Jump to content

Kismet - Now working on Pineapples!


Zylla

Recommended Posts

Kismet - Pineapple Edition - With WEB-UI

I just saw the video uploaded by Hak5 to youtube the other day, where they used an array of Tetra's running Kismet to scan ALL channels at all times.
After that, i just had to get it working!

Today i finally managed to compile the latest source-files for kismet, which also has a working web interface.
I've tested it all day on my Tetra, but it should be working on the Nano as well.

It might complain about the version of libmicrohttpd , so i recommend to also download the version of libmicrohttpd on my repo. (links to ipk's below)
All the other libs should work (downloaded under installation), if you just remember to run opkg update before installing them.

I've updated the version of Kismet (26.05.2018).
So the "issue" with libmicrohttpd should be fixed, and it should now be content with the version on openwrt's repos. which it downloads under installation.
Also tried adding support for libpcap and pcre, please test it out. ?

Kismet
Kismet-remote

After installation:

  1. Run "kismet" inside a SSH terminal to the Pineapple.
  2. Kismet should launch.
  3. You should now be able to access the web-interface on TCP-port 2501. (Eg: http://172.16.42.1:2501)

Another tip:

  1. run airodump-ng-oui-update on the Pineapple
  2. When completed, run:
    ln -s /etc/aircrack-ng/airodump-ng-oui.txt /etc/manuf

     

  3. This will make Kismet use Aircrack-ng's OUI database. ?

 

Ask questions, or whine about issues here. I'll try my best to keep it up to date.
Makefiles needed for the OpenWRT-SDK can be found on the repo. mentioned above, if you want to compile it yourself.

Link to comment
Share on other sites

  • Replies 75
  • Created
  • Last Reply

@kbeflo

Yes. It’s working on 2.1.0! :)

the only issue i mentioned was the version of libmicrohttpd in use on the Openwrt repos. is lower than the version i’ve compiled kismet with.

Which is why i provided the IPK to the same one used during compiling.

But i can easily fix it by re-compiling kismet with the same version that the Pineapple auto-matically downloads from openwrt repos. when installing (the older version)

I’ll see if i can fix that today :)

 

Link to comment
Share on other sites

Another tip if you get issues with RAM (memory) is to insert a usb drive with swap, so it has a little more to work witH.

Kismet is memory friendly, but when in a high traffic environment it can go up, and one will then definetly improve performance by having some swap ??

Link to comment
Share on other sites

@Zylla its sooo nice ? but you know... im always looking for more lol jokin - After a bit of exploration i notice it can also monitor rtl-sdr for 433mhz signals (as well as bluetooth - but i think thats not an option ATM) but we do have working RTL-SDR drivers on Pineapples - i plugged mine in and see the following errors and cant select it as source  -

ERROR: IPC could not find binary 'kismet_cap_sdr_rtl433'
ERROR: Data source  () encountered an error: failed to launch IPC binary
       'kismet_cap_sdr_rtl433'

Whats the chances of having a poke round at that? Feel free to tell me NO! ?

Link to comment
Share on other sites

6 hours ago, Zylla said:

Another tip if you get issues with RAM (memory) is to insert a usb drive with swap, so it has a little more to work witH.

Kismet is memory friendly, but when in a high traffic environment it can go up, and one will then definetly improve performance by having some swap ??

you think 8gb would be enough lol.  Awesome job works great.

 

May 26 2018 12:50:32 datasource not compiled with libcap capabilities control

May 26 2018 12:50:32 datasource not compiled with libcap capabilities control

keep seeing this in the terminal

Link to comment
Share on other sites

8 hours ago, PixL said:

The question is, can I plug a gps dongle into the tetra usb port and go wardriving with this?

Yes. As long as the Tetra manages to map the device to eg: /dev/ttyUSB0 (or whatever device it gets mapped as.)
Then if the Tetra manages to read from it, Kismet should also be able to read from it.

I have an iPhone (yeah, i'm getting it replaced with an Android device in the future), and been having great success "wardriving" with the App: GPS2IP ($6.99 USD @ AppStore (URL)).
So here's how do use it:

Method 1:
Using the command below on the Tetra will make netcat listen on TCP port 11123, and then forward the data to the device /dev/ttyUSB0

nc -l -p 11123 | tee /dev/ttyUSB0 &

You then setup Kismet to use /dev/ttyUSB0 it should be receiving GPS data perfectly.
(Remember: Socket must be marked in GPS2IP. The iPhone and Tetra has to be on the same network. Make sure to mark the correct network in GPS2IP, if not; no connections can be made)

Method 2:
Or you can setup GPS2IP to use Socket-mode, instead of using "TCP Push" as we did above.
Using the command below on the Tetra will make netcat connect to your iPhone's IP and PORT, and then forward the data to the device /dev/ttyUSB0

nc 192.168.1.15 11123 | tee /dev/ttyUSB0 &

You then setup Kismet to use /dev/ttyUSB0 it should be receiving GPS data perfectly.
(Remember: Socket must be marked in GPS2IP. The iPhone and Tetra has to be on the same network. Make sure to mark the correct network in GPS2IP, if not; no connections can be made)

 

8 hours ago, Just_a_User said:

@Zylla its sooo nice ? but you know... im always looking for more lol jokin - After a bit of exploration i notice it can also monitor rtl-sdr for 433mhz signals (as well as bluetooth - but i think thats not an option ATM) but we do have working RTL-SDR drivers on Pineapples - i plugged mine in and see the following errors and cant select it as source  -


ERROR: IPC could not find binary 'kismet_cap_sdr_rtl433'
ERROR: Data source  () encountered an error: failed to launch IPC binary
       'kismet_cap_sdr_rtl433'

Whats the chances of having a poke round at that? Feel free to tell me NO! ?

