storage/emulated/legacy/start.sh:no such file file or directory

    ReplyDelete
  18. cant execute enable_bcmon command it gives not found

    ReplyDelete
  19. When i tap on start attack it shows a dialog box saying:
    "
    Stdout
    rfasuccess
    Stderr
    bmon_wrapper_loaded
    "
    Afer i tap ok the attack begins but keet showing two lines for hours:
    "
    Switching wlan0 to channel 1
    Waiting for becon from 'ssid of network'
    "
    Plz help what should i do

    ReplyDelete
  20. Hi..
    Am Ritesh..
    I have cyanogenmod ROM.
    I have installed everything and the monitor mode is success...
    When I hit START ATTACK in RfA it again comes the same page..
    I have tried it for many times but still I get the same page..
    Mobile model: gti 8552(cynogenmod)

    ReplyDelete
  21. If SD card doesn't grant permission for changing the permission then what am i supposedto do

    ReplyDelete
  22. Plz i have a little problem
    I can't do change permissions in root explorer for reaver and enable_bcmon

    Can you help me :)

    ReplyDelete
  23. Stops at
    Tmp-mksh: [3]: sh: not found
    error : only position independent
    executables (pie) are supported

    ReplyDelete
  24. StdErr:
    Bmon_wrapper loaded

    Please help.. everything else seems to be working fine

    ReplyDelete
  25. I'm having a problem with the script part...what kind of note editor do I need? I can't see the ES note editor..

    ReplyDelete
  26. stdout :

    rfasuccess

    stderr:

    bmon_wrapper_loaded
    error: only poistion independent executables (PIE) are supported.

    ReplyDelete
  27. It aint hacking.when i test monitor mode it says monitor mode has been successfully disabled and it does not start hacking

    ReplyDelete
  28. All steps r followed correctly and at end it says

    All scripts are tested now
    RfA is ready to use

    But after taping on OK nothing happens.
    What to do?
    Pls help

    ReplyDelete
  29. After attacking this text comes on the screen:

    "sh:[3]:libs.libfake_driver.so:not found
    sh:[4]: /data/data/com.bcmon.bcmon/files/:can't execute: is a directory
    sh:[5]: tools: not found
    sh:[4]: ./reaver: not found"

    I THINK THAT I AM NOT ABLE TO COPY THOSE SCRIPTS CORRECTLY, SO PLS CAN U GIVE A LINK TO DOWNLOAD THEM,
    OR
    IS THERE ANY OTHER PROBLEM.
    Thank you.

    ReplyDelete
  30. Help please !

    I followed the given instructions, and I got monitor mode to work but, when I click start attack I get this error: "cannot link executable dependencies: library "libpcap.so.1" not found"

    ReplyDelete
  31. Stdout:
    StdErr:
    sh: /storage/sdcard0/Me/Wifi: No
    such file or directory
    2.Error
    Monitor-Mode activation failed.
    Something went wrongyou should
    enable debug mode and check your
    scripts.

    solution pls

    ReplyDelete
  32. start.sh : No such file or directory
    i got this error
    How to solve this

    ReplyDelete
  33. bmon_wrapper_loaded
    error: only position independent executables (PIE) are supported.

    Scripts saved in /storage/emulated/0/ depository.
    Activate monitor-mode successfully.

    ReplyDelete
  34. hi sir
    my device redmi note 4g with rooted and installed coustm ROM like cyanogsnmod 13 BT bcmon apk not work
    my device supported otg.
    which external WiFi card for WiFi hacking ,please tell me
    help

    ReplyDelete
  35. HELP asap please..I followed your instructions very carefully line by line but after tapping [TEST MONITOR MODE], I got the following error message
    ..-------------------------
    1. Debug:activation script
    Stdout:

    StdErr:

    thats it sir empty

    ReplyDelete
  36. how to browse start.she script from SD card

    ReplyDelete
  37. Hi, I can't seem to copy the scripts. What should I do?

    ReplyDelete
  38. Do i have to rooted my phone first?. do you have any methods that dont need to root?

    ReplyDelete
    Replies
    1. Penetrate pro app

      It works without root on SOME wifi's
      Most of which are easy to hack anyway :P

      Delete
  39. In bcmon.bcmon/files is empty pls help

    ReplyDelete
  40. How do I get write access the folders? My phone is rooted

    ReplyDelete
  41. How much time taken to display password after track start

    ReplyDelete
  42. Great tutorial, btw is this only applicable for WPA/WPA2? does the same method applicable for WEP wifi as well?

    Thanks

    ReplyDelete
  43. Hey, great article. Everything worked fine until I got to the start attack button. When I press "start attack" it gives me an error saying that only position independent executables are supported. It then says rfa is really for use but won't start the attack. Any suggestions?

