Jump to content

Search the Community

Showing results for tags 'kismet'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • New USB Rubber Ducky
    • WiFi Pineapple
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
    • WiFi Coconut
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • Legacy Devices
    • Classic USB Rubber Ducky
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL







Enter a five letter word.

Found 25 results

  1. I'm having an issue with Kismet not saving logs. Below are my non-default settings in the kismet_logging.conf with the comments removed. enable_logging=true log_title=Kismet log_prefix=/root/kismet_logs log_types=kismet,wiglecsv I created the "/root/kismet_logs" directory as a test when the default setting "log_prefix=./" was not saving to the pineapple from the directory I was launching kismet from (Default: /root). I've tried to find some other documentation on this issue, but I could not the same issue reported. Any help or advice would be appreciated!
  2. LILYGO® TTGO T-SIM7000G ESP32 Wireless Communication Module https://www.banggood.com/LILYGO-TTGO-T-SIM7000G-ESP32-Wireless-Communication-Module-Small-Card-Development-Board-p-1652592.html?rmmds=search&cur_warehouse=CN#jsReviewsWrap http://www.lilygo.cn/ Hi all, i have been looking at this device to combine a small rig that i can leave at a location for wifi/ble recon or for other purposes. What i really like with this module is the combination of options such as saving the .pcap file to a SD card, the availability to connect to the device from the cellular network and of-course the esp32 with wifi and ble capabilities. I have not yet bought any modules and i am looking for advice. Though it would be interesting to hear if anyone tried giving the module a test-run? Sum, Is the module worth it? Edit: The SIM7000G is just a 2G compatible chip though - so scratching the "lte".
  3. Kismet - Pineapple Edition - With WEB-UI I just saw the video uploaded by Hak5 to youtube the other day, where they used an array of Tetra's running Kismet to scan ALL channels at all times. After that, i just had to get it working! Today i finally managed to compile the latest source-files for kismet, which also has a working web interface. I've tested it all day on my Tetra, but it should be working on the Nano as well. It might complain about the version of libmicrohttpd , so i recommend to also download the version of libmicrohttpd on my repo. (links to ipk's below) All the other libs should work (downloaded under installation), if you just remember to run opkg update before installing them. I've updated the version of Kismet (26.05.2018). So the "issue" with libmicrohttpd should be fixed, and it should now be content with the version on openwrt's repos. which it downloads under installation. Also tried adding support for libpcap and pcre, please test it out. ? Kismet Kismet-remote After installation: Run "kismet" inside a SSH terminal to the Pineapple. Kismet should launch. You should now be able to access the web-interface on TCP-port 2501. (Eg: Another tip: run airodump-ng-oui-update on the Pineapple When completed, run: ln -s /etc/aircrack-ng/airodump-ng-oui.txt /etc/manuf This will make Kismet use Aircrack-ng's OUI database. ? Ask questions, or whine about issues here. I'll try my best to keep it up to date. Makefiles needed for the OpenWRT-SDK can be found on the repo. mentioned above, if you want to compile it yourself.
  4. I recently decided I was sick and tired of using my laptop to wardrive and needed something more portable. I decided to take one of my pi3's load the Kali arm image and went mostly off of this tutorial. The pi has been set-up to start the wifi on boot and not wait for sign-in which, this tutorial does not provide. However the problem is the headless nature of the project. I started writing a small shell script that basically starts gpsd in the background, verifies successful initialization with $?, then puts wlan1 into monitor mode with airmon-ng, and from there, I need to start a headless instance of Kismet. This is where I am having issues. Kismet almost always refuses to run in the background, I run kistmet_server -i wlan1mon -t <logname> -s and it still populates data in the foreground and when I close the terminal so that I can just throw the pi in a bag and go on my merry way, it stops functioning/logging. Any ideas?
  5. Hello, I'm a frequent wardriver (Walker actually, whenever possible.) and I like the new size of the Nano, so I was thinking about using it to do the job. I usually use the Wiggle app, but this drains my battery pretty quickly. The only thing I need to make this work is a GPS that works with any program I could use for this. (For example I've read a lot about using Kismet with a GPS) Are there any GPS units that both work with the pineapple, and are small enough to reasonably attach to the Nanos tactical case? Here is a picture for size. Take from another post.
