Kismet Wireless

Kismet Forums

 

Posted by:shutin
Subject:New Kismet version confirmed working on Raspberry Pi
Date:01:50:46 15/05/2013

> > Just dropping a note to let everyone know setting this up on the Raspberry Pi is well, easy as pie. Same build routine as any other. Download the source from here and that's it! I did it on the stock debian wheezy image available on the Pi site.
> >
> > Warwalking without Android Wigle is becoming a reality.
>
> Hi
>
> Sorry to bother you, but im still trying to establish if Kismet-drone is what I need , and it it works on Raspberry PI, then it could well be.
>
> Im wanting to locate any wireless clients in an area for analytics purposes - how many people are passing though, how often they return, how long they stat for etc. This are not necessarily associated clients, purely people with a wifi enabled phone thats on (detecting probe frames)
>
> Data then gets streamed to a remote central server for DB storage and analytic.
>
> Does this sound possible on the PI based on your experience?
>
> Many thanks
>
> David

I am interested in the same things. First off, you could do anything on the Pi that you could do on a laptop or other computer with kismet installed, the Pi is just an ultra portable form factor. I'd suggest running the Kali distro because of the large amount of support for a variety of wifi cards. In my opinion it's also the best distro for Pi, regardless of any of the hacking tools included with it. In your case, you could drop the Pi in a hidden area, or ideally, somewhere up high mounted on a wall to catch the most waves, and hook up a 12000mah portable battery source.

I don't have any experience running kismet_drone. Typically you would run a drone on something that couldn't handle the full kismet server (like a linksys router), because you can configure the server to forward packets just like a drone does. I'd toyed with this but never got it running successfully. The only documentation I've been able to find is what is included with kismet, and it's not a HOWTO, more of a reference for the config files. So, good luck with the forwarding-to-a-remote-server part. If you get it working please share your config files here!

So if you are like me and struggle with that setup, you could just run the server and let it collect packets of everything that passes by. Now, you will catch a large amount of packets even if you have a single usb dongle hopping over every channel. With the Pi, you'll be limited (to probably two or so) dongles because you'll need an external usb hub to power them and that can become ungainly.

Now comes the hard part. I've asked dragorn for advice on how to do the things you want to do and he's going to tell you what he told me-- read the logs. dragorn has made kismet output every possible variety of well-formed logs that include all the info you could possibly want. The only problem is that you need to acquire the skills to parse them. He's not going to hold your hand, nor should he. People have written many tools to parse the logs for GPS related solutions, but sadly, most are either out of date or do basically the same thing. If you are going to keep the Pi in a static location, these will do little for you. The logs you care about are the text and xml logs which list all the networks and clients found. If you can figure out how to parse them into some kind of html report, please share that script with us. They actually look good on their own, but they are very raw and need formatting to make them more easily digestible to the eye.

There is one tool that I really like but is not kismet-related. In the aircrack-ng toolset is a utility called airgraph-ng. You need to run airodump-ng (creates a raw dump of wifi traffic) and have it create a csv file of clients and networks. Depending on the switch you supply, it can create a PNG picture of the relationships between clients and networks. It's pretty cool. I wish someone would port it to work with kismet. Maybe it does work, I haven't tried. http://www.aircrack-ng.org/doku.php?id=airgraph-ng

there is one other tool that created some pretty cool reports from kismet. It's called WifiZoo. Basically you start up kismet and have it channel hop and then run wifizoo which starts up a web page that parses the logs and shows you a variety of information. Installing it can be a serious pain in the ass, so I suggest running the BLackBuntu livecd which has it installed and setup, ready to go. It also sniffs out cookies for session hijacking if the networks are open.

Good luck and don't forget to share anything you come up with!


Reply to this message