Tools mentioned in "Breadcrumbs: Wifi Tracking/fun" talk Slides: https://github.com/violentlydave/Breadcrumbs/blob/master/breadcrumbs1_postconf.pdf
Remember: 1> These tools are meant to automate some processes and show what's possible. 2> These tools should not be used for a "service" or considered secure code. 3> Email address is in the code
These tools are mostly used in conjunction with a modified version of WUDS, available: https://github.com/violentlydave/WUDS-Breadcrumbs
Data requirements:
- "log.db" - output from WUDS (original or modified), can be anywhere if specified in config.
- "wiglewifi.sqlite" - sqlite3 DB straight from Wigle's phone app. Usually in "wiglewifi/" in your data area, often SDcard.
Files
- ssidscan.sh - tool to review the SQLITE3 db created by WUDS. No option shows all unique SSID probes in the log. Any other text (as $1) will search for that showing up anywhere in the records. You can add a second variable ($2) on the command line to specify a log-db other than "log.db" in case you roll your db regularly and want wish to search historical records.
- check_all_targets.sh - checks recent history in the logs, detects if any "targets" have been detected, and alerts. It also creates a lock file w/ the date of first spotting so it doesn't constantly alert.
- detect_target.sh - The script that actually searches for the search string, called by check_all_targets.sh.
- clear_locks.sh - A quick script to clear the locks created by check_all_targets.sh -- usually add this into cron in early AM, or a different appropriate time for the cycle.
- add_to_targets.sh - searches the logs for the string listed, and adds all MAC addresses seen requesting that SSID. It is a quick way to add a bunch of records, but be careful -- the targets config can become rather bloated if you don't notice your target is using MAC-spoofing.
- find_bluetoothaddr.sh - simple script to l2-ping up one MAC address and down one MAC address from the wifi interface, which will find most bluetooth addresses hosted on same SoC as wifi interface.
- ssid_to_address.sh - attempt to check the local DB for the SSID mentioned and map the lat/lon to a street address (GOOGLEMAPS version).
- ssid_to_name.sh - slightly modified "ssid to address", tries to reference local Florida voters DB. Easily modifiable to other data sources, here as an example (GOOGLEMAPS version).
- latlon_to_address.sh - simlpe version of "ssid to address" to just take lat/lon found in other ways, show street address (GOOGLEMAPS version).
- breadcrumbs.conf - Config file showing exempt strings, targets and alert-users (currently pushover only).
TODO:
- Rewrite most in python for flexibility (POC/quickie code = Bash. Sorry :( )
- Automate bluetooth sniffing portion after selecting target and figuringout bluetooth address. Have it go as far as possible (ping/info collect) w/ regular hci interface, sniff on Ubertooth.