Monday, March 23, 2009

PSP WiFi & Promiscuous Mode

I've recently started developing for the PSP. The programming language I use is C, it's syntax reminds me a lot of Java and it's quite simple, but more complicated than Java, once you get the grasp of it. It was quite easy to install PSPSDK (PSP development libraries for C) on my Ubuntu and it took me only one day to create and run a Hello World application =D

I'm now trying to create a WiFi Sniffer for the PSP. It's based on the WLAN Scan example which can be found in the PSPSDK. Unfortunately it only runs under kernel 1.50 as some commands need kernel mode. I've managed to create a PRX for the kernel functions but I can't seperate the Kernel and the User code correctly, the EBOOT.PBP and the PRX just don't work together as they should. Comment/Email me if you feel like helping me on this.

Anyway, instead of developing my application for the newest firmware I'm now trying to develop it for Kernel 1.50. Fortunately there is a way to run an Eboot in a 1.50 environment even if your firmware is 5.00. Visit Here to find out how.

Until now the closest anyone has got to a PSP WiFi Sniffer is an application which lists the surrounding WiFi hosts. No one has ever managed to put the PSP's WLAN card into promisc mode or anything even closely representing it. Unfortunately I don't think I will be the first to do this but I can atleast try, and share my results.

I started gathering information on the PSP's WLAN card. After googling for over three hours I had a pretty decent idea:

PSP has two WiFi chips:
* Marvell Libertas 88W8010 - RF Transceiver
* Marvell Libertas 88W8380 - ARM9 Processor
Found Here

A quick visit to the producers homepage reveals nothing usefull:
http://www.marvell.com/products/wireless/index.jsp

After some more googling:
PDF on cracking WEP and WPA

Another very nice idea here.

FOUND IT!

Hidden in a very deep corner:
A very useful handbook written by Marvell
It explains all about the WLAN Subsystem: Host Driver, Firmware, and Interface

This is what everyone has been searching for! It's a 142 page handbook explaining WiFi cards built by Marvell. Guess what? It even explains how to turn on/off promiscous mode (page 36&37) =D

Now I just need to find a way to do what it tells me to do and I'm on my way =D

Edit:
Another nice find:
"This file contains definitions of WLAN commands"
Here's the Readme by Marvell, unfortunately not for PSP =/

4 comments:

Kiaôs said...

Hello, My name is Kiaos and me and an few developers at http://psp.wijou.com/ are working on an psp application for Cracking wireless networks. The program is called aircrack-psp and our project manager is gaby_64. Please contact gaby in an post on the forums and maybe you can help Create this awesome program that so many people are interested in. post at http://psp.wijou.com/forum/?showtopic=815

Kiaôs said...
This comment has been removed by the author.
Red said...

it's very nice to see somebody else interesting in this direction

please, say does it any progress?

Anonymous said...

Here's an idea: get a nokia N900!
its a mobile phone with a touchscreen as well as a sliding back with a full qwerty keypad - running an opensource linux-based operating system * AND aircrack has already been successfully ported to this device!!!