I'm now trying to create a WiFi Sniffer for the PSP. It's based on the WLAN Scan example which can be found in the PSPSDK. Unfortunately it only runs under kernel 1.50 as some commands need kernel mode. I've managed to create a PRX for the kernel functions but I can't seperate the Kernel and the User code correctly, the EBOOT.PBP and the PRX just don't work together as they should. Comment/Email me if you feel like helping me on this.
Anyway, instead of developing my application for the newest firmware I'm now trying to develop it for Kernel 1.50. Fortunately there is a way to run an Eboot in a 1.50 environment even if your firmware is 5.00. Visit Here to find out how.
Until now the closest anyone has got to a PSP WiFi Sniffer is an application which lists the surrounding WiFi hosts. No one has ever managed to put the PSP's WLAN card into promisc mode or anything even closely representing it. Unfortunately I don't think I will be the first to do this but I can atleast try, and share my results.
I started gathering information on the PSP's WLAN card. After googling for over three hours I had a pretty decent idea:
PSP has two WiFi chips:
* Marvell Libertas 88W8010 - RF Transceiver
* Marvell Libertas 88W8380 - ARM9 Processor
A quick visit to the producers homepage reveals nothing usefull:
After some more googling:
PDF on cracking WEP and WPA
Another very nice idea here.
Hidden in a very deep corner:
A very useful handbook written by Marvell
It explains all about the WLAN Subsystem: Host Driver, Firmware, and Interface
This is what everyone has been searching for! It's a 142 page handbook explaining WiFi cards built by Marvell. Guess what? It even explains how to turn on/off promiscous mode (page 36&37) =D
Now I just need to find a way to do what it tells me to do and I'm on my way =D
Another nice find:
"This file contains definitions of WLAN commands"
Here's the Readme by Marvell, unfortunately not for PSP =/