Kismet: Difference between revisions

From Irregularpedia
Jump to navigation Jump to search
VisualWikitext
Initial
 
syntax
Tag: 2017 source edit
 
Line 1: Line 1:
'' [[#Installation|Installation]]
''' [[#Linux|Linux]]
''' [[#MacOS|MacOS]]
'' [[#Configuration|Configuration]]
''' [[#Network%20Interface%20Card%20(NIC)%20Configuration|Network Interface Card (NIC) Configuration]]
''' [[#GPS%20Adapter|GPS Adapter]]
''' [[#Wireless%20Adapter|Wireless Adapter]]
''' [[#Logging|Logging]]
''' [[#Web%20UI|Web UI]]
''' [[#Remote%20Capture|Remote Capture]]
''' [[#Plugins|Plugins]]
''' [[#Alerts|Alerts]]
'' [[#Running%20Kismet|Running Kismet]]
'' [[#Troubleshooting|Troubleshooting]]
''' [[#GPSD%20Error|GPSD Error]]
''''' [[#Linux|Linux]]
''''' [[#MacOS|MacOS]]
''' [[#USB%20Error|USB Error]]
''''' [[#Linux|Linux]]
''''' [[#MacOS|MacOS]]
* [[#FAQs|FAQs]]
''' [[#How%20do%20I%20add%20an%20SDR%20as%20a%20data%20source%20in%20Kismet?|How do I add an SDR as a data source in Kismet?]]
''' [[#Why%20is%20my%20GPS%20not%20providing%20accurate%20data%20to%20Kismet?|Why is my GPS not providing accurate data to Kismet?]]
''' [[#Can%20I%20use%20Kismet%20for%20wardriving,%20and%20how?|Can I use Kismet for wardriving, and how?]]
''' [[#How%20can%20I%20improve%20the%20capture%20range%20of%20my%20SDR%20in%20Kismet?|How can I improve the capture range of my SDR in Kismet?]]
''' [[#What%20is%20the%20best%20way%20to%20manage%20and%20analyze%20logs%20collected%20by%20Kismet?|What is the best way to manage and analyze logs collected by Kismet?]]
''' [[#Can%20Kismet%20monitor%20Bluetooth%20devices,%20and%20how?|Can Kismet monitor Bluetooth devices, and how?]]
<span id="what-is-kismet"></span>
= What Is Kismet =
= What Is Kismet =


Line 34: Line 5:
Kismet works with Wi-Fi and Bluetooth interfaces, SDR (software-defined radio) hardware like the RTLSDR, and other specialized capture hardware.
Kismet works with Wi-Fi and Bluetooth interfaces, SDR (software-defined radio) hardware like the RTLSDR, and other specialized capture hardware.


Kismet works on Linux, OSX, and, to a degree, Windows 10 under the WSL framework. Linux works with most Wi-Fi cards, Bluetooth interfaces, and other hardware devices. On MacOS, it works with the built-in Wi-Fi interfaces, and on Windows 10, it will work with remote captures.[1] # Passive Monitoring Kismet operates almost entirely passively, with a few exceptions (such as Bluetooth scanning mode) noted in the documentation for those capture types.
Kismet operates on Linux, macOS, and to a degree on Windows 10 under the WSL framework. On Linux, it supports most Wi-Fi cards, Bluetooth interfaces, and other hardware devices. On macOS, it works with built-in Wi-Fi interfaces, while on Windows 10, it supports remote captures.


Kismet is not an attack tool (generally) - to test your Wi-Fi security check out tools like Aircrack-NG or the Wi-Fi Pineapple.
Kismet operates passively (except for specific features like Bluetooth scanning). It is not typically an attack tool but focuses on collecting and analyzing wireless data. Logs generated by Kismet, such as PCAP files and handshakes, can be used with tools like Hashcat or Aircrack-NG for further analysis.


Kismet is largely focused on collecting, collating, and sorting wireless data. The logs generated by Kismet can be fed into other tools (the pcap, handshakes, and other data) like hashcat, aircrack, and more.[2]
See the [https://forums.kali.org/archived/tags.php?tag=kismet Kali Forum about Kismet]
 
<span id="installation"></span>
== Installation ==
== Installation ==


<span id="linux"></span>
=== Linux ===
=== Linux ===
<pre>
# Remove Kismet if installed
sudo apt autoremove kismet


