Home

Awesome

wifi-frequency-hacker

A modified frequency regulatory domain configuration that doesn't limit you.

Overview

Different countries enforce different frequency restrictions on the various wifi channels. This can be a pain if your card/OS is forcing you into a different configuration than the one you need. There are numerous reasons why this may be happening. From drivers favouring EEPROM configurations over your settings to weird decision making based on observed network activity. Either way, the discerning wifi hacker doesn't want to have to bother with such things.

Contents

This contains a modified binary regulations configuration (regulatory.bin), based on the plain-text input file (db.txt). This configuration sets all countries to the same setting, and that setting is the least restrictive possible. That way, no matter what domain you're being forced into, you get the same functionality.

Benefits

This includes:

The caveat is that your hardware needs to support what you're trying to do (e.g. this won't give a 2.4Ghz only card 5Ghz capabilities).

Warnings

Of course, this let's you do dangerous things too, and you need to be very careful how you use this. In particular:

When in doubt, don't transmit! This wiki page usually has the latest details on which wifi channels are available in which country: https://en.wikipedia.org/wiki/List_of_WLAN_channels

Installing

If you have a crda compiled with external key support, you need to do two things to install this. The first is to overwrite your existing regulatory.bin with the new one. The second is to copy my public key to the right directory.

When overwriting the .bin, make sure to make a backup of the original so you can go back to normal wifi function if you need to/want to.

My public key is needed because the binary is signed by my private key, and crda needs the public key to validate that signature.

On Kali Rolling 2016.1 I ran the following commands:

apt-get install wireless-regdb crda

This will make sure you get the pre-requisites.

git clone https://github.com/singe/wifi-frequency-hacker
cd wifi-frequency-hacker

Get a copy of this repo.

cp /lib/crda/regulatory.bin /lib/crda/regulatory.bin.orig
cp regulatory.bin /lib/crda/
cp singe.key.pub.pem /lib/crda/pubkeys/

Make a backup of the original file, and replace it with the new one, and add my public key to crda's list of accepted keys.

iw reg set ZA 

If you change to a new locale that isn't your current, the new setting will take effect.

iw reg get 

You should see something like:

country XX: DFS-UNSET
	(2400 - 2494 @ 80), (N/A, 30), (N/A)
	(4910 - 4990 @ 80), (N/A, 30), (N/A)
	(5030 - 5090 @ 40), (N/A, 30), (N/A)
	(5150 - 5350 @ 160), (N/A, 30), (N/A)
	(5470 - 5730 @ 160), (N/A, 30), (N/A)
	(5725 - 5875 @ 80), (N/A, 30), (N/A)
	(17100 - 17300 @ 160), (N/A, 30), (N/A)
	(57000 - 66000 @ 2160), (N/A, 40), (N/A)

The country doesn't matter (all countries are set to the same). But you should see that list of frequencies, anything less or with DFS options, and your changes to regulatory.bin haven't been applied, either because you need to compile your own version that trust your key (see the link at the end) or because you overwrote the wrong regulatory.bin.

iw list|grep dBm

These will give you a view of the resulting configuration. The first a list of the regulatory restrictions, and the second the net result of the channels available to you. You shouldn't see any "disabled" notes here, if you do, and you applied the crda changes correctly, then it means your firmware is preventing use of these channels.

If it doesn't seem to be working, try running:

regdbdump /lib/crda/regulatory.bin

If the output includes Database signature verification failed, your version of crda is probably compiled with static signatures, and you will need to compile and install your own crda binary using the instructions linked below. Fedora is known to use static signatures.

Making your own

Information on building your own is available from the kernel.org team at: https://wireless.wiki.kernel.org/en/developers/regulatory