Trustwave and Cybereason Merge to Form Global MDR Powerhouse for Unparalleled Cybersecurity Value. Learn More
Get access to immediate incident response assistance.
Get access to immediate incident response assistance.
Trustwave and Cybereason Merge to Form Global MDR Powerhouse for Unparalleled Cybersecurity Value. Learn More
I purchased a Raspberry Pi a few weeks back. I found that I could power it, with a WiFi card and a GPS from my 12000mah Li-Ion battery pack for about 12 hours. What a great way to explore without having to have a huge laptop or giant battery in my bag.
From that I did a little bit of driving and biking with this tool kit, passively looking for and logging networks. I could have easily used my NinjaTel phone (and will attempt this in the future), but I wanted something that I didn't have to mess with too much and would have a long battery life to "power all the things".
From this, I found that out of 6,164 APs identified, only 5% had WEP configured (which is flawed). That is a total of 327 APs that still had WEP enabled. Not to bad as a basic health check. Of course, more data would always be better.
The Raspberry Pi model B uses 700mah of power alone. If it dips or goes below that, it crashes and will need to be manually rebooted. That is why it's very important to supply at least 1Amp (or more) to the Pi itself and use a USB power splitter cable for the Wi-Fi device. At first, the Pi was crashing when I would fire up Kismet as the USB WiFi adapter pulled more (m)amps than could be supplied from the Pi. Below is a picture of one of these said cables. Plug the pass-through port into the power, and the other into the Raspberry Pi.
The first thing to do is get the Pi OS setup. You will need to install the "Raspbian" image and set up and expand the primary partition to use an entire SD card. There are many good tutorials on this, and the Raspberry Pi site has lots of documentation.
Once our OS is installed, we will then need to add the necessary packages to support Kismet.
SSH into your Pi as "pi", and download the Kismet code (or add it to your apt sources):
wget http://www.kismetwireless.net/code/kismet-2011-03-R2.tar.gz
First things first, screen. Screen is a great tool for having multiple virtual "consoles" that can continue to run in the background. I use them a lot when doing pen tests. I could run Kismet in server-only mode, but I don't have a Kismet client on my stock iPad. But I do have an SSH client, so instead, I'll just run the full ncurses UI in a screen session.
This will allow me to easily detach from the session and reattach where I left off. Also, we need to install some prerequisites before we begin compiling Kismet. I'm installing TCP dump as well. It's a very valuable tool to check and verify network traffic, or just peak at the data going across a network.
sudo apt-get install screen gpsd ncurses-dev libpcap-dev tcpdump
Wait for that to finish... Get some coffee or Tea.
Next, configure GPSD for your equipment. As I used a USB GPS device, I just updated the file /etc/default/gpsd with my relevant hardware.
/etc/default/gpsdGPSD_OPTIONS="/dev/ttyUSB0"
Now we get to compile and install Kismet from the source we downloaded earlier.
tar xfvz kismet-2011-03-R2.tar.gzcd kismet-2011-03-R2./configuresudo make install
This takes a while... like minutes... reminds me of the days of sub-GHz processors, oh wait that is what the Pi is. It's great for graphics, but kind of slow for compiling, and I believe that is due to the SD card bus being the bottleneck.
Next, to speed up the start-up of kismet, edit your /usr/local/etc/kismet.conf to point at your wireless card. Check out the Kismet README, section five, for examples for your card. Otherwise, the newer version of Kismet will ask you for the wireless interface each time it starts up.
I added the following line to the /usr/local/etc/kismet.conf config file:
ncsource=wlan0:name=RTL8187
Now plug in "all the things" and take it out on the town for a spin.
screenkismetCtrl-A-D
Go for a drive, walk, or bike (my favorite pastime) and collect some data. Then take that raw Kismet data and combine it using the netxml2kml python script. Run it through netxml2kml.py, and then import the KML data into Google Earth and plot your WiFi data. Check out which of your neighbors still have WEP. Ideally, the next feature should be showing where people still have WPS enabled, but that's for another time.
Trustwave is a globally recognized cybersecurity leader that reduces cyber risk and fortifies organizations against disruptive and damaging cyber threats. Our comprehensive offensive and defensive cybersecurity portfolio detects what others cannot, responds with greater speed and effectiveness, optimizes client investment, and improves security resilience. Learn more about us.
Copyright © 2024 Trustwave Holdings, Inc. All rights reserved.