This tutorial is supposed to help you through the setup and installation of scapy and the wifi dongle used in this tutorial.
I spent some time with scapy and want to share my knowledge since there are lots of spots where things can go wrong. I am using the TP-Link wifi dongle TL-WN722N V2.
I found that first of all you need to install your own driver to be able to use frame injection and monitor mode. Windows is not an option here because monitor mode was depreciated in earlier versions. Next I tried linux. As I am quiet new to linux myself I played around a little and found out that most tutorials on WIFI monitor mode are only working for kali linux, which is fine if you want to use it for hacking. Another operating system for which I can confirm the drivers working is Ubuntu (version 20.04.2 currently). I also tried installing the drivers on raspbian. It does not work, ubuntu server version can be installed on raspberry pi, though. I hope this saves you some trouble.
=> Use Kali or Ubuntu (desktop and server version both work for ubuntu)
After reading the above paragraph this should be quiet easy as all the tutorials made for kali linux also work for ubuntu. Below are the steps that I took to install everything:
sudo apt update
sudo apt install bc make gcc
sudo rmmod r8188eu.ko
git clone -b v5.2.20 https://github.com/aircrack-ng/rtl8812au.git
cd rtl8812au
sudo -i
echo "blacklist r8188eu" > "/etc/modprobe.d/realtek.conf"
exit
make
sudo make install
sudo modprobe 8188eu
The most common error for me appeared after calling make. This is often due to wrong kernels and can be fixed by switching to ubuntu or kali as this has to do with the operating system.
Do not forget to reboot before the next steps.
This is also somewhat difficult because, as for me even though using the same operating system on rpi and my desktop computer, errors appeared at different spots. My solution was to simply fiddle around with the code and just trying random combination, leading me to success.
It is important that you use iwconfig to determine the name of your wifi dongle
Use these commands
ifconfig wlan0 down
airmon-ng check kill //Only useful in some situations
usermod -a -G netdev USERNAME //In case the operation is not permitted even though you are root
iwconfig wlan0 mode monitor //On RPi simply use this command without turning wlan0 down
ifconfig wlan0 up
iwconfig //Check out whether you have been successful and the mode says 'monitor' now
No idea why it does not always work the same way but your are very likely to succeed with the above commands.
Finally, the fun stuff. Get ready to use pip to install scapy (python3 -m pip install scapy). Sadly, scapy only supports Python up to version 3.8, so make sure to have the correct version installed and activated as your default python. You also might need to run the script as root.
The code for sending packets is very straight forward:
from scapy.all import *
conf.use_pcap = True //Not quiet sure if this is optional
send(IP(dst="0.0.0.0")/UDP(dport=123, sport=200)/Raw(load="I am WIFI"), iface="wlan0", loop=1, inter=0.2)
I am not really trying to make a tutorial on how scapy itself works, only the big picture and how to set it up. It is a very interesting library and you should definitely check it out.
Most errors will arise from the import as it is crucial to use the proper python version! Also, the similar methods send() and sendp() troubled me a lot. I was unable to pick up anything with wireshark useing the sendp() method using the same parameters as above.
The iface="wlan0" is responsible for selecting the interface via which the packets are send. It should be matching with the interface you found earlier with the iwconfig command and set to monitor mode.
Wireshark is an awesome tool for prototyping whatever you want to do. If something is not working you should start looking there first. You can use it to identify what you are sending by running Wireshark on the transmitting wifi dongle or use another wifi dongle to pick up your packets. If you have done everything correctly and run the python script, while recording with Wireshark, you should be picking up many of the "I am WIFI" messages.
Thank you for going thorugh all of this. I hope I saved some people from all-nighters trying to figure out kernels, drivers or version mismatching. Do ask me questions.