I'm trying to setup a proof of concept for indoor positioning using WIFI
. The idea is to place a few WIFI
adapters in several locations in a small building, each tracking signal strength and MAC
address and storing it in a database. Based on the signal strength to different adapters at the same time, we can get an (in)accurate position of the device (MAC
).
There are two SSIDs
in the building, both with WPA-PWD
encryption. There will also be devices that are not associated with the network. Since I don't want to install 3 adapters on each location (one for each network) I want to get the signal strength in monitor mode and only switch the channel between the two SSIDs
.
Using Kali
and tshark
i'm able to capture the signal strength using:
tshark -i mon0 -T fields -e wlan.sa -e radiotap.dbm_antsignal
The problem however is that I receive very little data from my test device (android phone). If I open the WIFI
manager and it start scanning for networks in the area I capture the broadcast packets, but no other data at all. I suspected it to be because of the WPA
encryption and changed to an open network and it worked. I see a constant stream of packets from my android phone.
I turned back to the WPA
network and setup tshark
using decryption
tshark -i mon0 -o wlan.enable_decryption:TRUE -o "uat:80211_keys:\"wpa-pwd\",\"Passphrase:SSID\""
I disconnected my phone from the network, enabled monitor mode and then reconnected the device, to make sure I received the four-way handshake
. Now I do receive some data packets, but nowhere near the amount I'm actually sending/downloading. At moments I receive about 10 a minute and then nothing at all for a few minutes.
I tried with the folowing setups
Kali linux
in VMWare
on windows 10, with an ALFA AWUS036H
(RT8187 chipset)- I dont receive any data packets from
WPA
protected networks Kali linux ARM
on Raspberry Pi 3 model b
, same USB adapter- I dont receive any data packets from
WPA
protected networks Kali linux
live boot USB, Qualcomm Atheros AR938x
adapter- I receive a few datapackets from
WPA
protected networks
My questions:
- Is decrypting necessary if I only want
MAC
and signal strength? - Why don't I receive most of the data packets being sent?
- Is there a better way to use
WIFI
for IPS
?
asked 10 Apr '17, 06:28
DrZiggy
6●1●1●3
accept rate: 0%