  6. I am having an issue with capturing packets with KISMET installed on my Pineapple. In my configuration I have tried: ncsorce=wlan1mon ncsource = wlan1monmon ncsource=wlan1monmon:type=mac80211,hop=true,forcevap=true ncsource=wlan1mon:type=mac80211,hop=true,forcevap=true I have also tried to manually modify wlan1mon with iwconfig wlan1 mode modify When I forcevap=true the red light turns off. The other methods the red light is blinking but there is nothing being captured by KISMET.
  7. Hello everyone, I just finished to configure Kismet to do some tests on my Pineapple. Everything works just fine but I have a problem: I don't find a way to block it to run on startup. I searched in the documentation, in all aff the configuration files but didn't find anything... I also added this command to the rc.local file, but that doesn't work: killall kismet_server Anyone have a solution? Thanks!
  8. I'm looking to do some site scanning on both the 2.4Ghz and 5Ghz range. I thought the Tetra would be ideal for this using one radio for 2.4Ghz and the other for 5Ghz. I've seen a number of guides for using Kismet with the NANO and MarkV but nothing specifically for the Tetra. I've installed kismet-server and kismet-client using opkg, a release from 2013 it appears. I have a few issues The interface doesn't show any networks, but it does show statistics on the channels and data packets captured. Kismet doesn't honour the channellist or channels I set for each interface in the config file, it always uses the autodetected list from the chipset. I have to go into the kistmet-client interface and manually set the channels. The autodetected list is also wrong and tries to set the card to channels it can't support based on iwlist. Despite it showing nothing the pcap it outputs contains all the information expected, I can see and filter between 2Ghz and 5Ghz networks etc. Unfortunately this isn't very useful for onsite scanning where live feedback on networks is crucial. Any help or insight greatly appreciated. The reason airodump-ng and the recon module aren't fit for this purpose is because I parse the pcap and need the PPI header information to extract the band and signal strength. Airodump-ng on the pineapple doesn't export PPI headers or even basic radiotap headers. I've also tried running them in parallel to use the output of airodump, but it doesn't seem to deal with 5Ghz networks very well.
  9. Hi everyone, I need to use the pineapple nano to generate a heat map with google earth (or google map) of the signal strenght. Here is what I have done until now: 1. install kismet, gpsd and share gps (android) 2. send the gps data to gpsd and bind kismet with gpsd to get the gps data I tried giskimsmet, to generate a .kml file to import in google earth and see the access point. This is working. Now the heatmap! I tried kisheat (https://github.com/roobixx/kisheat) , but it failed (the image generated are too small and doesn't represent the real spec). I know there is some paid software that can do that, but I want to use the pineapple to do that. Any idea? :)
  10. Was just wondering if there was a way to install gpsd on the nano? It doesn't seem to be listed in opkg. Thanks
  11. Hi All, Working on a new infusion that assist with using the WiFiPineapple as a war driving device. The infusion and packages add GPS support to the already existing kismet package. As well as the ability to use an Android device as the GPS. Prebuilt packages and sources available here: http://magikh0e.ihtb.org/wifipineapple/. I have already started the basics of the infusion any ideas or comments would be appreciated! Below is some screenshots of what I have done so far. Packages Required kismet_server (main repo) libgps (my repo) libgpsd (my repo) gpsd (my repo) adb (my repo) Devices Tested Nexus 6 Samsung Galaxy S3 Nexus 7 2013 (wifi) OnePlus One (thx reckt0r) Android Versions Tested Android 5.1 (lollipop) Android 4.4.4 (KitKat) Help Screen GPS Setup Small tile XML output download Using the *.netxml files you can convert them into KML format using giskismet, then load the KML file into Google Earth and get something similar to below. Tutorial on the conversion process located here: http://magikh0e.ihtb.org/pubPapers/Kismet-AndroidGPS.html
  12. I plan on using a Raspberry Pi 2 running Raspian. I want to wardrive wifi and bluetooth at the same time also while using gpsd of course for a rough location on one Raspberry Pi. I will be using an Alfa w/ external antenna and an Ubertooth w/ external antenna. Now for some questions... 1. Will I need to run (2) instances of Kismet, or can it be done is (1) instance, keeping in mind the Ubertooth needs to run a plug-in? 2. If I need to run (2) instances of Kismet, will I need to use (2) separate config files, and/or two installations of Kismet in differing locations? 3. I'm assuming gpsd can feed GPS coordinates to both the wifi and bluetooth scanning? 4. Offer any insight to some problems you think I might run into, or recommandations on the best way to accomplish this, or even perhaps a better way? Any feedback would be much appreciated..Thanks
  13. Could someone please explain this? I don't get why the names of the networks will all show up but not the MAC addresses. And why can't I scroll through kismet individually as opposed to the whole linux command line.
