WiFi RECON

DISCLAIMER

Any actions and or activities related to the material contained within this Website is solely your responsibility. The misuse of the information in this website can result in criminal charges brought against the persons in question. Cyber Security Associates Limited, will not be held responsible for any criminal charges brought against any individuals misusing the information in these projects to break the law.

Please ensure you are using the latest SD Card image which is available here.

 

Teacher Overview

Wi-Fi is radio-based networking technology that is defined by the IEEE 802.11 standards, this makes it easy for any company that is making Wi-Fi technology to work to the same standards, so all devices will be able to communicate together. There is a very wide range of technologies that utilise Wi-Fi: Phones, PC’s, consoles, TV’s are but a few. Invite the students to think about other technologies that can use Wi-Fi and research these devices to see how they have developed over time. There are specific radio frequency bandwidths, such as 2.4GHz and 5GHz that are reserved for Wi-Fi communication, these universal bandwidths allow Wi-Fi devices to communicate effectively with each other. There must be a transmitter (usually a router) and a receiver (a laptop) and depending on which way the transfer of data is going they will switch roles. There are limits to Wi-Fi, primarily its range, as the wavelength of the RF that Wi-Fi is transmitted over is insulated by walls, so range is quickly reduced.

There are a range of Linux Flavours that can be used to install the tools for ethical hacking. Hence, Linux currently is preferred over Windows or MacOS in the cyber security industry. Linux is a family of free and open-source OS built around the Linux kernel. The kernel is the core of an OS, which has complete control over the software and hardware of the device. It is one of the first programs loaded on start-up and handles input/output requests from the software, translating them into instructions for the CPU and handles memory and peripherals e.g keyboard and mouse. Raspbian is an OS that is created specifically for the Raspberry Pi because it works with the ARM processor which is distinctly different to a processor like the Intel’s that you can find in your PC.

Another OS is Kali Linux, which has been created specifically for ethical hacking and digital forensics and is loaded with numerous of tools such as nmap, metasploit. Kali Linux also has a range of security tools and digital forensic applications that can be applied to many situations and currently is one of the most popular OS for cyber security specialists. The advantage of using Linux for most of these powerful tools is the ability to load them onto nearly any Linux flavour. There are other OS made for penetration testing such as Parrot OS and Black Arch but generally it is easier to access Kali Linux than these alternatives.

Kismet is a very powerful tool that can be installed onto any Linux machine, it has a very simple GUI and focuses on collecting data and creating detailed reports that can present a lot of information about the Wi-Fi access points in the local area. Kismet can also present the encryption algorithm of the AP, the wireless clients that are currently connected to that AP and allocate GPS data to the AP location that can be presented at a later point in Google Maps.

Type python3 main.py <the correct Kismet file>.netxml result.csv to convert a netxml file to csv

Once you have the csv file it can be imported into Google Maps, this requires a Google account.

 

Suggested Year Group

The suggested age group is 15+, due to the nature of the project and the skills it will develop.

 

Learning Outcomes

1.         Stress the explicit nature of the disclaimer on the student worksheet;

2.         Instruct the students as to the fundamentals of Wi-Fi and Radio Frequency;

3.         Teach the students about Raspbian and the fundamentals of “ethical” hacking;

4.         Show the students how to use Kismet and interpret the data received.

 

HARDWARE REQUIRED

Component Number (Peli Case)

(Base) 4 + 5

(Base) 5

(Base) 1

(Level 1) 6

(Base) 9

(Level 1) 3

(Level 1) 3

(Level 1) 5

(Level 1) 1

Component Number (Box Case)

Slot 1

Slot 11

Slot 3

Slot 12

Slot 2

Slot 11

Slot 11

Slot 12

Slot 13

Component

Raspberry Pi + Case

Raspbian SD Card

USB GPS

Alfa WiFi Card

TFT Screen

HDMI

Wireless Keyboard

Wireless Mouse

Power Supply

 

Video Guide

 

Conclusions

The process of collecting wireless and GPS data is known as ‘wardriving’. There are large databases and websites (www.wigle.net) that are dedicated to collecting this information. Currently, there are no laws against collecting this type of information as it is revealed freely but it does become illegal when this data is collected with the intent of malicious purpose. Use this information carefully but it is important for students to understand what kind of data is exposed using Wi-Fi scanning, as there are a range of attacks that can be performed by understanding how Wi-Fi works. Specific attacks include man-in-the-middle attacks that require packet injection to modify data and change it before it reaches its intended target.