Thursday, December 22, 2016

how to setup a rasperry pi 2 model b for wlan sniffing

The setup described below is working with a Raspberry PI 2 Model B and Whezzy as Operating System. It is not working with Raspberry Pi 3 and Jessie.


I know that this WLAN dongle is not available anymore but their exists a lot of others also working in monitor mode.

Download latest version of wheezy for PI

If your PI is not direct accessible  you can also connect him to your router, check his IP and use  SSH (user pi password raspberry)

open a shell and use the following commands:

sudo apt-get update
sudo apt-get install wireshark
sudo apt-get install tshark
sudo service ifplugd stop
sudo ifconfig wlan0 down
sudo iwconfig wlan0 mode monitor
sudo ifconfig wlan0 up
sudo iwconfig wlan0 channel 3

My wlan device is named wlan0. you can check this with the command "iwconfig".
The router which I was trying to record the traffic is running on channel 3.
To check your router enter the command "sudo iwlist wlan0 scan" to get the channel.
You can also write a script which switches the channel periodically.

To record traffic you can now use wireshark (gui) or tshark (console).
Example how to filter only  HTTP traffic with tshark:

sudo tshark -i wlan0 -T fields -e "http.request.method" -e "http.response.code" -e "" -e "http.request.uri" -e "http.cookie" -e "http.authbasic"

This does only work for unencrypted WLANs to tamper HTTP traffic.