How to enable monitor mode in Raspberry Pi 3

In previous posts, we found out a cheap and cool way to be able to sniff in Monitor Mode in a Windows 10 PC, which is usually impossible, due to the wireless card included in the PC that doesn’t allow it.

In that case, we used a Kali Linux VM (you can check this tutorial to install it) and this wireless adapter.

Another cheap and cool alternative (no need for expensive AirPcap dongles) is use that USB wireless adapter and connect it to a Raspberry Pi 3. If you follow this tutorial, you’ll see it’s also easy to set up 🙂

Step 1: check your wireless network interfaces and create a monitor mode one

You can check that you have two wireless network interfaces (the one embedded in your Pi and the USB adapter one) in Managed Mode with the command:

iwconfig

Now, let’s create a monitor mode interface, mon1, with the command:

sudo iw phy phy1 interface add mon1 type monitor

You can check with iwconfig or also:

iw dev

If this doesn’t work, make sure your interfaces support monitor mode with the command:

iw phy phy1 info

Step 2: edit the interfaces file

If you type sudo nano /etc/network/interfaces , you will be able to edir your interfaces configuration file.

Now, add all the commands you see in the following picture:

This will set up each of your network interfaces to work in the mode you like. If you now check your interfaces, you can see this:

Now it’s time to reboot your Pi!

Step 3: Setting up your interfaces

You don’t need to do this, but if you want, you can set the frequency and the channel you want to monitor with the commands:

sudo iw dev mon1 set freq 2437
sudo iwconfig mon1 channel 6

and check using:

iw dev

Now, it’s time to sniff some packets!

Step 4: install Aircarck-ng

Aircrack-ng is a suite of tools designed to evaluate WiFi network security. It includes airodump-ng that, as we saw in previous posts on this section, it’s a tool to sniff packets.

We followed this simple and updated tutorial to install it.

Step 5: start using your monitor mode interface

Once you are here, you can start sniffing packets in monitor mode using airodump-ng and your brand new monitor mode interface, mon1:

If you want to save the pcap file, just type:

airodump-ng -w capture.pcap mon1

And now you are ready to play with it 🙂

Conclusion

This is the third of a series of posts we wrote in order to find a way to scan in monitor mode without having to pay more than $200.

Our problem started when we wanted to achieve this using a Windows 10 PC with no monitor mode supported by its wireless network card. You can check what we tried here.

Then, we recently found a cool solution that we showed you in this tutorial.

And finally, today, we have shown you another nice, cheap and portable! way to get it to work.

The applications of monitoring your WiFi are countless: from network audit to detecting intrusers in your area.

We hope you enjoyed this tutorial and will be glad you read your comments and answer your questions!

Add a Comment

Your email address will not be published. Required fields are marked *