UGR/Experiment2

From charlesreid1

Wireless Capture

Stringing together the pieces:

Here is the single-step, high level version of what we are doing. This is essentially one single step in the data pipeline.

  • Sensor hardware: Raspberry Pi that can run a boot script to collect data

To get more specific:

  • Be able to power on the Raspberry Pi
  • Be able to remotely connect to the Raspberry Pi via SSH
  • Be able to control a wireless card from the Raspberry Pi via command line
  • Be able to start and stop a wireless card using Python
  • Be able to start and stop airodump process using Python

Putting all the pieces together, here is how the process will look:

  • Plug a wireless card into the Pi (no power)
  • Plug the Pi into power
  • Boot script activates Python script
  • Python script identifies onboard hardware
  • Python script begins running airdoump at 1 minute intervals
  • (optional) Python script connects to remote command-and-control server.
  • (optional) stunnel trickiness

Implementation

Passwordless Login Raspberry Pi

Set up passwordless login following http://charlesreid1.com/wiki/SSH#Passwordless_Login

Then define the following alias in your .bashrc or wherever: 

alias pi="pi"
function pi() {
  ssh-agent > ~/ssh.file # env vars in ssh.file 
  chmod +x ~/ssh.file # execute file
  ~/ssh.file > /dev/null
  rm -f ~/ssh.file
  export IP="10.0.0.4"
  ssh -Y root@${IP} # the actual ssh call
}

Now you can connect to the pi by typing: 

$ pi

Test Startup Service

Create a test startup service by doing the following.

Create a custom startup script in /etc/init.d/custom-script with the following contents: 

root@kali:/etc/init.d# cat custom-script 
#! /bin/sh

### BEGIN INIT INFO
# Provides:		custom-script
# Required-Start:	$local_fs $remote_fs
# Required-Stop:	$local_fs $remote_fs
# Default-Start:	2 3 4 5
# Default-Stop:		0 1 6
# Short-Description:	Here ya go buddy, custom script
### END INIT INFO

set -e

touch /root/ohai

exit 0

Make the script executable with chmod +x custom-script

Make sure this is linked in the proper rcN.d/ folders by running update-rc.d custom-script defaults.

Now make sure there's no file rm /root/ohai and then run reboot. Once you reboot, you should see a file named ohai in the root directory.

Real Startup Service

Create a real startup service that will start capturing wifi data on boot. Assume wifi card is wlan0. More info on Raspberry Pi startup service here: https://charlesreid1.com/wiki/RaspberryPi/Reverse_SSH

Starting with the Python script that will run airodump-ng and capture wifi data into CSV files:

capture_wifi_data.py 

import subprocess
import os
import time
from datetime import datetime

# each experiment will be Nhours in duration
Nhours = 2

# each CSV file will be Nseconds in duration
Nseconds = 15

# figure out how many files there will be
Nfiles = (Nhours*3600)/Nseconds

# create a unique file prefix for this experiment
prefix = datetime.now().strftime('%Y-%m-%d_%H-%m')

print "About to put card in monitor mode."
subprocess.call(['ifconfig','wlan0','down'])
subprocess.call(['iwconfig','wlan0','mode','monitor'])
subprocess.call(['ifconfig','wlan0','up'])
print "Done."

for i in range(Nfiles):

    # construct the airodump command and pipe all its output to /dev/null so it doesn't blow up the syslog
    FNULL = open(os.devnull,'w')
    the_cmd = ['airodump-ng','wlan0','-w',prefix,'--output-format','csv']

    # call it
    p = subprocess.Popen(the_cmd,stdout=FNULL, stderr=subprocess.STDOUT)

    # wait for it
    time.sleep(Nseconds)

    # aaaaand bail
    p.kill()

print "Success!"

This python script will run airodump in a way that redirects all of its output to /dev/null. THIS IS EXTREMELY IMPORTANT. If you don't redirect stdout, it will go into your syslog, and you will have 500 MB of airodump-ng output (refreshed/printed every second, unless you turn it off) in /var/log/syslog. Whoops.

That's the reason for the stdout/stderr redirects.

Now you can create a startup service to launch this Python script in the background:

/etc/init.d/capture-wifi-data 

#! /bin/sh

### BEGIN INIT INFO
# Provides:             capture-wifi-data
# Required-Start:       $local_fs $remote_fs
# Required-Stop:        $local_fs $remote_fs
# Default-Start:        2 3 4 5
# Default-Stop:         0 1 6
# Short-Description:    Capture wifi data.
### END INIT INFO

set -e


case "$1" in
  start)
        cd /root/wifi_data
        /usr/bin/python capture_wifi_data.py
        ;;
  stop)
        pkill airodump-ng
        ;;
  *)
        exit 1
        ;;

esac

exit 0

You can enable the script with update-rc.d capture-wifi-data defaults. This will run a two-hour experiment, beginning at the point the Pi is plugged in.

If you don't want it to run, but you want to keep the startup script in-place, you can run update-rc.d capture-wifi-data remove

That way, you can keep a collection of startup scripts that will do various things, and turn them on or off as the situation requires.

More information at Kali Raspberry Pi/Startup Services

Retrieved from "https://charlesreid1.com/w/index.php?title=UGR/Experiment2&oldid=9301"