  14. Hello, I am not sure this is the best place to get "Ubertooth" support but I believe I have everything setup to support KISMET to generate logs files that may be opened in Wireshark and Wireshard should decode the captured Bluetooth packets. The problem I am having is that Wireshark is only showing 14 byte packets. I am pretty sure I captured a pairing process which should have payload. Ubertooth specan-ui is working and KISMET is logging some Bluetooth packets. Any support would be much appreciated. Ubuntu 14.04 LTS Firmware revision: git-8b7ee77 libbtbb-2015-10-R1 ubertooth-2015-10-R1 kismet-2013-03-R1b Wireshark Version 1.10.6 (v1.10.6 from master-1.10) Thanks. Jay https://www.kismetwireless.net/Forum/General/Messages/1448148793.330601
  15. Hi Guys! I've been trying to install Kismet Server package but I'm getting the following error after updating packages list: root@Pineapple:~# opkg update Starting update.. Downloading from https://www.wifipineapple.com/mk5/packages/Packages.gz Update successful. root@Pineapple:~# opkg -d sd install kismet-server Installing kismet-server (2010-07-R1-2) to sd... Downloading http://cloud.wifipineapple.com/mk5/packages/kismet-server_2010-07-R1-2_ar71xx.ipk. Collected errors: * opkg_download: Failed to download http://cloud.wifipineapple.com/mk5/packages/kismet-server_2010-07-R1-2_ar71xx.ipk, wget returned 255. * opkg_install_pkg: Failed to download kismet-server. Perhaps you need to run 'opkg update'? * opkg_install_cmd: Cannot install package kismet-server. root@Pineapple:~# I think redirection from cloud.wifipineapple.com to http://downloads.openwrt.org/ it's not working. Thank you.
  16. Hello Guy's last weekend i had the idea to try some war-cycling. and for that i grabbed my mk5 from the shelf and startet scurging the interwebs for information on how to connect a USB GPS dongle to the mk5. this was actualy real easey to do. and i installed the following for testing: Kismet_server and read some where that kismet could directly connect to my USB device. turns out that this is not the case for me. so i installde GPSD and after that kismet found a damn good GPS lock. i decided to run some more tests before i would go on my trip. and found that after starting and stopping Kismet & GPSD a few times the ttyUSB0 dissapears from my /dev folder. now my question is am i the only one having ttyUSB0 disapear on me or are there others on the forum with the same problem. and if so did any one find the reason why or solved it?
  17. Getting the .pcapdump files and importing them into wireshark just fine-- is there a way to get signal strength as well?
  18. got kismet running smoothly now would like to add gps to the war apple. anyone know which or if any gps dongle work with the pineapple?
