nexmon support about hcxdumptool HOT 8 CLOSED

I had to edit my last comment, because I got some more informations:
Please try to set up the device into monitor as recommended here:
https://github.com/Bal33p/HCXDumpTool-on-RasberryPi-Zero-W-Using-Onboard-Broadcom-Chip-HowTo

iw phy iw dev wlan0 info | gawk '/wiphy/ {printf "phy" $2}' interface add mon0 type monitor
To activate monitor mode in the firmware, simply set the interface up:
ifconfig mon0 up

or here:
https://github.com/seemoo-lab/nexmon
... you can setup a new monitor mode interface by executing:
iw phy iw dev wlan0 info | gawk '/wiphy/ {printf "phy" $2}' interface add mon0 type monitor
To activate monitor mode in the firmware, simply set the interface up: ifconfig mon0 up.

It looks like the combination Raspberry Pi Zero W - nexmon - hcxdumptool is working, so it might be an issue Samsung - nexmon!

from hcxdumptool.

This modified driver for Raspberry Pi is not working on phones as far as I know, I'm using libfakeioctl in LD_PRELOAD to simulate monitor mode on non-monitor-mode capable interface.
This way I can make it work with bettercap, airodump and tcpdump.

from hcxdumptool.

You got 2 error messages from hcxdumptool:
failed to set monitor mode: No such device -> hcxdumptool can't find the interface
failed to init socket -> hcxdumptool can't create a raw socket to receive and transmit raw packets
Error 2 is related to error 1. If we have no interface, we can't send or receive packets .

So let's see if monitor mode is working and iw is able to detect the device. Please set the interface to monitor mode:
$ iw dev set type monitor
and comment the result:
$ iw dev info

If everything is ok, we expect no error message running this command (wlp3s0f0u1 is the name of my test interface):
$ iw dev wlp3s0f0u1 set type monitor
and we expect an output like this for the second command:
$ iw dev wlp3s0f0u1 info
Interface wlp3s0f0u1
ifindex 3
wdev 0x1
addr c8:3a:35:e0:f4:52
type monitor
wiphy 0
txpower 20.00 dBm

from hcxdumptool.

nexmon doesn't allow me to set interface to monitor mode, it's emulating it by preloaded library
It's not modifying driver to allow monitor mode, it's modifying just wifi firmware and emulating monitor for apps using preloaded library
iw doesn't show the interface as monitor mode even with preloading library

from hcxdumptool.

In that case hcxdumptool will not work for you, because the emulator doesn't allow this:
"nexmon doesn't allow me to set interface to monitor mode"

$ hcxdumptool --help
do not run hcxdumptool on logical interfaces (monx, wlanxmon)
do not use hcxdumptool in combination with other 3rd party tools, which take access to the interface

Closed this issue, because it is related to the emulator.

from hcxdumptool.

Please read also all comments here:
#42
to understand that the driver (in your case the emulator) must support full and hardware near monitor mode, included raw packet injection.
Only if the driver supports this, hcxdumptool will work.

from hcxdumptool.

It supports monitor mode and packet injection, but doesn't report it in casual Linux API as driver directly doesn't support it.
Ioctls are overwritten on preloaded library.
To set firmware to monitor mode you need to use custom software, not linux API.
I commented section that sets interface to monitor mode and it ALMOST works.
It captures packets with NEXMON header, which should be handled by preloaded library and passed to hcxdumptool as normal RADIOTAP.

from hcxdumptool.

The issue is within the preloaded library:
__nex_driver_io: error

and hcxdudmptool reports correctly:
failed to set monitor mode: No such device
failed to init socket

ioctl(3, SIOCSIWMODE, 0xb6fa0e04) = -1 EOPNOTSUPP (Not supported)
socket(AF_INET, SOCK_DGRAM, IPPROTO_IP) = 4
ioctl(4, SIOCDEVPRIVATE, 0xb6f76110) = -1 ENODEV (No such device)
writev(1, [{iov_base="__nex_driver_io", iov_len=15}, {iov_base=": error\n", iov_len=8}], 2) = 23
...
ioctl(3, SIOCSIWMODE, 0xb6fa01ec) = -1 EOPNOTSUPP (Not supported)
socket(AF_INET, SOCK_DGRAM, IPPROTO_IP) = 4
ioctl(4, SIOCDEVPRIVATE, 0xb6f76110) = -1 ENODEV (No such device)
writev(1, [{iov_base="__nex_driver_io", iov_len=15}, {iov_base=": error\n", iov_len=8}], 2) = 23

hcxdumptool needs the ioctls, otherwise it will not work:

start capturing (stop with ctrl+c)
INTERFACE:...............: wlp3s0f0u1
ERRORMAX.................: 100 errors
FILTERLIST...............: 0 entries
MAC CLIENT...............: b0ece1f25217
MAC ACCESS POINT.........: 0084edce9fef (incremented on every new client)
EAPOL TIMEOUT............: 150000
REPLAYCOUNT..............: 64046
ANONCE...................: 60f6f16c3028e0d9ed6450d82b176c7be213d7a4162e64f486638b4b8bb474ec

INFO: cha=6, rx=0, rx(dropped)=0, tx=30, powned=0, err=0

from hcxdumptool.