    ReplyDelete
  44. I get An Error PIE position independent executables
    How to fix? Please help T-T

    ReplyDelete
  45. Work but when i start attack it write
    [+]switching wlan0 to channel 1
    [+]waiting to beacon for --mac address

    And my turn off but the screen stay on
    [+]switching wlan0 to channel 1
    [+]waiting to beacon for --mac address

    ReplyDelete
  46. Hi i loaded the scripts and my problem is that in com.bcmon.bcmon/files dont have tools folder i just have the files i pasted from he apk extraction androidmanifest xml folder assets classes.dex folder meta-inf folder res and resources.arsc what am i doing wrong ?

    im on a vodafone smart tab II 7 stock rom

    Regards

    ReplyDelete
  47. Working. But some times its going Error!!!

    ReplyDelete
  48. In my s duos 2 after clicking on start attack showing error:PIE
    How to fix that

    ReplyDelete
  49. Please tell me how to bypass pie check in my yuphoria. The one from xda doesn't work.

    ReplyDelete
  50. I can't install bcmon. When I click the link, it takes me to a 404.

    ReplyDelete
  51. no network found.
    scan again.
    :(
    phone is rooted,
    all steps are done..
    still don't know why it shows me like this :(

    ReplyDelete
  52. Turns out you can't have spaces in your directory's but I'm still stuck it says all the directories in the start.sh don't exist and I have verified that they do

    ReplyDelete
  53. I am getting a error saying only PIE are supported. What to do?

    ReplyDelete
  54. To those with sh not found issues, the problem for me was the shebang and appended "sh" on the lines with .so files.

    Change shebang from #!/bin/bash to #!/bin/sh and removing "sh" from lines thereafter fixed the issues for me.

    Additionally, the binaries in this hack are not PIE compatible, so you may need to disable selinux on Android 5.0+ using a custom linker. Google is your friend.

    ReplyDelete
    Replies
    1. it is only one line containing sh after .so file and i have done all things you have said an still getting error

      Delete
  55. can dis method work for s3 i9300?

    ReplyDelete
  56. The link to download bcmon doesn't work

    ReplyDelete
  57. Great tutorial and i have done everything perfectly as u said but at the end when i start attack its displaying-
    Tmp-mksh stdin3 sh not found
    Error only position independent
    Executables pie are supported.
    Plz help me out i think m almost there....any help would be appreciated

    ReplyDelete
  58. Replies
    1. Do you have a mirror? Google drive doesn't want to share the file. I'm getting the error: "We're sorry. You can't access this item because it is in violation of our Terms of Service."

      Delete
    2. Google drive is no more used. Updated the links.

      Delete
  59. it says bmon wrapper loaded pie error..what to do

    ReplyDelete
  60. Reaver isn't finding any routers. It just says no networks found. Please help

    ReplyDelete
  61. error 404 appeared when i click the bcmon link. Where can I download it sir?

    ReplyDelete
  62. After enable monitor mode it says
    bcmon_wrapper_loded
    Error: only position independent executables (PIE) are supported

    ReplyDelete
  63. When I choose view, there is no option to extract. What do I need to do?

    ReplyDelete
  64. Link of bcmon is off plz update!!

    ReplyDelete
  65. Help when i download bcmon i open it and it crashes and i cant find its icon and i cant open it. PLS HELP

    ReplyDelete
  66. Can i get readymade scripts file please

    ReplyDelete
  67. libpcap.so.1 not found reaver ...help asap

    ReplyDelete
  68. how to download start.sh..warm.sh.stop.sh files???

    ReplyDelete
  69. Thanks for this wonderful trick.
    Do have a nice week ahead!

    ReplyDelete
  70. My page stuck at 'switching wlan0 to channel....' Please help me aand give solution

    ReplyDelete
  71. Waited for 4h and nothing happened. Waiting for package from....

    ReplyDelete
  72. Hello, when I tap "start attack" it shows:

    debug: activation script

    Stdout:

    rfasuccess


    StdErr:

    bmon_wrapper_loaded
    error: only position independant executables (PIE) are supported.


    and then this:

    debug: stop script

    Stdout:

    rfasuccess


    StdErr:


    and nothing happens. Can you help me ?

    ReplyDelete
  73. Those who get the "error: only position independant executables (PIE) are supported. "

    It i due to android L or up. The binaries this application use have not been compiled as PIE, and therefore latest android versions refuses to run them. Check this out for a possible fix: http://forum.xda-developers.com/google-nexus-5/development/fix-bypassing-pie-security-check-t2797731

    ReplyDelete
  74. Bro where is these three file i can't get it
    Plzzzzz help me..

    ReplyDelete
  75. First, thanks for all your efforts with this how-to and in responding to comments.

    Like several others I get the "only position independent executables (PIE) are supported."

    Is there a simple way to circumvent or correct this?

    ReplyDelete
    Replies
    1. Issue with Lollipop or higher versions.

      Delete
  76. when I copy the files data (data) bcmon it says access denied.. pleasw help nd my device is also rooted i have installed root checker it says properly installed.
    nd es file exp is incompatible with my device nd root explorer is on purchase so i installed a different explorer . Its name is fx file explorer nd I also have installed root module for it.

    ReplyDelete
  77. bcmon download link is outdated. Kindly update the link.

    Thanks.

    ReplyDelete
  78. Autor why you use blockcoute?????????????

    ReplyDelete
    Replies
    1. Added textarea so that it is easy to copy code.

      Delete

 
Top