<syntaxhighlight lang="bash">#remove kismet if on system
# Install dependencies
sudo apt autoremove kismet
sudo apt install -y build-essential git libwebsockets-dev pkg-config zlib1g-dev \
= install dependencies for kismet =
libnl-3-dev libnl-genl-3-dev libcap-dev libpcap-dev libnm-dev libdw-dev \
sudo apt install -y build-essential git libwebsockets-dev pkg-config zlib1g-dev libnl-3-dev libnl-genl-3-dev libcap-dev libpcap-dev libnm-dev libdw-dev libsqlite3-dev libprotobuf-dev libprotobuf-c-dev protobuf-compiler protobuf-c-compiler libsensors4-dev libusb-1.0-0-dev python3 python3-setuptools python3-protobuf python3-requests python3-numpy python3-serial python3-usb python3-dev python3-websockets librtlsdr0 libubertooth-dev libbtbb-dev gpsd gpsd-clients
libsqlite3-dev libprotobuf-dev libprotobuf-c-dev protobuf-compiler protobuf-c-compiler \
= git kismet =
libsensors4-dev libusb-1.0-0-dev python3 python3-setuptools python3-protobuf \
python3-requests python3-numpy python3-serial python3-usb python3-dev python3-websockets \
librtlsdr0 libubertooth-dev libbtbb-dev gpsd gpsd-clients
 
# Clone and build Kismet
git clone https://www.kismetwireless.net/git/kismet.git
git clone https://www.kismetwireless.net/git/kismet.git
cd kismet
cd kismet
./configure
./configure
#make using all available cores
make -j$(nproc)
make -j$(nproc)
</syntaxhighlight>
</pre>
<span id="macos"></span>
=== MacOS ===


<syntaxhighlight lang="bash">#install xcode if not installed
=== macOS ===
<pre>
# Install Xcode (if not installed)
xcode-select -p 1>/dev/null || xcode-select --install
xcode-select -p 1>/dev/null || xcode-select --install
#Install brew if not installed
 
which -s brew
# Install Homebrew and update
if [[ $? != 0 ]] ; then
which -s brew || ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
    # Install Homebrew
brew update
    ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
 
else
# Install dependencies
    brew update
brew install git pkg-config python3 libpcap protobuf protobuf-c pcre librtlsdr libbtbb \
fi
ubertooth libusb openssl libwebsockets gpsd
= install dependencies for kismet =
 
brew install git pkg-config python3 libpcap protobuf protobuf-c pcre librtlsdr libbtbb ubertooth libusb openssl libwebsockets gpsd
# Clone and build Kismet
= git kismet =
git clone https://www.kismetwireless.net/git/kismet.git
git clone https://www.kismetwireless.net/git/kismet.git
cd kismet
cd kismet
#configure kismet
./configure
# if you have issues with openssl paths, you can specify them manually
LDFLAGS=-L$(brew --prefix)/lib CPPFLAGS="-I$(brew --prefix)/include -I$(brew --prefix openssl)/include" ./configure
LDFLAGS=-L$(brew --prefix)/lib CPPFLAGS="-I$(brew --prefix)/include -I$(brew --prefix openssl)/include" ./configure
#make using all available cores
make -j$(nproc)
make -j$(nproc)
sudo usermod -aG kismet $USER</syntaxhighlight>
sudo usermod -aG kismet $USER
[3]
</pre>


<span id="configuration"></span>
== Configuration ==
== Configuration ==


<span id="network-interface-card-nic-configuration"></span>
=== Network Interface Card (NIC) Configuration ===
=== Network Interface Card (NIC) Configuration ===
 
<pre>
Kismet requires a wireless network interface card (NIC) to capture wireless data. The <code>iwconfig</code> command lists available wireless interfaces on your system. If you’re using a USB wireless adapter, you may need to plug it in and check the available interfaces again.
# List available wireless interfaces
 
<syntaxhighlight lang="bash">#list available wireless interfaces
iwconfig
iwconfig
#If you're using a USB wireless adapter, you may need to plug it in and check the available interfaces again.</syntaxhighlight>
For these configurations, you’ll edit the <code>kismet.conf</code> file in the kismet directory.


