Wardriving ekoparty
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
Ekoparty - Workshop Wardriving 2017.pdf
README.md
import_dns_pcap.py
import_wardriving_pcap.py
import_wigle.py

README.md

Wardriving

Here you can find all the data about the Wardriving Workshop from Ekoparty 2017.

Faraday Plugins

The files starting with import_ are all modules to be used with the Faraday Plugin. In order to run them, download and copy to you {faraday_installation}/bin/.

For more info on the Faraday Plugin read the official documentation.

import_dns_pcap.py

The file import_dns_pcap.py will read all packets saved from Open WiFi networks. It will create vulnerabilities for non-encrypted cookies or authorization data. To run:

./fplugin import_dns_pcap wardriving.cap -w eko_wardriving

import_wigle.py

The file import_wigle.py will create a vulnerability with Informational severity and attach a map as evidence. This plugin uses the Android SQLite database as input.

To run first copy the .sqlite in your smartphone to your computer. Then import .sqlite to eko_wardiring using the command:

./fplugin import_wigle /home/lcubo/wigle/wiglewifi.sqlite -w eko_wardriving

import_wardriving_pcap.py

The file import_wardriving_pcap.py creates objects in Faraday according to the security settings of the networks found in a PCAP.

Users will be able to see statistics in the Faraday Dashboard including how many networks are using wpa, wpa2, wep and open. It will create vulnerabilities for open and wep. If any of the PCAP files contain a 4way handshake it will also create a vuln with the keys as evidence.

Also, a vulnerability containing the top 10 probe requests found and an XLS file with the vendor frequency will be added.

If you want to load wardriving statistics from a PCAP file to the eko_wardring workspace use the following command:

./fplugin import_wardriving_pcap wardriving.cap -w eko_wardriving