As part of my project requirement I want to make a system which will detect all the WiFi devices in my router range either its connected or not, I did some research on it then I found something like wireshark ,kismate etc I just tried the wireshark by making my Mac machine's WiFi as an adhoc network and its all fine I am able to list all the WiFi devices in wireshark, now I want to make a real-time system based on a real WiFi router I don't know how I will configure my router using my PC and how I will monitor the router from my PC , one more thing if I am using this wireshark how I will use this data for my requirement. If any one worked with similar scenarios please help me..thanks in advance
To do that you will need more than the usual API that you have on commercial WiFi routers (by that I mean a full SSH access). I would:
flash my router with OpenWRT (you can search for your router on this page for detailed instructions)
Install the aircrack-ng suite on the flashed router with
opkg update
opkg install aircrack-ng
Put my WiFi card in monitor mode and run the airodump service:
airmon-ng start wlan0 #Put your NIC in monitor mode
airodump-ng mon0 #Sniff surrounding packets
You don't necessarily have to install aircrack-ng, you can just put your card in monitor mode using command line (look at the documentation for your WiFi driver) and then run tcpdump (command line equivalent to wireshark) but aircrack works very well and has a nice format.
Also, I should warn you that you can brick your router by flashing it. I never had such a problem when flashing router mentioned on the OpenWRT wiki and there are (most of the times) ways to restore a bricked router depending on the brand but I am not responsible if you break it ;)
Related
I have a problem with getting GSM connection to work.
Currently used:
Advantech UNO-2272G device
Ubuntu 18.04
NetworkManager/nmcli package
The card works when put in a mobile phone.
*Note: following screenshots are made over SSH and remotely, as the device is currently plugged in ethernet until this issue is resolved.
This is current state of "nmcli" command:
nmcli print
The system connection for GSM is called "radi". My guess is that somehow the interface of that connection is trying to work with the other interface (underlined in red), which in turn is trying to get its DNS conf from router (to which it currently is connected with ethernet, but nothing changes if device is plugged out from router and NetworkManager and network is restarted, it still tries to get to router for its DNS).
This is current state of "ip addr" command:
ip addr
This is current state of /etc/network/interfaces file:
interfaces
This is current state of /etc/NetworkManager/system-connections/radi file:
systemconnection
So, the question is, what am I missing here? Is it the interface issue as written above, or something else entirely?
Disclaimer: I am not that proficient in the stuff presented here, most if not all of it was configured following guidelines on the internet.
Hey I'm not expert in this but I do have a different cellular modem connected to a linux system (RPI) and working with NetworkManager (and ModemManager). My modem was connected by a serial UART port (ttyACM0) so that seems similar to what you have done.
When I configured my cellular connection profile in NM I had to setup the ppp section of the connection profile on top of the gsm part. I also went into my ppp options (on the host) and configured those to match a chat script that came from my modem manufacturer. WHen NetworkManager runs a ppp interface it expects the ppp options for the pppd (daemon) to be configured properly.
Here is the ppp section of my NetworkManager cellular connection settings file. Most are defaults and in my case I only added the baud rate for my modem (since it was connected to a UART).
ppp.noauth: yes
ppp.refuse-eap: no
ppp.refuse-pap: no
ppp.refuse-chap: no
ppp.refuse-mschap: no
ppp.refuse-mschapv2: no
ppp.nobsdcomp: no
ppp.nodeflate: no
ppp.no-vj-comp: no
ppp.require-mppe: no
ppp.require-mppe-128: no
ppp.mppe-stateful: no
ppp.crtscts: no
ppp.baud: 115200
ppp.mru: 0
ppp.mtu: auto
ppp.lcp-echo-failure: 0
ppp.lcp-echo-interval: 0
If this is not helpful then have a look at this thread on NM and routing. In their case eth0 was a local network interface and eth1 was their cellular interface
Now to save you 10 hours of troubleshooting - note that the route
metric is independent of the DNS priority! So if you still have
connectivity issues, make sure it's not a DNS resolution issue (eg.
your DHCP server is providing a dummy resolution service). If it is,
then increase the ipv4.dns-priority of your eth0 connection to make it
lower priority, and/or make sure the ipv4.dns-search of your eth1 is
set to "~" to make it the go-to option.
The installation is in a holidays house (so no permanent internet access)
I have a 4g-Routerm (ROUTER-1 = huawei B525-b23) that enable the internet access. I switch it on one day a week.
I have another router (ROUTER-2 = GL-MT300N-V2).
ROUTER-2 is always plugged on electricity.
On ROUTER-2 is connected through ethernet port a Raspberry-Pi3 (with Home Assistant on it).
On ROUTER-2 is connected through WIFI a Camera IP
ROUTER-1 and ROUTER-2 are connected together through ethernet.
When ROUTER-1 is not plug to electricity, none have acces to internet, but it's not an issue.
The camera save picture on the Rapbery Pi3, the Home Assistat is recording some sensor data.
When I switch on the electricity on the ROUTER-1, everyone have access to internet.
What I want is to have remote Access to my router-2 and my Rasberry and my Camera when ROUTER-1 is online
How should I do ?
Hi I can think of two solutions for this setup but both involve buying a second hand cheap router.