<syntaxhighlight lang="bash">#navigate to the kismet directory
# Edit Kismet configuration
cd kismet
cd kismet
#edit the kismet.conf file
nano kismet.conf
nano kismet.conf</syntaxhighlight>
</pre>
<span id="gps-adapter"></span>
 
=== GPS Adapter ===
=== GPS Adapter ===
 
<pre>
<syntaxhighlight lang="bash">#configure gps adapter
gps=true
gps=true
gpsd=true
gpsd=true
gpsd-host=localhost
gpsd-host=localhost
gpsd-port=2947</syntaxhighlight>
gpsd-port=2947
<span id="wireless-adapter"></span>
</pre>
 
=== Wireless Adapter ===
=== Wireless Adapter ===
<pre>
ncsource=wlan0
</pre>


<syntaxhighlight lang="bash">#configure wireless adapter
ncsource=wlan0</syntaxhighlight>
<span id="logging"></span>
=== Logging ===
=== Logging ===
<pre>
logtypes=pcapdump,netxml
logtemplate=%n-%d-%i.%l
</pre>


<syntaxhighlight lang="bash">#configure logging
logtypes=pcapdump,netxml
logtemplate=%n-%d-%i.%l</syntaxhighlight>
<span id="web-ui"></span>
=== Web UI ===
=== Web UI ===
<pre>
web=true
webport=2501
</pre>


<syntaxhighlight lang="bash">#configure web ui
web=true
webport=2501</syntaxhighlight>
<span id="remote-capture"></span>
=== Remote Capture ===
=== Remote Capture ===
<pre>
remote=true
remotesource=wlan0
</pre>


<syntaxhighlight lang="bash">#configure remote capture
remote=true
remotesource=wlan0</syntaxhighlight>
<span id="plugins"></span>
=== Plugins ===
=== Plugins ===
<pre>
plugins=alert_log,db-log,db-sqlite,db-geoip
</pre>


<syntaxhighlight lang="bash">#configure plugins
plugins=alert_log,db-log,db-sqlite,db-geoip
#find more plugins here: https://github.com/topics/kismet-plugin</syntaxhighlight>
<span id="alerts"></span>
=== Alerts ===
=== Alerts ===
<pre>
alerts=alert_log,alert_syslog,alert_screens,alert_webhook
</pre>


<syntaxhighlight lang="bash">#configure alerts
alerts=alert_log,alert_syslog,alert_screens,alert_webhook</syntaxhighlight>
<span id="running-kismet"></span>
== Running Kismet ==
== Running Kismet ==
<pre>
# Run Kismet
./kismet


<syntaxhighlight lang="bash">#run kismet, from the kismet directory
# Common options
./kismet
-c <config file>   # Specify a config file
-n                # Don't start the UI
-f <log file>      # Log to a file
-t <log type>      # Log to a specific type
-l <log level>    # Log at a specific level
-p <plugin>        # Load a specific plugin
-u <user>          # Run as a specific user
-w <work dir>      # Specify a working directory
</pre>


== common options for kismet ==
= -c <config file> - specify a config file =
= -n - don't start the UI =
= -f <log file> - log to a file =
= -t <log type> - log to a specific type =
= -l <log level> - log at a specific level =
= -p <plugin> - load a specific plugin =
= -u <user> - run as a specific user =
= -w <work dir> - specify a working directory</syntaxhighlight> =
<span id="troubleshooting"></span>
== Troubleshooting ==
== Troubleshooting ==


<span id="gpsd-error"></span>
=== GPSD Error ===
=== GPSD Error ===
<span id="linux-1"></span>
==== Linux ====
==== Linux ====
 
<pre>
<syntaxhighlight lang="bash">#install gpsd
sudo apt install gpsd gpsd-clients
sudo apt install gpsd gpsd-clients
#start gpsd
sudo systemctl start gpsd
sudo systemctl start gpsd</syntaxhighlight>
</pre>
<span id="macos-1"></span>
==== MacOS ====


<syntaxhighlight lang="bash">#install gpsd
==== macOS ====
<pre>
brew install gpsd
brew install gpsd
#start gpsd
gpsd -N -D 2 /dev/ttyUSB0
gpsd -N -D 2 /dev/ttyUSB0</syntaxhighlight>
</pre>
<span id="usb-error"></span>
 
=== USB Error ===
=== USB Error ===
<span id="linux-2"></span>
==== Linux ====
==== Linux ====
<pre>
sudo usermod -aG kismet $USER
</pre>


<syntaxhighlight lang="bash">#add user to kismet group
==== macOS ====
sudo usermod -aG kismet $USER</syntaxhighlight>
<pre>
<span id="macos-2"></span>
sudo dseditgroup -o edit -a $USER -t user kismet
==== MacOS ====
</pre>


<syntaxhighlight lang="bash">#add user to kismet group
sudo dseditgroup -o edit -a $USER -t user kismet</syntaxhighlight>
<span id="faqs"></span>
== FAQs ==
== FAQs ==


<span id="how-do-i-add-an-sdr-as-a-data-source-in-kismet"></span>
=== How do I add an SDR as a data source in Kismet? ===
=== How do I add an SDR as a data source in Kismet? ===
Ensure SDR drivers are properly installed and add the appropriate SDR configuration to the Kismet data source settings.