  19. Hello, i tried to record noise level with kismet from wlan0/wlan1 but got no values there in the kismet logfiles. Should the wlan hardware provide these values or are there lost somewhere in the processing? Best regards, Rainer
  20. tl;dr: I've had a couple instances of my WarWalking data being corrupted when shutting off the Pineapple at the end of a session. Any suggestions for a method to cleanly shut down the Mark V without having to SSH in and type commands? For example, I believe the DIP switches are currently only read at power-up; maybe there's a way to configure one of them to generate a GPIO interrupt and have the interrupt handler signal a shutdown script? Full Story: I purchased the "Tactical Bundle" a while back and have been using it, along with the awesome GlobalSat BU-353S4 USB GPS puck, to do a little WarWalking. I ran into some problems along the way and thought I would share my solutions here in case others are having the same issues. Problem: I wanted to capture using both radios for fewer missed packets. Kismet supports this and will automatically coordinate the channels on each radio so that each one is always listening to a different channel. Solution: Kill hostapd process and put both radios into monitor mode. Problem: I wanted to auto-start in WarWalking mode at powerup, so I don't have to SSH in to type commands or start anything manually. Solution: Configure the DIP swiches to run a script (attached below). Problem: Pineapple has no RTC, so when it boots up without a network connection the NTP daemon cannot set the clock. This results in all the Kismet output files having the same "January 1st" date. Solution: Get the time from the GPS data stream. In my startup script I added a few lines to 1) Wait for gpsd to acquire a 3D satellite lock, and 2) to parse the output of gpsd for the time and use that info to set the system clock. Problem: Heat buildup inside the messenger bag. The Tactical Bundle comes with a very nice bag, but it has zero airflow through the interior, and the Pineapple runs a bit warm. Workaround: Limit duration of war walks. Most of mine last under an hour, so it hasn't really been an issue. Still, heat is the enemy of electronics' longevity, so I'd like to keep things as cool as possible. Solution: Different bag with better airflow. I've seen bags with mesh pockets on the outside which looks like they would have good airflow, but then the Pineapple is basically out in plain sight so stealth goes out the window. Plus there's no protection in case of a sudden rain shower or lawn sprinkler. Problem: Shutting down cleanly to avoid file corruption. I've discovered it's possible to have the Pineapple lose power just as Kismet is writing out its data files, resulting in a zero-length .netxml file and complete data loss. Don't ask me how I know this. Workaround: Upon returning home, plug into the network, SSH in and shut Kismet down manually. A bit of a pain, but it works. Solution: ??? Looking for ideas here! Here is my startup script that gets executed when the middle DIP switch is in the down position. #!/bin/bash # START CLEAN pkill hostapd pkill gpsd pkill kismet /sbin/ifconfig wlan0 down /sbin/ifconfig wlan1 down # START GPSD /usr/sbin/gpsd -n /dev/ttyUSB0 # WAIT UNTIL IT'S READY TO ACCEPT CLIENT CONNECTIONS sleep 1 # MONITOR GPS STATUS AND WAIT FOR SAT LOCK gpspipe -w | grep -qm 1 '"mode":3' # PARSE THE CURRENT UTC TIME FROM THE GPSD OUTPUT UTCDATE=`gpspipe -w | grep -m 1 "TPV" | sed -r 's/.*"time":"([^"]*)".*/\1/' | sed -e 's/^\(.\{10\}\)T\(.\{8\}\).*/\1 \2/'` # SET THE PINEAPPLE'S CLOCK date -u -s "$UTCDATE" # LAUNCH KISMET DAEMON /usr/sbin/iwconfig wlan0 mode Monitor /usr/sbin/iwconfig wlan1 mode Monitor /usr/bin/kismet_server --daemonize
  21. OK, so this is something of a continuation of this thread: https://forums.hak5.org/index.php?/topic/32535-wardrive/page-2?hl=kismet Since the topic changed a bit, and it's a little stale, I thought I'd start a new thread. Here goes: So, just as @barry99705 said, kismet_server will not run from one of the boot mode command lines or from the 'execute command' window under settings > advanced in the pinapple web interface, but if I SSH into the pineapple and issue the command, it works as expected. Here is my boot mode command: logger "Boot Mode 100 executing now..."; logger "Starting kismet_server..."; kismet_server And here is the relevant log output (with a couple of extra lines for context): Jan 1 00:00:08 Pineapple daemon.info dnsmasq-dhcp[1833]: DHCPACK(br-lan) [removed] Jan 1 00:00:08 Pineapple daemon.info dnsmasq-dhcp[1833]: DHCPREQUEST(br-lan) [removed] Jan 1 00:00:02 Pineapple user.info