UGR/Experiment2
From charlesreid1
Contents
Experiment 2 Overview
Experiment 2 focuses on constructing a single step in the data pipeline: automating data acquisition from a sensor to run an experiment.
Experiment Summary:
- The Raspberry Pi runs a boot script that starts a Python script that puts the wireless card in monitor mode and uses airodump-ng to collect wireless network data.
Materials:
- Sensor hardware - in this case, a single Raspberry Pi with a wireless card
- Python script that controls wireless card, airodump-ng processes
- Boot script that calls Python script on boot
Methods:
- Remotely connect to Raspberry Pi via SSH
- Create Python script that controls wireless card and starts airodump-ng process for specified amount of time
- Start/stop airodump processes so CSV files are created at N-minute or N-second intervals
- Create boot script that runs Python script
Code:
- All of the code covered in this post is on Github: https://github.com/charlesreid1/wifi-data
Implementation
We'll assume you can connect to the Pi via SSH.
(Extraneous) Passwordless Login Raspberry Pi
Set up passwordless login following http://charlesreid1.com/wiki/SSH#Passwordless_Login
Then define the following alias in your .bashrc or wherever:
alias pi="pi"
function pi() {
ssh-agent > ~/ssh.file # env vars in ssh.file
chmod +x ~/ssh.file # execute file
~/ssh.file > /dev/null
rm -f ~/ssh.file
export IP="10.0.0.4"
ssh -Y root@${IP} # the actual ssh call
}
Now you can connect to the pi by typing:
$ pi
Create a Test Startup Service
Create a test startup service by doing the following.
Create a custom startup script in /etc/init.d/custom-script with the following contents:
root@kali:/etc/init.d# cat custom-script #! /bin/sh ### BEGIN INIT INFO # Provides: custom-script # Required-Start: $local_fs $remote_fs # Required-Stop: $local_fs $remote_fs # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # Short-Description: Here ya go buddy, custom script ### END INIT INFO set -e touch /root/ohai exit 0
Make the script executable with chmod +x custom-script
Make sure this is linked in the proper rcN.d/ folders by running update-rc.d custom-script defaults.
Now make sure there's no file rm /root/ohai and then run reboot. Once you reboot, you should see a file named ohai in the root directory.
Create Wifi Data Capture Startup Service
Create a real startup service that will start capturing wifi data on boot. Assume wifi card is wlan0. More info on Raspberry Pi startup service here: https://charlesreid1.com/wiki/RaspberryPi/Reverse_SSH
Starting with the Python script that will run airodump-ng and capture wifi data into CSV files:
capture_wifi_data.py
import subprocess
import os
import time
from datetime import datetime
script_name = "capture_wifi_data.py"
# each experiment will be Nhours in duration
Nhours = 2
# each CSV file will be Nseconds in duration
Nseconds = 15
# figure out how many files there will be
Nfiles = (Nhours*3600)/Nseconds
# create a unique file prefix for this experiment
prefix = datetime.now().strftime('%Y-%m-%d_%H-%m')
print("[%s] About to put card in monitor mode."%(script_name) )
subprocess.call(['ifconfig','wlan0','down'])
subprocess.call(['iwconfig','wlan0','mode','monitor'])
subprocess.call(['ifconfig','wlan0','up'])
print "Done."
for i in range(Nfiles):
# construct the airodump command and pipe all its output to /dev/null so it doesn't blow up the syslog
FNULL = open(os.devnull,'w')
the_cmd = ['airodump-ng','wlan0','-w',prefix,'--output-format','csv']
# call it
p = subprocess.Popen(the_cmd,stdout=FNULL, stderr=subprocess.STDOUT)
# wait for it
time.sleep(Nseconds)
# aaaaand bail
p.kill()
print("[%s] Success!"%s(script_name) )
This python script will run airodump in a way that redirects all of its output to /dev/null. THIS IS EXTREMELY IMPORTANT. If you don't redirect stdout, it will go into your syslog, and you will have 500 MB of airodump-ng output (refreshed/printed every second, unless you turn it off) in /var/log/syslog. Whoops.
That's the reason for the stdout/stderr redirects.
Now you can create a startup service to launch this Python script in the background:
/etc/init.d/capture-wifi-data
#! /bin/sh
### BEGIN INIT INFO
# Provides: capture-wifi-data
# Required-Start: $local_fs $remote_fs
# Required-Stop: $local_fs $remote_fs
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Capture wifi data.
### END INIT INFO
set -e
case "$1" in
start)
cd /root/wifi_data
/usr/bin/python capture_wifi_data.py
;;
stop)
pkill airodump-ng
;;
*)
exit 1
;;
esac
exit 0
You can enable the script with update-rc.d capture-wifi-data defaults. This will run a two-hour experiment, beginning at the point the Pi is plugged in.
More information at Kali Raspberry Pi/Startup Services
Creating Startup Service
To create the startup service without logging into the Pi, you can mount the SD card from Linux (or a Mac with FUSE or the ability to read ext4 filesystems) and modify the contents of the NON-BOOT partition of the SD card, which contains the Raspberry Pi file system.
You put your startup script into /sdcard/etc/init.d and then you symlink that startup script into whichever run levels you'd like, with the prefix S02, which indicates this is a runtime level 2 or higher service. (The Raspberry Pis boot into runtime level 2 by default, and sshd starts in runtime level 2.)
$ cd /sdcard/etc/init.d/ $ chmod +x capture-wifi-data $ ln -fs capture-wifi-data ../rc2.d/S02capture-wifi-data
and optionally, what you would do on a heavy duty system that uses multiple runtime levels,
ln -fs capture-wifi-data ../rc3.d/S02capture-wifi-data ln -fs capture-wifi-data ../rc4.d/S02capture-wifi-data ln -fs capture-wifi-data ../rc5.d/S02capture-wifi-data ln -fs capture-wifi-data ../rc6.d/S02capture-wifi-data
The Result
A nice haul of booty from an evening of scanning wifi networks:
