optybg Posted October 31, 2017 Share Posted October 31, 2017 Aloha! Can I use WiMonitor (Wi-Fi packet sniffing and network monitoring tool who captures packets and sends them to a remote IP address over Ethernet for further processing), with Packet Squirrel to save catched data to pcap files? Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted October 31, 2017 Share Posted October 31, 2017 Uhm..Yes, but why would you? The Packet Squirrel can do that by itself anyway with the TCPDump payload. Link to comment Share on other sites More sharing options...
biob Posted November 1, 2017 Share Posted November 1, 2017 Are you suggesting remotely monitoring WiFi packets and using the squirrel get the data outside of the site? Link to comment Share on other sites More sharing options...
optybg Posted November 1, 2017 Author Share Posted November 1, 2017 Yes. Basically WiMonitor is a TP-Link MR3020 portable router flashed with custom OpenWRT ROM. So this gadget can capture wireless packets and send them to your PC through Ethernet port for later analysis... but this is very obvious because you need to have a laptop with an open wireshark... So the question is, is it possible technically these packs to be recorded on the PS? Link to comment Share on other sites More sharing options...
biob Posted November 1, 2017 Share Posted November 1, 2017 Why not record them on the router? It has a USB port? Use aircrack-ng to capture packets an store them to Thumbdrive. Using the squirrel is an unnecessary step for what your discribing. Link to comment Share on other sites More sharing options...
Dave-ee Jones Posted November 1, 2017 Share Posted November 1, 2017 Firmware 1.1 allows you to plug in a WiFi adapter, so you can use that to grab WiFi traffic. However, I'm not sure how you would set it up. Link to comment Share on other sites More sharing options...
biob Posted November 2, 2017 Share Posted November 2, 2017 But can you enable WiFi monitor mode? Also if your using a WiFi dongle, where would you store the packets, as there is only one USB port? Link to comment Share on other sites More sharing options...
optybg Posted November 2, 2017 Author Share Posted November 2, 2017 WiMonitor have no built-in memory to save the .pcap file... Link to comment Share on other sites More sharing options...
biob Posted November 2, 2017 Share Posted November 2, 2017 Excluding the portable router..... I wonder if you can, put the PS on an internal network. Enable WiFi monitor mode and use VPN client mode to stream the WiFi packets to the external VPN server. Link to comment Share on other sites More sharing options...
biob Posted November 2, 2017 Share Posted November 2, 2017 Just now, optybg said: WiMonitor have no built-in memory to save the .pcap file... But doesn’t the router have a USB port? Use a usb memory stick to store the packets to. Link to comment Share on other sites More sharing options...
biob Posted November 2, 2017 Share Posted November 2, 2017 https://wiki.openwrt.org/toh/tp-link/tl-mr3020 Link to comment Share on other sites More sharing options...
optybg Posted November 2, 2017 Author Share Posted November 2, 2017 I think it cant save it to USB. It capture packets and then forward the packets to remote IP over Ethernet cable... Link to comment Share on other sites More sharing options...
biob Posted November 2, 2017 Share Posted November 2, 2017 2 minutes ago, optybg said: I think it cant save it to USB. It capture packets and then forward the packets to remote IP over Ethernet cable... It is possible... im running openwrt with Aircrack-ng and saving packets to a thumb drive! Hell I can even send them via the LAN! By the time you have added a PS, router, power it’s not going to be so covert. What you are proposing can all be done on your router. Adding the PS is just adding an unnecessary step, just for the sake of it. Link to comment Share on other sites More sharing options...
elkentaro Posted November 2, 2017 Share Posted November 2, 2017 you can output tcpdump to a remote location. tcpdump [whatever filter/command you fancy] | ssh someone@someserver “cat > dump.txt” basically just passing the output to the pipe. https://blog.urfix.com/9-ways-huge-tcpdump/ Link to comment Share on other sites More sharing options...
optybg Posted November 2, 2017 Author Share Posted November 2, 2017 elkentaro, biob Thanks for the info, I'm an absolutely rookie on the internet security :) biob what version of openwrt you are using with your TL-MR3020? After updating PS's firmware to 1.1, we will be able to use the Square with WiFi Pineapple along with some cool modules? Link to comment Share on other sites More sharing options...
biob Posted November 2, 2017 Share Posted November 2, 2017 1 hour ago, optybg said: elkentaro, biob Thanks for the info, I'm an absolutely rookie on the internet security :) biob what version of openwrt you are using with your TL-MR3020? After updating PS's firmware to 1.1, we will be able to use the Square with WiFi Pineapple along with some cool modules? Hi, Sorry, i’m not using a MR3020. I’m using a MT300A. An then using SSH to configure it e.g setup monitor mode, mount thumb drive and then run Airodump-ng from the root of the thumb drive.But the same could be done using tcpdump as mentioned above. You can install by using opkg. what custom firmware are you using? Are you only using the Web interface to configure the router? Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.