Wireless Scanning and a new tool

| 2 Comments

I had some cause to do some wireless work recently, which got me interested in doing some more war-walking (and hey, the weathers actually been nice enough to make it pleasant recently).

It was interesting to see the density of wireless networks in the suburban area near where I live, a quick 30 minute walk can easily pick up several hundred APs. Also some of the stats on encryption were interesting with about 25% of networks either using WEP or having no encryption at all, so still rich pickings there for anyone who wants free access or to attack some home networks directly.

I also did a bit of scanning with my N900 in Glasgow, near the apple store and noticed they've got an awful lot of clients connected to their unencrypted wireless networks there (~ 260 client spread over 3 APs), hope everyone is using VPNs or SSL only sites ;op

Also couldn't find something to do the analysis the way I was looking for it, so I knocked up a quick script in ruby to analyse the .netxml output files from kismet.

It's available here . It needs ruby, rubygems and nokogiri to work. worth noting that on linux installs you'll need some xml parsing libraries installed before installing nokogiri (libxslt libxml2 libxml2-dev)


Basic syntax is very straightforward.

./kis_analysis.rb -f [netxml file] -r [report name]

you can add -g if you've got GPS data to add links from each network to a google maps point and -m to draw a map of all the networks seen.

Any feedback/comments welcome either on the blog or to rorym@nmrconsult.net

2 Comments

I just gave the tool a whirl to test my GPS device and it worked great. In just under a mile drive there were over 800 networks. Nice report format and simple to use. I like the tie in to Google maps too!

I haven't looked in to the code yet but I would like to tie it in to sqlite to enable me to run some basic queries e.g. list all open networks, which networks had the most clients, draw on a map for all the access points called 'XYZBank'. If I get around to this I will email you the changes.

One final point is the general statistics section of the report shows:
Encryption: WPA+TKIP
Encryption: WPA+PSK

TKIP is used with PSK so I assume this should be a bit more accurate e.g. PSK, Enterprise, TKIP, CCMP etc.

Cool glad to hear it works :)

Yeah sqlite integration would be a cool idea, good to be able to tie multiple runs together. On the encryption front, the scripts pulling information from the kismet output, so I wonder how much is visible in the output... hmm will have to go have a look..

The code is a bit on the ugly side when it comes to generating the javascipt for google maps, I'd like to find a way to make it a bit neater but it seems to be a restriction of the google maps format

About this Entry

This page contains a single entry by Rory2 published on July 17, 2010 5:36 PM.

Interesting Example of Cloud Computing Risks was the previous entry in this blog.

New Role, New Blog is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.

Pages

Powered by Movable Type 4.37

About this Entry

This page contains a single entry by Rory2 published on July 17, 2010 5:36 PM.

Interesting Example of Cloud Computing Risks was the previous entry in this blog.

New Role, New Blog is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.