I do a lot of wardriving for fun. I’m currently using Vistumbler on a Windows PC in my truck, or on the work PC. I have a DIY Wi-Fi / GPS dongle that I built a few years ago. At WiFiDB.net, i have contributed over 4.4 M APs.
The challenge is that, especially traveling for business, I don’t like to have to drag the PC along with me everywhere. This past week, in LA, I decided to look at building a new rig from an RPi to scan networks and make files readable to WiFiDB. I was originally thinking a script using iwlist and some gps calls, but then got derailed by the magic of kismet. This is that story.
I began here with the info from http://www.teambsf.com/warpi2dotoh/war-pi-2-1-building-with-pi3/ expecting to build a warpi box. However, i ended up using a stock distro build of kismet instead.
I call it WarPig 1.0 since it gobbles up storage like a pig, and the structure is likely a mess.
This RPi3B+ uses a USB GPS that cost me about $6 from eBay, and is currently using just a Ralink RT5370 Wi-Fi dongle because that worked. I’m ordering an Alfa dual-band device or maybe a pair, and when I get those I hope to expand the amount of frequency space I can monitor concurrently. I chose not to use the on-board Wi-Fi since it apparently needs a hack to put it into monitor mode, and this effort was yet another thing to do. Also, the on-board Wi-Fi doesn’t appear to allow an external antenna.
Start with new imaged SD card with Raspian buster with desktop but no apps
Through the raspi-config tool, give it a unique hostname, enabled SSH and VNC access
Run
sudo apt-get update
sudo apt-get upgrade
Set eth0 fixed IP address, you can change this as required for your own situation.
sudo nano /etc/dhcpcd.conf
# Example static IP configuration:
interface eth0
static ip_address=192.168.1.10/24
static routers=192.168.1.1
static domain_name_servers=192.168.1.1
now modify /boot/config.txt to allow USB ports to output maximum current
add new line to the end of the file
max_usb_current=1
from https://learn.adafruit.com/adafruit-ultimate-gps-hat-for-raspberry-pi/use-gpsd
sudo apt-get install gpsd gpsd-clients python-gps
get rid of some old files that are no longer needed
sudo apt autoremove
Now, prevent systemd from running its own gpsd incantations.
sudo systemctl stop gpsd.socket
sudo systemctl disable gpsd.socket
sudo gpsd /dev/ttyAMA0 -F /var/run/gpsd.sock
sudo reboot
You may ask why all the reboots, they’re partially for caution to make sure I haven’t fatally corrupted something along the way. And believe me, I spent a good fraction of the day reflashing the SD card after corrupting something.
The following works on buster for a USB GPS device:
sudo /etc/default/gpsd
Add to gpsd the following:
START_DAEMON=”true”
DEVICES=”/dev/ttyAMA0″
sudo dpkg-reconfigure gpsd
sudo reboot
The following came from the teambsf link, maybe there’s a different way to do this, but this seems to work fine.
sudo nano GPSTimeUpdate
#!/bin/bash
#extracts time from GPS
GPSLINE=`gpspipe -w | head -10 | grep TPV | head -1`
#pull date and time from valid TPV line
GPSDATE=`echo $GPSLINE | sed -r ‘s/.*”time”:”([^”]*).*/\1/’`
#set system time to GPS time
date -s “$GPSDATE”
sudo chmod +x GPSTimeUpdate
sudo cp GPSTimeUpdate /usr/bin/.
sudo reboot
More from the teambsf group, this to make sure GPSTimeSet starts at boot.
sudo nano /etc/rc.local
#!/bin/sh -e #
# rc.local
#
# This script is executed at the end of each multiuser runlevel.
# Make sure that the script will “exit 0” on success or any other
# value on error.
#
# In order to enable or disable this script just change the execution
# bits.
#
# By default this script does nothing.
# Print the IP address
_IP=$(hostname -I) || true
if [ “$_IP” ]; then
printf “My IP address is %s\n” “$_IP”
fi
/usr/bin/GPSTimeUpdate
exit 0
And as always, do a sudo reboot
Set up a usb drive permanently for kismet log storage. I’m concerned about the thrashing to the RPi’s SDcard. In fact, this is just the beginning of an effort to eliminate all writes to the SDcard.
Insert a fresh USB thumb drive
ls -l /dev/disk/by-uuid/ gets the lists all connected drives, including the USB thumb drive.
sudo mkdir /media/usb-drive make a mount point
sudo chown -R pi:pi /media/usb-drive so that pi has access to this folder.
Make the drive an auto-mount at boot
sudo nano /etc/fstab
UUID=18A9-9943 /media/usb vfat auto,nofail,noatime,users,rw,uid=pi,gid=pi 0 0
put the UUID found from the ls command before. This appears to limit my ability to use any old USB thumb drive, dunno yet.
Install kismet from distro, I tried to compile it locally per the teambsf instructions, while it worked, it didn’t seem to be worth the extra effort.
Add some configuration details to kismet
in /etc/kismet/kismet.conf insert (or uncomment)
logprefix=/media/usb-drive/
writeinterval=120
ncsource=wlan1
cd /usr/local/etc sudo nano kismet.conf
sudo mkdir /home/pi/kismet
sudo chmod 777 /home/pi/kismet
cd /etc/init.d
have not yet implemented the below, which is from teambsf and is a way to auto-start kismet on boot. I don’t want this quite yet.
sudo nano kismet
#!/bin/sh #
#
# BEGIN INIT INFO
# Provides: kismet
# Required-Start: $all
# Required-Stop: $local_fs $remote_fs $syslog $network
# Default-Start: 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Start kismet at boot time
# Description: Starts kismet at boot time
#
#
# END INIT INFO
case “$1” in
start) echo “Starting kismet”
/bin/sleep 30
/usr/local/bin/kismet_server –daemonize
;;
stop)
echo “Stopping kismet”
killall kismet_server
;;
*)
echo “Usage: /etc/init.d/kismet start|stop”
exit 1
;;
esac
exit 0
sudo chmod +x kismet
Best way to start kismet at CLI
kismet_server >/dev/null 2>&1
starts kismet server and sends all output to dev/null
sudo update-rc.d kismet defaults