To add an SDR as a data source, you must ensure your SDR drivers (such as those for RTLSDR) are properly installed and recognized by your system. In Kismet, navigate to the data source configuration section and add your SDR using the appropriate driver. For RTLSDR, this would typically involve adding <code>rtladsb</code> for ADS-B capture, <code>rtlamr</code> for AMR capture, or <code>rtl433</code> for general 433 MHz device capture.
<span id="why-is-my-gps-not-providing-accurate-data-to-kismet"></span>
=== Why is my GPS not providing accurate data to Kismet? ===
=== Why is my GPS not providing accurate data to Kismet? ===
Ensure your GPS device is correctly installed and has a clear line of sight to the sky. Use `gpsd` and tools like `cgps` to verify operation.


First, ensure your GPS device is correctly installed and recognized by your system, using tools like <code>gpsd</code> and <code>cgps</code> to verify its operation. GPS accuracy can degrade in buildings or areas with poor sky visibility. Placing the GPS receiver near a window or more open area might improve signal quality. Additionally, ensure Kismet is correctly configured to use GPS data by specifying the GPS source in its configuration.
=== Can I use Kismet for wardriving? ===
 
Yes. Configure Kismet to log data to disk, integrate GPS for location data, and use optimized wardriving settings.
<span id="can-i-use-kismet-for-wardriving-and-how"></span>
=== Can I use Kismet for wardriving, and how? ===
 
Kismet is highly effective for wardriving due to its passive monitoring capabilities. For wardriving, ensure you have a portable power source, a laptop or a Raspberry Pi with Kismet installed, and one or more compatible wireless interfaces. Configure Kismet to log data to disk and, if desired, integrate with a GPS device for geolocation tagging. Use Kismet’s wardriving mode for optimized settings.
 
<span id="how-can-i-improve-the-capture-range-of-my-sdr-in-kismet"></span>
=== How can I improve the capture range of my SDR in Kismet? ===
 
Improving capture range involves both software configurations and hardware enhancements. Ensure your SDR’s gain settings are optimized within Kismet or the SDR’s driver settings. On the hardware side, using higher-quality antennas suited to your monitoring frequency bands can significantly improve range. Directional antennas can provide a greater range in a specific direction, while omnidirectional antennas offer broader coverage.
 
<span id="what-is-the-best-way-to-manage-and-analyze-logs-collected-by-kismet"></span>
=== What is the best way to manage and analyze logs collected by Kismet? ===
 
Kismet generates logs in several formats, including the Kismetdb log format, which can be analyzed using Kismet’s tools or converted into more common formats like PCAP, CSV, or KML. Tools like Wireshark can analyze PCAP files for detailed packet inspection. For broader data analysis, including signal mapping and device tracking, converting logs to KML for use with geographic information systems (GIS) software or CSV for database and spreadsheet analysis can be effective.
 
<span id="can-kismet-monitor-bluetooth-devices-and-how"></span>
=== Can Kismet monitor Bluetooth devices, and how? ===
 
Yes, Kismet can monitor Bluetooth devices by using compatible Bluetooth interfaces. Ensure your system’s Bluetooth interface is supported by Kismet and correctly configured as a data source. Kismet can capture Bluetooth device advertisements and connections, providing insight into the presence and behavior of Bluetooth devices in the vicinity.


=== How can I improve the capture range of my SDR? ===
Optimize SDR gain settings and use high-quality antennas for your frequency range.


-----
=== Can Kismet monitor Bluetooth devices? ===
Yes. Use compatible Bluetooth interfaces and configure them in Kismet as data sources.


<span id="reference"></span>
== References ==
= Reference =
* [https://www.kismetwireless.net/ Kismet Official Site]
* [https://www.kismetwireless.net/docs/readme/intro/#passive-monitoring Passive Monitoring]
* [https://www.kismetwireless.net/docs/readme/quickstart/#compiling-quick-setup Quickstart Guide]


= https://www.kismetwireless.net/ =
[[Category:Kismet]]
= https://www.kismetwireless.net/docs/readme/intro/#passive-monitoring =
[[Category:Wireless Networking]]
= https://www.kismetwireless.net/docs/readme/quickstart/#compiling-quick-setup =
[[Category:Software Installation]]

Latest revision as of 18:53, 3 December 2024

What Is Kismet

Kismet is a wireless network and device detector, sniffer, wardriving tool, and WIDS (wireless intrusion detection) framework.

