The term wardriving came from hackers driving around in a car collecting wireless data. However, Wardrving can be done just walking around with a laptop or cell phone. The pourpose of using a pi to wardrive is we can add peripherals to the pi that make it very portable and capable of capturing large amounts of wifi and gps data mobily. This article contains all someone needs to know to put together, program, and utilize a Rasberry Pi for wardriving. By the end of this guide, it will be as simple as plugging in the pi for it to start collecting data.

Components

You can modifly your wardriving Pi with countless of different configurations of wifi adapeters, external storage, and gps interfaces. The links listed here are just the exact components I used to build the one in the image below.

• Raspberry Pi 3: This credit card sized computer will be the heart of the wardriving operation.

• Micro SD Card: This acts as the harddrive for the opperating system. Not every SD card works with Pi’s but I know this particular model of SD cards works.

• Battery: This battery is what makes the Pi extremely mobile.Any portable battery with a micro usb will work.

• GPS: This allows us to collect GPS data.

• Wifi: The Pi 3 already comes with a wifi adapter, however this one linked is much more powerful.

• SSD: More external storage allows the Pi to collect data for extended periods of time. Thumb drives and external hardrives will work too.

• Case: A case to protect the Pi. Also makes it easier to wrap it all together for style points.

• Ethernet Cable: This is needed for this guide as I like to program the Pi headless. No extra monitor, keyboard or mouse is needed if you can ssh into the pi over ethernet.

Headless Setup

1. Download Kali Image for Pi

This link will give you the 64 bit image for rasberry pi 3.

2. Flash Image to Micro Sd Card

For Windows, use Rufus, as for linux…

Plug in your SD card and type:
fdisk -l

You’ll see information about all the storage devices on your system, at the very bottom should be the name of SD card. Mine is named /dev/sdg but yours would most likely have a different letter at the end.

The next command flashes your SD card.
sudo dd bs=1M if=/location/of/image of=/dev/sdX

Make sure you have the right /dev/sdX or you may destroy your whole system :)

3. SSH into Kali Pi

The Kali Linux install is pre-enabled for SSH connections. Next we oughta plug in our Pi to another computer with the Ethernet cable.

Mess with your network settings with a program called nm-connection-editor. Open up the program then go to new ethernet > ipv4 settings > method > shared with other computers.

Make sure all other wired connections are also set to: shared with other computers

With the pi is pluged in and turned on, you should be able to find the IP of the pi with the arp command:
arp -a

You should be able to ssh into the pi with this:
ssh [email protected]

Once in, change the password and update the system:
passwd root
apt update
apt upgrade
apt dist-upgrade

Setting up Kismet and GPSD

Kismet and GPSD used in conjunction will be great software for collecting wifi and GPS data.
apt install kismet gpsd

To make sure a GPS device is being detected type
dmesg | grep tty
Your device should be named ‘ttyUSB0’ by default.

After alot of trail and error I’ve found this command gets the gps device running:
gpsd -N -D3 -F /var/run/gpsd.sock /dev/ttyUSB0

Lets mount our extra storage. Type this to find name of it:
fdisk -l

Then you need somewhere to mount it, I like to mount it in a folder at root for easy of access:
mkdir ssd
mount /dev/sdX /root/ssd

Now to make two small config file changes for kismet:
vim /etc/kismet/kismet.conf
Go to the bottom of the file and type this:

ncsource=wlan0
ncsource=wlan1
ncsource=wlan0mon
ncsource=wlan1mon

This pretty much ensures that kismet will detect our wireless interface.

logprefix=/root/ssd

This directs the data kismet collects into our external storage.

Now it’s all set, type kismet in a terminal and it’ll all come together. It make take a few seconds for the gps to start up but don’t fret.

However, to make this a “plug and play” system, we’ll have to do some extra programming to get the Rasberry Pi to start on boot. It may be annoying after a while to have to log into ssh, run the gpsd command then the kismet command to get it started. If you don’t care about that, just skip the next section right to “Making Sense of the Data”.

Starting GPSD and Kismet on Boot

With the following configurations, all it takes to start collecting data is to plug in the battery and start driving, because the programs will start automatically on boot!

To get GPSD to start on boot check the following file:
vim /etc/default/gpsd
Make sure the following are in the file, if not, just type them in.

START_DAEMON=“true”
DEVICES="/dev/ttyUSB0"

Then type this to set the configurations:
dpkg-reconfigure gpsd
Then reboot the system:
reboot
Once booted back up, type this to get gpsd to run on boot:
systemctl enable gpsd

Next time you reboot the system, use this command to check if gpsd is running:
ps aux | grep gpsd

If you get some strange error and the gpsd start daemon just isn’t working, try this fix, it worked for me:
sudo ln -s /lib/systemd/system/gpsd.service /etc/systemd/system/multi-user.target.wants

For kismet, we are going to have to make our own start up script. By “make our own” I mean you ought to copy paste my script that I copy pasted from someone else.
vim /etc/init.d/kismet
Paste this script into the file:

#!/bin/sh
### BEGIN INIT INFO
# Provides:              kismet
# Required-Start:     $all
# Required-Stop:     $local_fs $remote_fs $syslog $network
# Default-Start:         3 4 5
# Default-Stop:         0 1 6
# Short-Description:     Start kismet at boot time
# Description:         Starts kismet at boot time
### END INIT INFO

case "$1" in
start)
echo "Starting kismet"
/bin/sleep 30
/usr/bin/kismet_server --daemonize
;;
stop)
echo "Stopping kismet"
killall kismet_server
;;
*)
echo "Usage: /etc/init.d/kismet start|stop"
exit 1
;;
esac

exit 0

To make the script executable:
chmod +x /etc/init.d/kismet
Then update rc:
update-rc.d kismet defaults

Then reboot the system and see if it’s running:
ps aux | grep kismet

Making Sense of the Data

You have quite a few options of what to do with the data. Load it into wireshark or convert it into a .db file with GISKismet. The coolest and easiest way to get results with the data is to use a website called https://wigle.net.

With Wigle.net it’s as simple as making an account and uploading the files you’ve collected. On the map, tick off the “Only Discovered By Me” box and find where your travels have taken you on the map. The SSID’s and BSSID’s you’ve collected should show up on the map in little purple dots where they are located.