I think the use of a single router would make this setup a lot easier. Any router would work that supports:a USB 4g Modem to be attached to it, and has support for setting up a openvpn server and you need to be OK with leaving the Internet on all the time just make sure you dont have any services running that use up bandwidth and you should be ok. You can can connect both raspberry pi and IP camera to that router. Setup Openvpn server open the UDP port required and download the certificates, You should be able to vpn into your network and manage it through SSH or something remotely.
The second option is tailored to you but still requires swapping the 4G Modem with another one that supports these things: Wake on LAN, openvpn server, supports ssh into it over LAN and either has 4G support through a sim card slot or a usb port with modem support.
You can then have it setup so this new Router-1 is switched off with wake on lan configured on it and the raspberry pi to send the magic packet. You can use something like this to get an idea of how WoL https://www.lifewire.com/wake-on-lan-4149800. You can use cron on your raspberry pi to send WoL signal to Router 1 once a week which would eventually give you internet access once the router is up. You have to setup a vpn server on it and forward the required port and download the certificates. When your scheduled WoL cron runs make sure you are able to connect through vpn then access network resources you wish, at the end when you are done you can ssh into the router-1 and turn it off.
I hope this helps. I had a look at the router models you are using and it doesnt leave you with many options. You can get cheap second hand routers online that support everything that is required.
I have a nodejs server in my raspberry and I want people to be able to connecto to it just connecting to the raspi.
The ideal scenario is where in my phone I see the raspi SSID, I connect to it. Then I open chrome enter the ip:port of the raspi itself and it works. Nothing fancier.
What I don't know how to search for in the internet is how to set my pi in a way that it opens itself to the world and appears in the SSID list in my phone. I don't need internet sharing nor anything. Just accessing the nodejs server in the pi.
This can be easily achieved depending on the OS you are using in your pi. Use basically need to use hostapd and a DHCP Server.
You can use a script like create_ap.
I was trying to study the HTTP(s) requests/response that the apps from my phone are sending so this is what I went ahead and created.
I turned my Raspberry Pi as an access point with 2 wifi usb dongles. One for my phone to connect to the "TEST" network and the second connected to the internet. Everything works fine and my phone is able to access internet via my RPi.
Now I setup MITMproxy (in transparent mode) so that I can sniff the traffic to-from from my phone apps. I installed the mitmproxy certificate on the phone and the traffic shows up fine on the mitmproxy console.
Final step - To make the web traffic data analysis part easier I found on the net that Paros Proxy might be able to help (show the traffic from mitmproxy) in a more readable way. - THIS IS NOT HAPPENING
I am assuming there is some setup required for ParosProxy so that it can be linked to mimtProxy / network interfaces which I am not able to achieve. Can any one please help with this?
ParosProxy dashboard doesnt show any traffic. As far as the settings (Tool->Options) the default settings are there i.e. for local proxy (host = localhost and port = 8080). I couldnt find much documentation about ParosProxy on the web.
My network interfaces on the RPi is as follows :
wlan0 (connected to internet) - DHCP
wlan1 (Access Point to which the phone apps connect to) - static IP (gateway 192.168.10.1)
Just in case there is some other tool that could help me achieve the same (a GUI/better dashboard to analyse mitmproxy traffic in real time) I am pretty open for it.
Yes there is a better option: OWASP ZAP https://www.owasp.org/index.php/ZAP :)
It was forked from Paros ~ 5 years ago, is very actively maintained and pretty well documented.
See https://github.com/zaproxy/zaproxy for links to the online user guide, FAQ user and developer groups.
FYI we have info on how to get ZAP runnin on a Pi: https://github.com/zaproxy/zaproxy/wiki/zappi but that doesnt include setting up wiki access - it would be great if we could update that page with the necessary steps :)
Simon (ZAP project lead)
I want to monitor the HTTP traffic sent/received from my iPhone. The iphone is connected to the Internet via my wifi router.
I want to capture packets from my windows 7 station.
Thanks for your help.
You have a few options here:
If your wireless router has a port mirroring or port spanning feature, turn it on and point it at your workstation's IP. Use Wireshark on your workstation to look at the packets arriving on the interface assigned to that IP.
If your workstation has a wireless card, get Connectify for Windows 7 (turns wireless card into Wifi Hotspot). Connect iPhone through Windows 7 wireless, and workstation through ethernet to the internet. Your workstation will effectively act as a router for your iPhone and you will be able to record iPhone's packets passing through it.
Get an ethernet hub (make sure it is not a switch, you won't see all packets on every interface with a switch), and connect your workstation, wifi router and internet to it.
Get a switch with port mirroring feature, configure port mirroring to forward a copy of all packets to your workstation.
Another option that I wish someone would have mentioned to me is pfSense. This is an operating system based on BSD made to serve as a firewall. Top of the line routers have, say 400 Mhz of processing speed, and unimpressive amounts of ram. The lowest-end computer you'll find these days has better specs than that, and of course, it's upgradeable. You don't have to bother with those terrible Cisco licenses (no DHCP with no license, 20 DHCP users at one license level, 100 users at an higher lever? Ludicrous), etc. Best of all, you have "root' access to the system, so you can run whatever you want on it (including wireshark, say)!!
Make sure you have two sufficiently fast ethernet cards. You'll set your wireless router to not do NAT (because pfSense will be doing that), then you can get to work setting up your VPN server, etc. without thinking about cisco licensing, etc.