Backstory:
During my summer “break” at college, I decided to take on a security related project. I was trying to think of something fun and semi-useful for myself, but I couldn’t think of anything interesting to do off the top of my head. As I was currently enrolled in a SANS course, I had a notebook on me at all times and had a little section in a page dedicated to some ideas. It was then my instructor, Alissa Torres, mentioned a story about one of her neighbors walking through her neighborhood with a big ol’ antenna scanning wifi networks and knocking on his neighbors doors informing them if they had an unsecure access point or very poor security. As this put a funny image in my head, I remember learning about Wardriving when I took my Security+ bootcamp and figured I could create a Wardriving device with a RaspberryPi.Interestingly enough, there were several walkthroughs and writeups to create a “WarPi”, including a whitepaper by SANS Institute.
Materials used:
- RaspberryPi 3 Model B+
- Alfa Network AWUS051NH (Wireless Adapter)
- GlobalSat BU-353S4 (GPS Receiver)
- Battery Pack
- 16Gb MicroSD Card
- ThinkPad Laptop
Software Used:
- Kali for Pi
- Kismet
- GISKismet
During my initial setup, I went with Raspbian Lite. I wanted to keep the project as simple as possible and strictly for Wardriving, so I figured Raspbian Lite would be a good option. Unfortunately, for whatever reason the GPS receiver and GPS software that I installed was very unreliable in initial wifi scans. I’d say roughly only 20% of the time would the GPS actually turn on when using Kismet.
I also tried to use Kismets newer version, which proved to be problematic with GPS as well as the web interface. I really respect the folks over at Kismet for creating that web interface, but unfortunately at the time of using it — I had all sorts of problems. Because of that, I switched over to Kismet Legacy, and after maybe 30 minutes to an hour, I was up and scanning with GPS data!
Below is an image (blurred out for obvious reasons) throughout my neighborhood where I lived at the time. I couldn’t believe how many devices this little RaspberryPi was scanning along with that wireless adapter. Additionally, since I used GISKismet, I was able to map it into a private Google Map. What was even more interesting, is a simple Ctrl+F and searching “WEP”, I found every single AP with weak WEP encryption.
A huge learning portion of this project for me was learning to be adaptable. I haven’t highlighted all the issues I ran into with this project in this post, but I spent maybe a solid week in total just trying to figure out why certain configurations weren’t working, installing and uninstalling, reinstalling the operating system and starting over, etc. I really learned that it’s important to not rely entirely on walkthroughs. Additionally, I really think this project helped make me better at troubleshooting, even though I wasn’t too bad to begin with. This project definitely “re-sparked” my interest in taking on more projects like this, especially with a RaspberryPi.
