Narwhal’s Guide to Wardriving

War driving, the practice of driving, biking, or walking while carrying a device that collects and records data and location of wireless networks. Until a couple days ago I had never considered war driving but I decided to try it out. I’ll be writing a guide following my setup here’s a list of the stuff I used.

  • Samsung Q310
  • Xubuntu or distro of your choice
  • External Wifi Adapter (this one is great)
  • a gps unit
  • if you are using a car some way to mount you laptop

Unless your laptop has a space for a external wifi card you will probably need to buy a external adapter. Most internal cards do not have the ranger of ability to be set into monitor mode. Also even if you can set your internal card into capture mode a external antenna is a good investment.

Once you get all this stuff together the first thing you need to do is install the software for wardriving. The wardriving software I use is Kismet, it’s Linux only, and generally considered one of the best. If your still reading this and insist on using Windows, Netstumbler is very good.

sudo apt-get install kismet

sudo gedit /etc/kismet/kismet.conf

Uncomment the line #suiduser=your_user_here and add your username that you use to login to Ubuntu.

suiduser=matt

You need to change the configuration depending on what wifi card you are using

If you are running Alfa wifi change

source=none,none,addme

to

source=rt8180,mon0,alfa

If you are running Atheros AR5001X+ card change

source=none,none,addme

to

source=madwifi_ag,wifi0,madwifi

If you are running Intel 2100 driver

source=none,none,addme

to

source=ipw2200,eth1,wifi

Configuring GPS to Run on Startup

gps=true
gpstype=gpsd
gpshost=localhost:2947
gpsmodelock=false
gpsreconnect=true

Notes

If you don’t know your relevant network driver, view the Kismet Readme and scroll down to the section “12. Capture Sources”.

If you don’t know your interface name, use iwconfig to find your wireless interface.

Save and Exit the file

Before starting kismet, you need to put your wireless adapter into monitor mode.

Run alfa wifi card in monitor mode

sudo airmon-ng check kill alfa & sudo airmon-ng start alfa

Run Atheros AR5001X+ card in monitor mode

sudo wlanconfig ath0 destroy

Finally start Kismet from the terminal using the following command

sudo kismet

Gpsdrive

In addition to using Kismet I also use Gpsdrive if I’m driving. But it doesn’t make much sense to have a live map if your biking like I will be.

Car Mounts for Your Laptop

A car mount isn’t to hard to put together. The best one I found used a aluminum laptop cooler bolted to the center console in a van.

It’s far cry from a crown vic mount but it works.

He just used some webbing to attach the laptop to the mount. If you don’t want to modify your car I normally just set the laptop in the passenger seat and strap it in.

Hot slot Wireless Cards

Another example from the same guy who has added whats called a “pigs tale” to his card to extend the cards range.

If you plan on buying a hot slot card I suggest adding a pigtale to it so you can get some real range out of it. I won’t be guiding you though this process. But WardrivingOnline has a pretty good guide to putting together a pigtale for your specific card.

Attaching a GPS to Kismet

Once you get Kismet up and running in order to us a GPS to log the location of the networks you need to install GPSD.

sudo apt-get install gpsd

Start gpsd. You’ll need to give it as an argument a path to a serial or USB port with a GPS attached to it. Your test command should look something like this:

gpsd -D 5 -N -n /dev/ttyUSB0
  1. Once gpsd is running, telnet to port 2947. You should see a greeting line that’s a JSON object describing GPSD’s version. Now plug in your GPS (or AIS receiver, or RTCM2 receiver).
  2. Type ?WATCH={“enable”:true,”json”}; to start raw and watcher modes. You should see lines beginning with { that are JSON objects representing reports from your GPS; these are reports in GPSD protocol.
  3. Start the xgps or cgps client. Calling it with no arguments should do the right thing. You should see a display panel with position/velocity-time information, and a satellite display. The displays won’t look very interesting until the GPS acquires satellite lock.
  4. Have patience. If you are cold-starting a new GPS, it may take 15-20 minutes after it gets a skyview for it to download an ephemeris and begin delivering fixes.
  5. A FAQ and troubleshooting instructions can be found at http://gpsd.berlios.de/faq.html

Now all you have to do is go out and drive, bike, or even walk around with your laptop. Your laptop will automatically collect all the data from any wireless network it touches. I’ll be posting some pictures of my biking setup later on. If you have any questions ask them in the comments I’ll do my best to answer them.

About these ads

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s