Wardriving/WiFi Sniffing


War driving, also known as "WiFi sniffing" is the process of locating WiFi networks, and potentially sniffing their traffic. War driving involves searching for wireless networks with vulnerabilities while moving around an area in various methods such as driving, walking, or biking. They use hardware and software to discover unsecured WiFi networks then can gain unauthorized access to the network by cracking WiFi passwords. Then records vulnerable network locations on digital maps, known as access point mapping, and may share that information with third-party applications or websites.

As mentioned before this is able to detect unsecured WiFi traffic. So when you're connected to an open public WiFi, sniffing is able to capture and log the traffic between your machine and the access point, and potentially capture unsecured credentials when logging into an insecure website, or gather encrypted traffic to attempt to decrypt later.

In some cases, a method of war driving is also capturing encrypted WiFi passwords in the form of a Handshake or a PMKid, using methods and tools like aircrack or hcxdumpttool, to then crack later and connect to later.


There's multiple ways of war driving, using your laptop a Raspberry Pi with appropriate devices such as GPS adapters, antennas, or even your phone with the WiGLE WiFi app. Popular softwares include Wireshark, Kismet, or use specified devices such as the WiFi Coconut from Hak5.

This is a bit of a grey area in some cases/areas and depending what you doing, weather you're just scanning networks and nothing more, or attempting to gather WiFi hashes. Typically this is not as it's just collecting basic public information, such as the WiFi name(BSSID), the security(WPA, WPA2, etc), and location(using GPS). This isn't inherently malicious or nefarious but it could be used that way by those with malicious intent.

Last updated