Jump to content

Piranha Firmware


Recommended Posts

How hard would it be to add the Karma patches to the Piranha Firmware? He already has MDK3 and aircrack-ng working on the fon. I haven't had a chance to test this firmware yet on my FON2 but I probably will over Christmas. It would probably work better then using the gargoyle firmware that is currently needed for the fon+ or the fon2.

Link to comment
Share on other sites

looks like it is just openwrt with a few extra tools bundled by default. If so then to add karma I'd just need access to their madwifi package before it is built.

I've posted a comment on his site, see if I get anything back.

Link to comment
Share on other sites

  • 2 weeks later...

As Orange said in his post about the new firmware

legend is unfortunately outdated and obviously unmaintained or at least not actively developed - don't get me wrong, it works great, but OpenWrt as well as aircrack-ng have seen some great steps forward since last year

Also it would be nice to have something that would work on all the different fons.

Link to comment
Share on other sites

  • 3 months later...
I'm talking with Orange and will let know you whats happening when I know something.


You're still interested in collaborating? I'm currently setting up a new OpenWrt buildroot to work on the next Piranha and I'm interested to integrate Jasager into it. Please tell me what we'd need to do, i.e. some more insight into Jasager would be great as I honestly never used it before. Not sure how long it will take for the next Piranha to appear, but I'd like to offer collaboration at least if you're still interested. Let me know please.


I started two Piranha Brainstorming threads at http://piranha.klashed.net/2009/04/26/piranha-brainstorming/ and http://www.fonerahacks.com/forums/viewtopi...p?f=3&t=320

Any ideas would be much appreciated. I'd like to open Piranha as much as possible to the community and I'm especially interested in contributions from a technical perspective - my vision always was and still is to make Piranha a community effort. I'm currently waiting for an OpenWrt port of autoap, which should be one of the kickass features of the next Piranha, I hope for Jasager integration, latest aircrack-ng and mdk3 will be on board as usual and some other ideas. The next Piranha will be based on OpenWrt 8.09.

I'm really looking forward to your input!

Thanks in advance,


Link to comment
Share on other sites

I'm happy collaberate. As you know I've sorted out my own firmware with Jasager pre-installed but it would be better if it was rolled with other useful tools rather than just on its own.

I'll PM you my email address so we can talk about it.

Link to comment
Share on other sites

Digininja: So how are the madwifi drivers patched?

I created the patch for the openwrt version of the drivers, added it to the list of patches the buildtree uses then did a build. That created a package which I released.

Do the patched madwifi drivers support injection?

If you mean the aircrack patch set then no, that isn't included.

Link to comment
Share on other sites

Are they mutually exclusive in nature (patched madwifi vs aircrack injection support) or have they just not been built together?

Is it possible to just take your patch and apply it to another madwifi driver set. maybe one that supports aircrack injection already?

Did you release the patch code?

Thanks man.

Link to comment
Share on other sites

They will work together and HDM has put them together in the patch set he released as part of Karmetasploit. This is my openwrt 8.09 karma patch. To use it just drop it into the patches directory in the openwrt build system and it will automatically get added in. To add the injection patch you'd need to get a fully patched madwifi (with all the openwrt stuff) then add the injection code, work out a patch between yours and the fully patched then add that as a new patch.

Or, to say it another way, you can't just patch the raw source as that will be worked on by another 20+ patches before it gets to yours so your patch will probably be wrong by that point.

Link to comment
Share on other sites

Piranha 2 alpha1 is up at http://piranha.klashed.net/pub/2.0/alpha1/

Please visit http://www.fonerahacks.com/forums/viewtopi...amp;t=320#p1766 for more information. Jasager will (most likely) be introduced with Piranha 2 alpha2 - digininja and myself are currently working on this.

Any input from the community is certainly still much appreciated!

Stay tuned,


Link to comment
Share on other sites

Piranha 2 alpha2 is released - it's up at http://piranha.klashed.net/pub/2.0/alpha2/

The package repository at http://piranha.klashed.net/pub/2.0/packages/ is updated to Piranha 2 alpha2

Piranha 2 alpha1 at http://piranha.klashed.net/pub/2.0/alpha1/ has been taken down in favour of alpha2

Changelog is at http://www.fonerahacks.com/forums/viewtopi...mp;p=1788#p1788

Jasager integration is unfortunately not yet completed, but we're certainly still working on this!

replace "hacking" with Penetration Testing

I'll take this into account...

Link to comment
Share on other sites

done with finals, got my fon+ ready to hack and looking forward to the release of jasager on piranha!

I'm going to try out Alpha 3 later today.

This firmware seems promising having all complied together!

Great job guys!

Link to comment
Share on other sites

What if I have never let the fon talk to the mothership. The mac is not registered with the FON HQ and the heartbeat wont do anything then.

Orange... do you have a way to get fons on that have never been connected to "the collective"?

Link to comment
Share on other sites

Orange... do you have a way to get fons on that have never been connected to "the collective"?

Yes and no. In any case you need a fonera with stock firmware on it to register whatever other fonera (not registered yet - e.g. the piranha one) you'd like. It might be possible to register also with a stock openwrt fonera assumed you have chillispot installed but this is untested and thus cannot be supported by myself.

Here is what you need to do with a stock fonera though:

1st Step - Login via SSH and paste the following to the root prompt

/usr/sbin/chilli_radconfig -c /dev/null --radiusserver1=radius01.fon.com --radiussecret=garrafon --adminuser=chillispot --adminpasswd=chillispot --radiusnasid=xx-xx-xx-xx-xx-xx --dhcpif xx-xx-xx-xx-xx-xx

replace xx-xx-xx-xx-xx-xx with the WLAN MAC address of the fonera you'd like to register

2nd Step - You'll get approx. 20 lines of code. You need to copy the line

uamserver https://www.fon.com/login/gateway/sec/9c3370131faaxxxxxxxxxxxxxxxxxxxx

The important information is the 32-digit string after .../sec/

3rd Step - Login to your other fonera (to be registered - e.g. the piranha one) and do

thinclient start
/etc/init.d/cron start

Starting cron could also be substituted by a reboot as cron starts automatically as soon as /etc/crontabs/root is not empty anymore. The mothership just needs to get at least one heartbeat before you'll be able to proceed with Step 4.

4th Step - Open a webbrowser of your choice and navigate to


replace 9c3370131faaxxxxxxxxxxxxxxxxxxxx with your 32-digit string from Step 2 here. You should see the fon login portal now followed by some error messages, but don't care about them (not sure if you need to click "register" somwhere at the portal - it has been too long since I tried it last time, but afaik even that's not needed). Now just login to your fon account and you should be presented with a form to register the fonera.

I'd be interested in the outcome while trying this with a stock openwrt fonera and chillispot installed. If anyone tests it, please report back.

Have fun!

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...