cd hak5-wifi-coconut
mkdir build
cd build
cmake ../
cmake will confirm that the required dependencies are available.
Compile
Still in the build directory, run make to compile the code:
make
Install
While still in the build directory, finally, install the compiled programs:
make install
This will install the wifi-coconut tool to the default path (/usr/local/bin by default), and the rt2800usb firmware to /usr/local/share/.
Running
Running the wifi_coconut tool requires root privileges, since it performs raw access to the USB devices. Run it via sudo:
sudo wifi_coconut
Additionally, the wifi_coconut tool takes several options to automate behavior:
Usage: wifi_coconut [options]
By default, the wifi_coconut tool opens in interactive mode.
Universal options:
--disable-leds Go fully dark; don't enable any LEDs
--invert-leds Normally a Wi-Fi Coconut enables all the LEDs
and blinks during traffic; Invert only lights
when there is traffic.
--disable-blinking Disable blinking the LEDs on traffic
Non-interactive modes:
--no-display Don't display channel UI while logging
--wait Wait for a coconut to be found
--pcap=[fname] Log packets to a pcap file. If file is '-',
a pcap file will be echoed to stdout so that it can
be piped to other tools. --wait-for-coconut Wait for a coconut to be connected and identified
--list-coconuts List Wi-Fi Coconut devices and exit
--coconut-device=X If you have multiple Wi-Fi Coconuts, specify
which one to use
--enable-partial Enable a Wi-Fi Coconut even if not all the
radios have been identified.
--plain-dot11 Log plain 802.11 packets instead of radiotap
formatted packets with signal and channel
--quiet Disable most output
Integrating with other tools
Output from the wifi_coconut tool can be directly piped to other tools like tcpdump or tshark:
After connecting the WiFi Coconut, you can look at the output of lsusb to confirm that the radios have been found:
% lsusb | grep '148f:5370'
Bus 007 Device 038: ID 148f:5370 Ralink Technology, Corp. RT5370 Wireless Adapter
Bus 007 Device 035: ID 148f:5370 Ralink Technology, Corp. RT5370 Wireless Adapter
Bus 007 Device 031: ID 148f:5370 Ralink Technology, Corp. RT5370 Wireless Adapter
Bus 007 Device 027: ID 148f:5370 Ralink Technology, Corp. RT5370 Wireless Adapter
Bus 007 Device 032: ID 148f:5370 Ralink Technology, Corp. RT5370 Wireless Adapter
Bus 007 Device 028: ID 148f:5370 Ralink Technology, Corp. RT5370 Wireless Adapter
Bus 007 Device 037: ID 148f:5370 Ralink Technology, Corp. RT5370 Wireless Adapter
Bus 007 Device 034: ID 148f:5370 Ralink Technology, Corp. RT5370 Wireless Adapter
Bus 007 Device 030: ID 148f:5370 Ralink Technology, Corp. RT5370 Wireless Adapter
Bus 007 Device 026: ID 148f:5370 Ralink Technology, Corp. RT5370 Wireless Adapter
Bus 007 Device 036: ID 148f:5370 Ralink Technology, Corp. RT5370 Wireless Adapter
Bus 007 Device 033: ID 148f:5370 Ralink Technology, Corp. RT5370 Wireless Adapter
Bus 007 Device 029: ID 148f:5370 Ralink Technology, Corp. RT5370 Wireless Adapter
Bus 007 Device 024: ID 148f:5370 Ralink Technology, Corp. RT5370 Wireless Adapter
If all the radios do not appear, check the output of dmesg - you may need to run sudo dmesg depending on your Linux distribution.
Root required
When running the wifi_coconut tool or coconut capture with Kismet, root is required. Run the wifi_coconut tool with sudo, and install Kismet as suit-root or run it via sudo as well.
