Wardriving
Last updated
Last updated
Basic info of War driving can be found . War driving, also known as "WiFi sniffing" is the process of locating WiFi networks, and potentially sniffing their traffic. I am running this on a RaspberryPi 4(Zimaboard coming soon!) but you can run this on any linux host.
(I use a 3B+ and a 4) OR running
I have and recommend the following:
<-- Capable of 2.4GHz and 5GHz
<-- Capable of 2.4GHz and 5GHz
<-- Capable of 2.4GHz and 5GHz (This more than likely *will* require driver installation)
<-- Capable of only 2.4GHz BUT has 14 integrated WiFi radios so you can be on all channels, all the time.
This can be installed on most Ubuntu/Raspbian sudo apt install gpsd gpsd-clients
Raspbian Install (I usually go with Nightly builds):
Ubuntu Install (I usually go with Nightly builds):
**Skip this if you're running with a RaspberryPi**
Run lsblk and find the storage partition, most likely it will be sda.
Lets give the partition a label with sudo parted /dev/sda mklabel gpt
Now we can create the partition: sudo parted -a opt /dev/sda mkpart primary ext4 0% 100%
After running lsblk again we will see /dev/sda1
Create a filesystem on on the new partition with: sudo mkfs.ext4 -L datapartition /dev/sda1
Give the new parition an ame with: sudo e2label /dev/sda1 newlabel
I went ahead and mounted the partition under the /mnt directory but made it a folder called 'data': sudo mkdir -p /mnt/data
To set this to auto mount on startup I edited my /etc/fstab with: sudo nano /etc/fstab
Then added this to the bottom of the file: /dev/sda1 /mnt/data ext4 defaults 0 2
Now mount the new drive with: sudo mount -a
Verify this was successfully mounted with: df -h -x tmpfs
Since this was done as the root user, only the root user and create/modify files and directories in that drive so let's change the owner to us with: sudo chown th4ntis:th4ntis /mnt/data/(changing th4ntis with your username)
As the Zimaboard doesn't have a lot of storage and we want to change the log storage to the SSD, we have a couple options, we can edit the kismet.conf file OR use the kismet_site.conf file. I chose the kismet_site.conf file.
Edit the file: sudo nano /etc/kismet/kismet_site.conf
I changed the log location to: /mnt/data/kismet
as well as added the wiglecsv format for logging to upload
As long as you have a large enough MicroSD the Pi is running on, you should be fine BUT if you would like to use an external HDD or USB Drive for storage, we need to set that to automount.
Verify the drive you want mounted with: df -h andverify where it's mount location.
We need to find the UUID of the Drive we mounted, most likely will be /dev/sda1 but not always the case, so be sure to verify. Find the UUID with: sudo blkid /dev/sda1
We need to create a directory for this to me auto mounted on boot: sudo mkdir -p /mnt/usb1
Now change the ower of the newly made directory: sudo chown -R th4ntis:th4ntis /mnt/usb1(changing th4ntis with your username)
To set this to auto mount on startup I edited my /etc/fstab with: sudo nano /etc/fstab
Then added this to the bottom of the file: UUID=[UUID] /mnt/usb1 [TYPE] defaults,auto,users,rw,nofail,noatime 0 0 changing the [UUID] and [TYPE] to the UUID and type of your drive when we used sudo blkid /dev/sda1.
We have a couple options, we can edit the kismet.conf file OR use the kismet_site.conf file. I chose the kismet_site.conf file.
Edit the file: sudo nano /etc/kismet/kismet_site.conf
I changed the log location to the external HDD or USb Drive location: as well as added the wiglecsv format for logging to upload
I took the setup from the kismet_wardrive.conf and added it to the end my kismet_site.conf
Now we need to add the WiFi Radios, GPS, and Bluetooth sources to the kismet_site.conf
After plugging in your WiFi Radios, GPS, and Bluetooth adapters, depending which one you have, you'll wanna set the GPSD to the proper adapter. We can run dmesg to find the location of the USB device. The usual locations are:
Let's get the radio 'names' with: ip a
As I am using a WiFi Coconut, I will be having a lot of WiFi Radios. So take the WiFi interface name, eg. wlx0cefafd1408b, and copy as many of them as you have/will be using. Then we will edit the kismet_site.conf file and add the sources to that.
GlobatSat BU-353-S4:
VK-162/VK172:
With the device plugged in, set GPSD to the device, it shouldn't return an error, if it does you may need to troubleshoot the error.
OR
To verify if it is working properly we can run gpsmon OR cgps
Now, in our kismet_site.conf, we will add GPSD as a GPS source.
Now we can start and run kismet! We need to specify the WiFi Adapter and gps.
If you don't specify an interface in the original command, when on the dashboard, you can select the 3 Lines in the top left, select 'Datasources' and enable the sources you want to use.
From here we can verify the GPS is working with the green cross hair icon in the top right, as well as seeing the info.
and just as above, If you don't specify an interface in the original command, when on the dashboard, you can select the 3 Lines in the top left, select 'Datasources' and enable the sources you want to use.
From here we can verify the GPS is working with the green cross hair icon in the top right, as well as seeing the info.
As I installed Kismet from the package, the service for systemd is already there.
So lets set this up to run as our user. sudo systemctl edit kismet so edit the service. Changing the user to the 'kismet' user OR as the user you have setup.
So with this setup, let's start the service with sudo service kismet start.
Set the service to start on boot with: sudo systemctl enable kismet.
Verify the Kismet service is running with: sudo service kismet status.
This will automatically log all traffic to a Kismet log file with the date from the directory where the command was run.
You can then upload it.
- This is for the Zimaboard as it doesn't have much storage starting out.
- A powerful and popular tool made by . "Kismet is a wireless network and device detector, sniffer, wardriving tool, and WIDS (wireless intrusion detection) framework.It works with Wi-Fi interfaces, Bluetooth interfaces, some SDR (software defined radio) hardware like the RTLSDR, and other specialized capture hardware."
To install kismet, follow .
Kismet Config files readme can be found .
Kismet wardriving overlay docs can be found .
- gpsd is a computer software program that collects data from a GPS receiver and provides the data via an IP network to potentially multiple client applications in a server-client application architecture.
Now as the banner at the top says, we can go to the web interface at .
If you're on the newest kismet version (2022-01-git and subsequent releases) we can run kismet in a specified .
The README for starting Kismet at launch can be found .
If we have GPS enabled and the info, we can convert the file into a KML File to be used with . .
We are able to convert the file to pcap to be analyzed in . Docs can be found .
We can also upload the logs to . Docs can be found .
This mode will automatically create 2 files: a kismet file and a wiglecsv file to upload to . Docs can be found . This will sho that logging is greately reduced and will only be used for Access Point(AP) collection.
If we have GPS enabled and the info, we can convert the file into a KML File to be used with . .
We are able to convert the file to pcap to be analyzed in . Docs can be found .
