TL'DR
Hey guys,
So a few years back I installed Kali linux onto a raspberry pi and started messing around with the aircrack-ng suite of programs.
Its been a while, but i figured some of you with more time might like to recreate what I did.
first off, do note that when i was doing this, Apple and Android phones older than 2018 didn't randomize their MAC address's when sending out broadcast beacons, so it was much easier back then to confirm a persons phone was in the area because their MAC address would never change.
These days, I'm pretty sure the MACs are randomized within a short timeframe, but if i remember correctly, The SSID is still broadcasted in the beacon packet, so you could us that as a filter, depends on your use case.
I would say the most important use-case for most people here is getting some kind of notification if ANY mac address that's not whitelisted is found broadcasting for longer than a person just passing by.
Dont forget, you can run into some false flags here, for example, you have whitelisted your neighbor, but they invite friends over for the first time.... or someone just pulls over outside your house thats not from around the area. I've even had my system detect the wifi from "smart" cars themselves which is pretty funny
even aftermarket air tire sensors on some wheels get detected.
There are some command line switches in airmon to tag hardware manufactures using a common database list, this will tell you if a MAC address is related to a Apple,Intel,Sony,Realtek device etc. (another useful whitelist possibility)
You will need:
Anyway, this can get pretty technical, but there's a few things you'll need to get started....
First off, you'll need a USB wifi dongle that's capable of working in whats called "monitor"mode, I've found most TP-link adapters have the correct chip-sets that support this mode. (also, try looking for a dual band device that does 2.4Ghz and 5Ghz)
A raspberry pi with a high endurance Micro SD card (because it will be constantly writing log files)
A really long extension USB cable ( so you can possession your wifi dongle as close to the front of your house or area of interest..)
That should be just about all the info you need to get started, honestly the hardest part is writing the loop script, I used bash, but im sure there are better ways to write these days, I'm just not good at programming.
So yeah, if any of you wanna have a go at creating this, here are a few links to help.(see below)
If you do end up writing a script, please post it here for everyone to use, i can guess something like this would be an amazing add-on for programs like "Home Assistant"
some conditions i had running were awesome like, "if a person who's not on the whitelist gets to close to the house for longer than 2 min, turn on the stereo and crank the volume playing an alarm WAV file.
or flash smartlights when someone drives past thats not from around here (this takes months of capturing logs to work out who actively lives in the neighborhood )
Screenshots:
btw, you dont need to use a raspberry pi, an old laptop will do the trick too.
LINKS:
www.aircrack-ng.org
www.kali.org
www.tp-link.com
- Capture beacon requests over wifi being broadcasted from peoples phones in their pocket/car as they walk/drive by
- Log the "timestamp" and "signal" strength into a dump file
- Write a loop script that checks the last 100 lines of the dump for MAC address and timestamps to filter out beacons that are STILL seen within a 1 min time-frame
- If true, then send alert to BI using your preferred method
- Now the fun part, compare the timestamps from your wifi capture log to your Blueiris alerts timestamp, you should see footage of a person walking past at the same time the wifi log was created.
- Advantages? you can now see around corners, whitelist your neighbors MAC address's and let the fun begin
Hey guys,
So a few years back I installed Kali linux onto a raspberry pi and started messing around with the aircrack-ng suite of programs.
Its been a while, but i figured some of you with more time might like to recreate what I did.
first off, do note that when i was doing this, Apple and Android phones older than 2018 didn't randomize their MAC address's when sending out broadcast beacons, so it was much easier back then to confirm a persons phone was in the area because their MAC address would never change.
These days, I'm pretty sure the MACs are randomized within a short timeframe, but if i remember correctly, The SSID is still broadcasted in the beacon packet, so you could us that as a filter, depends on your use case.
I would say the most important use-case for most people here is getting some kind of notification if ANY mac address that's not whitelisted is found broadcasting for longer than a person just passing by.
Dont forget, you can run into some false flags here, for example, you have whitelisted your neighbor, but they invite friends over for the first time.... or someone just pulls over outside your house thats not from around the area. I've even had my system detect the wifi from "smart" cars themselves which is pretty funny
even aftermarket air tire sensors on some wheels get detected.
There are some command line switches in airmon to tag hardware manufactures using a common database list, this will tell you if a MAC address is related to a Apple,Intel,Sony,Realtek device etc. (another useful whitelist possibility)
You will need:
Anyway, this can get pretty technical, but there's a few things you'll need to get started....
First off, you'll need a USB wifi dongle that's capable of working in whats called "monitor"mode, I've found most TP-link adapters have the correct chip-sets that support this mode. (also, try looking for a dual band device that does 2.4Ghz and 5Ghz)
A raspberry pi with a high endurance Micro SD card (because it will be constantly writing log files)
A really long extension USB cable ( so you can possession your wifi dongle as close to the front of your house or area of interest..)
That should be just about all the info you need to get started, honestly the hardest part is writing the loop script, I used bash, but im sure there are better ways to write these days, I'm just not good at programming.
So yeah, if any of you wanna have a go at creating this, here are a few links to help.(see below)
If you do end up writing a script, please post it here for everyone to use, i can guess something like this would be an amazing add-on for programs like "Home Assistant"
some conditions i had running were awesome like, "if a person who's not on the whitelist gets to close to the house for longer than 2 min, turn on the stereo and crank the volume playing an alarm WAV file.
or flash smartlights when someone drives past thats not from around here (this takes months of capturing logs to work out who actively lives in the neighborhood )
Screenshots:
btw, you dont need to use a raspberry pi, an old laptop will do the trick too.
LINKS:
airmon-ng [Aircrack-ng]
www.aircrack-ng.org
Get Kali | Kali Linux
Home of Kali Linux, an Advanced Penetration Testing Linux distribution used for Penetration Testing, Ethical Hacking and network security assessments.
www.kali.org
150Mbps High Gain Wireless USB Adapter
The TL-WN722N Wireless N USB Adapter allows you to connect any computer to high-speed internet. Speeds of up to 150Mbpsare ideal for online gaming and smooth video streaming.
www.tp-link.com
Attachments
Last edited:
