traffic.
The challenge with this, though, is that you have to have specific interfaces.
According to the KillerBee website, the only devices that are supported are River
Loop ApiMote,
Atmel RZ RAVEN USB Stick, MoteIV Tmote Sky, TelosB mote, and
Sewino Sniffer.
The project page does indicate an intention to continue adding
support for additional
hardware devices. However, the majority of the source code hasn’t been touched in
three years as of this point in time. If you have the right devices, you can use the Kill‐
erBee package to scan for Zigbee devices. This may provide
you some insight into
building automation that may be used.
Summary
Wireless takes multiple forms, especially as more and more people and businesses are
using home automation. More and more, the wires are going away from our world.
Because of that, you will likely have to do some wireless testing somewhere.
Some key
ideas to take away from this chapter are as follows:
• 802.11, Bluetooth, and Zigbee are types of wireless networks.
• 802.11 clients and access points interact by using associations.
• Kismet can be used to scan for 802.11/WiFi networks to identify both the SSID
and BSSID.
• Security
issues with WEP, WPS, WPA, and WPA2 can lead to decryption of mes‐
sages.
• You need to enable monitor mode on wireless network interfaces in order to cap‐
ture radio headers.
•
aircrack-ng
and its associated tools can be used to scan and assess WiFi networks.
• Kali includes tools to scan for Bluetooth devices and identify services being
offered on devices that were found.
• Kali includes tools that can be used to scan Zigbee devices.
Useful Resources
•
KillerBee’s
GitHub Page
• Ric Messier’s
“Professional Guide to Wireless Network Hacking and Penetration
Testing” video
(Infinite Skills, 2015)
• United States Computer Emergency Readiness Team,
“Using Wireless Technol‐
ogy Securely”
(US-CERT, 2008)