This is on my todo-list!
For example, the kismet version now is compiled "without" python support (for plugins).
But as python most definitely does work on OpenWRT, i don't see why it shouldn't be able to work here. It might need some customized tweaking to get it working, but it's definitely on my todo-list.
And should be doable. Hell, i got sslstrip+ working on these devices ?

 

2 hours ago, b0N3z said:

you think 8gb would be enough lol.  Awesome job works great.

 


May 26 2018 12:50:32 datasource not compiled with libcap capabilities control

May 26 2018 12:50:32 datasource not compiled with libcap capabilities control

keep seeing this in the terminal

I recommend every one of you to watch this awesome video uploaded to YouTube by Hak5. (Wifi Cactus)
Where they tested Kismet with like 20+ Pineapple Tetra's in a huge array. To cover every 2.4GHz + 5GHz channels, with no hopping!
Each Pineapple ran a client, and they all reported back the WiFi-traffic to a main kismet-server, which you could access the web-ui on.
Even with all these devices, and all that WiFi-traffic, it used quite low memory!
But still, kinda limited RAM on the Pineapples. 64MB on the Nano, and 128MB on the Tetra.
So my gut-feeling says to use swap on the Nano at all times. But on the Tetra; only if you experience issues.
I have medium amount of traffic around my house, some neighbors , and a lot of bypassing cars, buses, etc. It only used about 8MB RAM in the beginning, and then scaled minimally.

About libpcap, i'm gonna try to implement libpcap into this version. It's also on my todo-list ?

Last tip is to:

  1. Transfer the captures to a laptop, or thumb-drive. They can get quite big. Especially if you leave it running for a long time, in a high-WiFi environment.
Link to comment
Share on other sites

Updated Kismet just now.
It should now use the "correct" older version of libmicrohttpd, please test it and confirm if possible.
I've also tried adding support for libpcap, and pcre, as some users got some errors relating to that. Please check if those "errors/warnings" are gone. ?

Link to comment
Share on other sites

Regarding support for RTL-SDR within kismet, it seems to depend on python.
I'm currently trying to get it to compile with python, but it's going to take some time. ALOT of errors to go over.
But, i'm confident that it's possible to do. ?

Link to comment
Share on other sites

13 hours ago, Zylla said:

Updated Kismet just now.
It should now use the "correct" older version of libmicrohttpd, please test it and confirm if possible.
I've also tried adding support for libpcap, and pcre, as some users got some errors relating to that. Please check if those "errors/warnings" are gone. ?

im now away so will reflash and try again once home tomorrow.

Great news about RTL-SDR, i have been using https://github.com/merbanan/rtl_433  and its amazing what extra info it can dig out of the airwaves ? Im imagining kismet will do something similar so am quite excited about this being possible with a pineapple/SDR combo..

Link to comment
Share on other sites

install worked great!!!!  still shows the libcap error but other than that works great.  I started monitoring memory usage, Im using both radios and a 3rd usb radio, and im close to peaked out at 23mb with around 124 devices.  Im in a high traffic area also.

I also like to run my Tetra at home from the eth0 and you cant access the webui for kismet without adding some firewall rules

config rule
        option name 'Kismet-UI'
        option src 'wan'
        option proto 'tcp'
        option dest_port '2501'
        option target 'ACCEPT'
        option family 'ipv4'

add this to /etc/config/firewall and then you can access the WebUI for kismet from your network (192.168.x.x:2501)

Link to comment
Share on other sites

On 5/27/2018 at 4:09 PM, b0N3z said:

install worked great!!!!  still shows the libcap error but other than that works great.  I started monitoring memory usage, Im using both radios and a 3rd usb radio, and im close to peaked out at 23mb with around 124 devices.  Im in a high traffic area also.