Kismet works with Wi-Fi and Bluetooth interfaces, SDR (software-defined radio) hardware like the RTLSDR, and other specialized capture hardware.

Kismet operates on Linux, macOS, and to a degree on Windows 10 under the WSL framework. On Linux, it supports most Wi-Fi cards, Bluetooth interfaces, and other hardware devices. On macOS, it works with built-in Wi-Fi interfaces, while on Windows 10, it supports remote captures.

Kismet operates passively (except for specific features like Bluetooth scanning). It is not typically an attack tool but focuses on collecting and analyzing wireless data. Logs generated by Kismet, such as PCAP files and handshakes, can be used with tools like Hashcat or Aircrack-NG for further analysis.

See the Kali Forum about Kismet

Installation

Linux

# Remove Kismet if installed
sudo apt autoremove kismet

# Install dependencies
sudo apt install -y build-essential git libwebsockets-dev pkg-config zlib1g-dev \
libnl-3-dev libnl-genl-3-dev libcap-dev libpcap-dev libnm-dev libdw-dev \
libsqlite3-dev libprotobuf-dev libprotobuf-c-dev protobuf-compiler protobuf-c-compiler \
libsensors4-dev libusb-1.0-0-dev python3 python3-setuptools python3-protobuf \
python3-requests python3-numpy python3-serial python3-usb python3-dev python3-websockets \
librtlsdr0 libubertooth-dev libbtbb-dev gpsd gpsd-clients

# Clone and build Kismet
git clone https://www.kismetwireless.net/git/kismet.git
cd kismet
./configure
make -j$(nproc)

macOS

# Install Xcode (if not installed)
xcode-select -p 1>/dev/null || xcode-select --install

# Install Homebrew and update
which -s brew || ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
brew update

# Install dependencies
brew install git pkg-config python3 libpcap protobuf protobuf-c pcre librtlsdr libbtbb \
ubertooth libusb openssl libwebsockets gpsd

# Clone and build Kismet
git clone https://www.kismetwireless.net/git/kismet.git
cd kismet
LDFLAGS=-L$(brew --prefix)/lib CPPFLAGS="-I$(brew --prefix)/include -I$(brew --prefix openssl)/include" ./configure
make -j$(nproc)
sudo usermod -aG kismet $USER

Configuration

Network Interface Card (NIC) Configuration

# List available wireless interfaces
iwconfig

# Edit Kismet configuration
cd kismet
nano kismet.conf

GPS Adapter

gps=true
gpsd=true
gpsd-host=localhost
gpsd-port=2947

Wireless Adapter

ncsource=wlan0

Logging

logtypes=pcapdump,netxml
logtemplate=%n-%d-%i.%l

Web UI

web=true
webport=2501

Remote Capture

remote=true
remotesource=wlan0

Plugins

plugins=alert_log,db-log,db-sqlite,db-geoip

Alerts

alerts=alert_log,alert_syslog,alert_screens,alert_webhook

Running Kismet

# Run Kismet
./kismet

# Common options
-c <config file>   # Specify a config file
-n                 # Don't start the UI
-f <log file>      # Log to a file
-t <log type>      # Log to a specific type
-l <log level>     # Log at a specific level
-p <plugin>        # Load a specific plugin
-u <user>          # Run as a specific user
-w <work dir>      # Specify a working directory

Troubleshooting

GPSD Error

Linux

sudo apt install gpsd gpsd-clients
sudo systemctl start gpsd

macOS

brew install gpsd
gpsd -N -D 2 /dev/ttyUSB0

USB Error

Linux

sudo usermod -aG kismet $USER

macOS

sudo dseditgroup -o edit -a $USER -t user kismet

FAQs

How do I add an SDR as a data source in Kismet?

Ensure SDR drivers are properly installed and add the appropriate SDR configuration to the Kismet data source settings.

Why is my GPS not providing accurate data to Kismet?

Ensure your GPS device is correctly installed and has a clear line of sight to the sky. Use `gpsd` and tools like `cgps` to verify operation.

Can I use Kismet for wardriving?

Yes. Configure Kismet to log data to disk, integrate GPS for location data, and use optimized wardriving settings.

How can I improve the capture range of my SDR?

Optimize SDR gain settings and use high-quality antennas for your frequency range.

Can Kismet monitor Bluetooth devices?

Yes. Use compatible Bluetooth interfaces and configure them in Kismet as data sources.

References

Retrieved from "https://irregularpedia.org/index.php?title=Kismet&oldid=1456"