Kismet Wireless

Kismet Forums

 

Posted by:snr
Subject:WPS detection?
Date:10:11:29 30/03/2014

> Hey;
> Is there a way to detect and generate alerts for WPS enabled wifi networks?

You can detect it with the development version of kismet. You must compile it from source. See https://kismetwireless.net/download.shtml for instructions. WPS will be shown in the column called 'Crypt'. If you don't see that column then it must be enabled in the preferences menu via kismet>preferences>device columns>cryptstring. I don't think it is possible to sort the device list by this column. Also, this version of kismet will output kisxml and kistxt files which include the detection of WPS. Unfortunately kismet still does not detect the finer details of the WPS status like that obtained by dumping the reaver.db, generated by 'wash', of the 'reaver' program. So, kismet will tell you whether the device has WPS enabled but not whether WPS is configured or locked.

As for alerts, I do not think this is natively possible but, you could make a simple tcp client which would receive details about the devices visible to kismet - which will include the presence of WPS in the encryption string - and do whatever when WPS is detected. I haven't done much with the tcp interface yet but this line will give you a simple continuous output of device info and only show WPS enabled devices: "cat <(echo '!1234 ENABLE DEVICE name,macaddr,cryptstring') - | nc localhost 2501 | tr \\001 -- | sed 's/\*//' | grep WPS". Just give that command line while kismet is running. It will keep listing the same devices as long as they are detected. More information about the client/server protocol can be found in the source in kismet/docs/DEVEL.client


Reply to this message