sysinit: /bin/sh: kismet_server: not found Jan 1 00:00:02 Pineapple user.notice root: Starting kismet_server... Jan 1 00:00:02 Pineapple user.notice root: Boot Mode 100 executing now... Jan 1 00:00:00 Pineapple user.info sysinit: Wed Jan 1 00:00:00 GMT 2014 Also, for grins, I tried the full path to the command in case PATH variables weren't quite loaded yet (I'm running kismet from my sd card.): logger "Boot Mode 100 executing now..."; logger "Starting kismet_server..."; /sd/usr/bin/kismet_server Resulting in a slightly more curoius error loading libcap.so.2: Jan 1 00:00:03 Pineapple daemon.info dnsmasq-dhcp[1833]: DHCPACK(br-lan) [removed] Jan 1 00:00:03 Pineapple daemon.info dnsmasq-dhcp[1833]: DHCPREQUEST(br-lan) [removed] Jan 1 00:00:02 Pineapple user.info sysinit: /sd/usr/bin/kismet_server: can't load library 'libcap.so.2' Jan 1 00:00:02 Pineapple user.notice root: Starting kismet_server... Jan 1 00:00:02 Pineapple user.notice root: Boot Mode 100 executing now... Jan 1 00:00:00 Pineapple user.info sysinit: Wed Jan 1 00:00:00 GMT 2014 The only other thing I could think of to do, again in case environment variables needed time to load, was delay the command execution via sleep ala: sleep 30 && /sd/usr/bin/kismet_server with the same results in the logs only delayed a bit. Any other ideas on how to get kismet to autorun at boot? This is my first attempt at doing anything interesting with the pineapple, and I don't want to give up until it works. Thanks!
  22. Can anyone suggest a single infusions solution or perhaps a set of infusions that would create a solution to what I thought would be a simple fix but alas, I'm missing something. I want to do the following on a pentest: - Warwalk my client's campus - full packet capture with radio spinning on channels 1-11 - ability to save the full packet, multiple channel, survey to a dump, or cap file for review in Wireshark **************************** I tried Wifi Survey - doesn't allow channel spinning and writing to a file like Kismet or airodump I tried tcpdump - it seems to work intermittently, but when I choose the monitor mode option it says it doesn't support monitor mode which seemed strange to me I tried Karma - hoping that maybe the same data would basically be in the log files but the radio doesn't spin on the various channels and do full packet capture resulting in a dump file unless I just missing something obvious ****************************** Basically, I need Kismet with GPS, full packet capture on channels 1-11 and save it to a dump/cap file. I'm hoping to set everything up, unplug, stick in my bag and warwalk.
  23. Hi all, I'm trying to get my ubertooth one to work in ubuntu 14.04 LTS. I followed the guide over at the github page which gives the following to compile/install kismet from source: sudo apt-get install libpcap0.8-dev libcap-dev pkg-config build-essential libnl-dev libncurses-dev libpcre3-dev libpcap-dev libcap-dev wget https://kismetwireless.net/code/kismet-2013-03-R1b.tar.xz tar xf kismet-2013-03-R1b.tar.xz cd kismet-2013-03-R1b ln -s ../ubertooth-2014-02-R2/host/kismet/plugin-ubertooth . ./configure make && make plugins sudo make suidinstall sudo make plugins-install Add "pcapbtbb" to the "logtypes=..." line in kismet.conf I then started kismet, set the ubertooth as the source and then go to set the plugin, but the ubertooth plugin is not there:
  24. Hi just wondering wether any one could clear this up for me, I have a Huawei wireless modem the 3g type now when I'm running wireshark i noticed that it send a constant stream of probe responses to ff:ff:ff:ff:ff:ff, now am i right in thinking that an AP will only send a response when receiving a request and why would you send a response to ff:ff:ff:ff:ff:ff also this is a constant stream not just once in a while and I cant see any probe requests being sent to the AP either. Is this normal or is there something wrong ?
  25. I've recently started mapping networks using Kismet and gpsd. I have discovered that my local council is using a mesh network or WDS to set up CCTV in my local area. I'm annoyed at this as they are using the system to spy on the housing estates. Even when they move their cameras around, it is easy to see where they have been previously installed as the sockets are still on the lighting lamp posts. I discovered these vacant lamp posts still transmit( must have AP's installed inside). Must admit the probe responses are what got my attention as they had 'CCTV' in the title:-) Is there a way to view what these cameras are seeing? I would love to prove these cameras insecure. Can anyone point me in the right direction to research this?
  • Create New...