I also like to run my Tetra at home from the eth0 and you cant access the webui for kismet without adding some firewall rules


config rule
        option name 'Kismet-UI'
        option src 'wan'
        option proto 'tcp'
        option dest_port '2501'
        option target 'ACCEPT'
        option family 'ipv4'

add this to /etc/config/firewall and then you can access the WebUI for kismet from your network (192.168.x.x:2501)

Yeh, the memory efficiency of Kismet is effing' awesome!
I saw in Hak5's "WiFi Cactus" movie, they setup a Kismet server on an embedded device (don't remember which one), and they had enough Tetras to scan all channels at once (both 2 and 5 ghz. I think it was about 20-24 Tetras)
The server who handled all the data from ALL those Tetra's was connected via ethernet, and had a total of 16GB RAM available, it only consumed like 128-256MB RAM!
The main problem/bottleneck they stumbled into was the the writing speed of the storage they used for their pcap.
He wore the "cactus" into DefCon (i think it was), and he had it running for like an hour or two. The pcap was around 40GB!
So i guess one could use a Raspberry Pi, but he chose something that had NVMe storage (512GB), to take care of the bottleneck-issue.
Sick... I hope we can get this optimized fully for the Pineapples! It'd be so awesome!
Perhaps one could combing the interface with a Pineapple Module as well. ?

Link to comment
Share on other sites

Wait WHAT? libpcap error?!
Did  it complain about missing libpcap.so.1.3???

The first IPK i accidently compiled with libpcap-1.3, as i forgot Hak5 had upgraded.
But the last ones was compiled with libpcap-1.8.1!
I'm gonna check this later today....

Link to comment
Share on other sites

2 minutes ago, Zylla said:

Yeh, the memory efficiency of Kismet is effing' awesome!
I saw in Hak5's "WiFi Cactus" movie, they setup a Kismet server on an embedded device (don't remember which one), and they had enough Tetras to scan all channels at once (both 2 and 5 ghz. I think it was about 20-24 Tetras)
The server who handled all the data from ALL those Tetra's was connected via ethernet, and had a total of 16GB RAM available, it only consumed like 128-256MB RAM!
The main problem/bottleneck they stumbled into was the the writing speed of the storage they used for their pcap.
He wore the "cactus" into DefCon (i think it was), and he had it running for like an hour or two. The pcap was around 40GB!
So i guess one could use a Raspberry Pi, but he chose something that had NVMe storage (512GB), to take care of the bottleneck-issue.
Sick... I hope we can get this optimized fully for the Pineapples! It'd be so awesome!
Perhaps one could combing the interface with a Pineapple Module as well. ?

The wifi cactus has been the only reason ive messed around with kismet as much as i have.  That thing is freaking sweet and Id love to see a Kismet module.

Link to comment
Share on other sites

Just now, Zylla said:

Wait WHAT? libpcap error?!
Did  it complain about missing libpcap.so.1.3???

The first IPK i accidently compiled with libpcap-1.3, as i forgot Hak5 had upgraded.
But the last ones was compiled with libpcap-1.8.1!
I'm gonna check this later today....

yes still libcap error.  It didnt say what version of libcap was causing it so im not sure.  If there is a way to check it, let me know ill dig deeper into the error.

Link to comment
Share on other sites

1 minute ago, b0N3z said:

yes still libcap error.  It didnt say what version of libcap was causing it so im not sure.  If there is a way to check it, let me know ill dig deeper into the error.

Could you paste the error?

Link to comment
Share on other sites

RROR: IPC could not find binary 'kismet_cap_sdr_rtl433'
ERROR: Data source  () encountered an error: failed to launch IPC binary
       'kismet_cap_sdr_rtl433'
INFO: datasource not compiled with libcap capabilities control
ERROR: IPC could not find binary 'kismet_cap_sdr_rtl433'
ERROR: Data source  () encountered an error: failed to launch IPC binary
       'kismet_cap_sdr_rtl433'
INFO: datasource not compiled with libcap capabilities control
INFO: datasource not compiled with libcap capabilities control

this what just showed up from running it.  only using wlan1mon right now.  I know about the sdr_rtl433 error.\

right after I got this also... 

May 28 2018 10:08:58 PACKETLOST Kismet has started to drop packets; the packet queue has a backlog of 1025 packets. Your system may not be fast enough to process the number of packets being seen. You change this behavior in 'kismet_memory.conf'.

This is with wlan1mon only and I have a 1gb swap from a usb drive and the swap is active.  Didnt see the memory usage when the error was thrown.  but this is also the first time ive gotten this message since the first version you put out.

Link to comment
Share on other sites

I would say that error is gone.  Only error showing is still the rtl433.  only other thing I have noticed is that after downloading the oui and symlinking it,  kismet still wont show manufacture (tp-link, apple device, netgear, etc)  not a big deal, just something I noticed

your link to kismet in the original post shows 404 error. dont know if thats just because you updated it or there is an error

Link to comment
Share on other sites

13 minutes ago, b0N3z said:

I would say that error is gone.  Only error showing is still the rtl433.  only other thing I have noticed is that after downloading the oui and symlinking it,  kismet still wont show manufacture (tp-link, apple device, netgear, etc)  not a big deal, just something I noticed

your link to kismet in the original post shows 404 error. dont know if thats just because you updated it or there is an error

Yeah, it seems that getting the rtl-433 need some more work. Or worse, compiled python support. :S
But glad to hear the libcap error is gone.
The issue with manufacturers not showing up, might be because kismet doesn't like aircrack's version, or unable to read it correctly.
Will look into that as well!

Also fixed the links, thanks for the headsup. ?

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.

×
×
  • Create New...