diff --git a/net/kismet/Makefile b/net/kismet/Makefile new file mode 100644 index 000000000..de609495a --- /dev/null +++ b/net/kismet/Makefile @@ -0,0 +1,142 @@ +# +# Copyright (C) 2006-2014 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=kismet +PKG_VERSION:=2013-03-R1b +PKG_RELEASE:=1 + +PKG_LICENSE:=LGPLv2.1 + +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz +PKG_SOURCE_URL:=http://www.kismetwireless.net/code +PKG_MD5SUM:=6cdcd78baf2e15edbe8a9de3c5493f02 + +PKG_BUILD_DEPENDS:=libpcap libncurses libpcre + +include $(INCLUDE_DIR)/uclibc++.mk +include $(INCLUDE_DIR)/package.mk + +define Package/kismet/Default + SECTION:=net + CATEGORY:=Network + TITLE:=Kismet + MAINTAINER:=Sebastian Wendel + DEPENDS:= $(CXX_DEPENDS) +libnl + URL:=http://www.kismetwireless.net/ + SUBMENU:=wireless +endef + +define Package/kismet/Default/description + An 802.11 layer2 wireless network detector, sniffer, and intrusion + detection system. +endef + +define Package/kismet-client/conffiles +/etc/kismet/kismet.conf +endef + +define Package/kismet-drone/conffiles +/etc/kismet/kismet_drone.conf +endef + +define Package/kismet-server/conffiles +/etc/kismet/kismet.conf +endef + +define Package/kismet-client +$(call Package/kismet/Default) + TITLE+= client + DEPENDS+= +libncurses +endef + +define Package/kismet-client/description +$(call Package/kismet/Default/description) + This package contains the kismet text interface client. +endef + +define Package/kismet-drone +$(call Package/kismet/Default) + DEPENDS+= +libpcap +libpcre +libcap +wireless-tools + TITLE+= drone +endef + +define Package/kismet-drone/description +$(call Package/kismet/Default/description) + This package contains the kismet remote sniffing.and monitoring drone. +endef + +define Package/kismet-server +$(call Package/kismet/Default) + DEPENDS+= +libpcap +libpcre +libcap +wireless-tools + TITLE+= server +endef + +define Package/kismet-server/description +$(call Package/kismet/Default/description) + This package contains the kismet server. +endef + +CONFIGURE_ARGS += \ + --sysconfdir=/etc/kismet \ + +CONFIGURE_VARS += \ + CXXFLAGS="$$$$CXXFLAGS -fno-rtti" \ + LIBS="-lm" \ + CLIENTCLIBS="-lm" + +define Build/Compile + $(MAKE) -C $(PKG_BUILD_DIR) \ + LD="$(TARGET_CXX)" \ + all +endef + +define Package/kismet/install + $(INSTALL_DIR) $(1)/usr/bin/ + $(INSTALL_BIN) $(PKG_BUILD_DIR)/scripts/kismet $(1)/usr/bin/kismet +endef + +define Package/kismet-client/install + $(INSTALL_DIR) $(1)/usr/bin + $(INSTALL_BIN) $(PKG_BUILD_DIR)/kismet_client $(1)/usr/bin/ + + $(INSTALL_DIR) $(1)/etc/kismet/ + $(INSTALL_CONF) ./files/kismet.conf $(1)/etc/kismet/ +endef + +define Package/kismet-drone/install + $(INSTALL_DIR) $(1)/usr/bin + $(INSTALL_BIN) $(PKG_BUILD_DIR)/kismet_drone $(1)/usr/bin/ + + $(INSTALL_DIR) $(1)/etc/kismet/ + $(INSTALL_CONF) ./files/kismet_drone.conf $(1)/etc/kismet/ + + $(INSTALL_DIR) $(1)/etc/config + $(INSTALL_CONF) ./files/kismet_drone.config $(1)/etc/config/kismet_drone + + $(INSTALL_DIR) $(1)/etc/init.d + $(INSTALL_BIN) ./files/kismet_drone.init $(1)/etc/init.d/kismet_drone +endef + +define Package/kismet-server/install + $(INSTALL_DIR) $(1)/usr/bin + $(INSTALL_BIN) $(PKG_BUILD_DIR)/kismet_server $(1)/usr/bin/ + + $(INSTALL_DIR) $(1)/etc/kismet/ + $(INSTALL_CONF) ./files/kismet.conf $(1)/etc/kismet/ + + $(INSTALL_DIR) $(1)/etc/config + $(INSTALL_CONF) ./files/kismet_server.config $(1)/etc/config/kismet_server + + $(INSTALL_DIR) $(1)/etc/init.d + $(INSTALL_BIN) ./files/kismet_server.init $(1)/etc/init.d/kismet_server +endef + +$(eval $(call BuildPackage,kismet-client)) +$(eval $(call BuildPackage,kismet-drone)) +$(eval $(call BuildPackage,kismet-server)) diff --git a/net/kismet/files/kismet.conf b/net/kismet/files/kismet.conf new file mode 100644 index 000000000..971f2e23d --- /dev/null +++ b/net/kismet/files/kismet.conf @@ -0,0 +1,304 @@ +# Kismet config file +# Most of the "static" configs have been moved to here -- the command line +# config was getting way too crowded and cryptic. We want functionality, +# not continually reading --help! + +# Version of Kismet config +version=2009-newcore + +# Name of server (Purely for organizational purposes) +# If commented out, defaults to host name of system +# servername=Kismet Server + +# Prefix of where we log (as used in the logtemplate later) +logprefix=/tmp + +# Do we process the contents of data frames? If this is enabled, data +# frames will be truncated to the headers only immediately after frame type +# detection. This will disable IP detection, etc, however it is likely +# safer (and definitely more polite) if monitoring networks you do not own. +# hidedata=true + +# Do we allow plugins to be used? This will load plugins from the system +# and user plugin directiories when set to true (See the README for the default +# plugin locations). +allowplugins=false + +# See the README for full information on the new source format +# ncsource=interface:options +# for example: +# ncsource=wifi0:type=madwifi +# ncsource=wlan0:name=intel,hop=false,channel=11 +ncsource=wlan0 + +# Comma-separated list of sources to enable. This is only needed if you defined +# multiple sources and only want to enable some of them. By default, all defined +# sources are enabled. +# For example, if sources with name=prismsource and name=ciscosource are defined, +# and you only want to enable those two: +# enablesources=prismsource,ciscosource + +# Control which channels we like to spend more time on. By default, the list +# of channels is pulled from the driver automatically. By setting preferred channels, +# if they are present in the channel list, they'll be set with a timing delay so that +# more time is spent on them. Since 1, 6, 11 are the common default channels, it makes +# sense to spend more time monitoring them. +# For finer control, see further down in the config for the channellist= directives. +preferredchannels=1,6,11 + +# How many channels per second do we hop? (1-10) +channelvelocity=3 + +# By setting the dwell time for channel hopping we override the channelvelocity +# setting above and dwell on each channel for the given number of seconds. +#channeldwell=10 + +# Channels are defined as: +# channellist=name:ch1,ch2,ch3 +# or +# channellist=name:range-start-end-width-offset,ch,range,ch,... +# +# Channels may be a numeric channel or a frequency +# +# Channels may specify an additional wait period. For common default channels, +# an additional wait period can be useful. Wait periods delay for that number +# of times per second - so a configuration hopping 10 times per second with a +# channel of 6:3 would delay 3/10ths of a second on channel 6. +# +# Channel lists may have up to 256 channels and ranges (combined). For power +# users scanning more than 256 channels with a single card, ranges must be used. +# +# Ranges are meant for "power users" who wish to define a very large number of +# channels. A range may specify channels or frequencies, and will automatically +# sort themselves to cover channels in a non-overlapping fashion. An example +# range for the normal 802.11b/g spectrum would be: +# +# range-1-11-3-1 +# +# which indicates starting at 1, ending at 11, a channel width of 3 channels, +# incrementing by one. A frequency based definition would be: +# +# range-2412-2462-22-5 +# +# since 11g channels are 22 mhz wide and 5 mhz apart. +# +# Ranges have the flaw that they cannot be shared between sources in a non-overlapping +# way, so multiple sources using the same range may hop in lockstep with each other +# and duplicate the coverage. +# +# channellist=demo:1:3,6:3,11:3,range-5000-6000-20-10 + +# Default channel lists +# These channel lists MUST BE PRESENT for Kismet to work properly. While it is +# possible to change these, it is not recommended. These are used when the supported +# channel list can not be found for the source; to force using these instead of +# the detected supported channels, override with channellist= in the source defintion +# +# IN GENERAL, if you think you want to modify these, what you REALLY want to do is +# copy them and use channellist= in the packet source. +channellist=IEEE80211b:1:3,6:3,11:3,2,7,3,8,4,9,5,10 +channellist=IEEE80211a:36,40,44,48,52,56,60,64,149,153,157,161,165 +channellist=IEEE80211ab:1:3,6:3,11:3,2,7,3,8,4,9,5,10,36,40,44,48,52,56,60,64,149,153,157,161,165 + +# Client/server listen config +listen=tcp://127.0.0.1:2501 +#listen=tcp://0.0.0.0:2501 + +# People allowed to connect, comma seperated IP addresses or network/mask +# blocks. Netmasks can be expressed as dotted quad (/255.255.255.0) or as +# numbers (/24) +allowedhosts=127.0.0.1 +# Maximum number of concurrent GUI's +maxclients=5 +# Maximum backlog before we start throwing out or killing clients. The +# bigger this number, the more memory and the more power it will use. +maxbacklog=5000 + +# Server + Drone config options. To have a Kismet server export live packets +# as if it were a drone, uncomment these. +# dronelisten=tcp://127.0.0.1:3501 +# droneallowedhosts=127.0.0.1 +# dronemaxclients=5 +# droneringlen=65535 + +# OUI file, expected format 00:11:22manufname +# IEEE OUI file used to look up manufacturer info. We default to the +# wireshark one since most people have that. +#ouifile=/usr/share/manuf + +# Do we have a GPS? +gps=false +# Do we use a locally serial attached GPS, or use a gpsd server, or +# use a fixed virtual gps? +# (Pick only one) +gpstype=gpsd +# Host:port that GPSD is running on. This can be localhost OR remote! +gpshost=localhost:2947 + + +# gpstype=serial +# What serial device do we look for the GPS on? +# gpsdevice=/dev/rfcomm0 + +# gpstype=virtual +# gpsposition=100,-50 +# gpsaltitude=1234 + +# Do we lock the mode? This overrides coordinates of lock "0", which will +# generate some bad information until you get a GPS lock, but it will +# fix problems with GPS units with broken NMEA that report lock 0 +gpsmodelock=false +# Do we try to reconnect if we lose our link to the GPS, or do we just +# let it die and be disabled? +gpsreconnect=true + +# Do we export packets over tun/tap virtual interfaces? +tuntap_export=false +# What virtual interface do we use +tuntap_device=kistap0 + +# Packet filtering options: +# filter_tracker - Packets filtered from the tracker are not processed or +# recorded in any way. +# filter_export - Controls what packets influence the exported CSV, network, +# xml, gps, etc files. +# All filtering options take arguments containing the type of address and +# addresses to be filtered. Valid address types are 'ANY', 'BSSID', +# 'SOURCE', and 'DEST'. Filtering can be inverted by the use of '!' before +# the address. For example, +# filter_tracker=ANY(!"00:00:DE:AD:BE:EF") +# has the same effect as the previous mac_filter config file option. +# filter_tracker=... +# filter_dump=... +# filter_export=... +# filter_netclient=... + +# Alerts to be reported and the throttling rates. +# alert=name,throttle/unit,burst +# The throttle/unit describes the number of alerts of this type that are +# sent per time unit. Valid time units are second, minute, hour, and day. +# Burst describes the number of alerts sent before throttling takes place. +# For example: +# alert=FOO,10/min,5 +# Would allow 5 alerts through before throttling is enabled, and will then +# limit the number of alerts to 10 per minute. +# A throttle rate of 0 disables throttling of the alert. +# See the README for a list of alert types. +alert=ADHOCCONFLICT,5/min,1/sec +alert=AIRJACKSSID,5/min,1/sec +alert=APSPOOF,10/min,1/sec +alert=BCASTDISCON,5/min,2/sec +alert=BSSTIMESTAMP,5/min,1/sec +alert=CHANCHANGE,5/min,1/sec +alert=CRYPTODROP,5/min,1/sec +alert=DISASSOCTRAFFIC,10/min,1/sec +alert=DEAUTHFLOOD,5/min,2/sec +alert=DEAUTHCODEINVALID,5/min,1/sec +alert=DISCONCODEINVALID,5/min,1/sec +alert=DHCPNAMECHANGE,5/min,1/sec +alert=DHCPOSCHANGE,5/min,1/sec +alert=DHCPCLIENTID,5/min,1/sec +alert=DHCPCONFLICT,10/min,1/sec +alert=NETSTUMBLER,5/min,1/sec +alert=LUCENTTEST,5/min,1/sec +alert=LONGSSID,5/min,1/sec +alert=MSFBCOMSSID,5/min,1/sec +alert=MSFDLINKRATE,5/min,1/sec +alert=MSFNETGEARBEACON,5/min,1/sec +alert=NULLPROBERESP,5/min,1/sec +alert=PROBENOJOIN,5/min,1/sec + +# Controls behavior of the APSPOOF alert. SSID may be a literal match (ssid=) or +# a regex (ssidregex=) if PCRE was available when kismet was built. The allowed +# MAC list must be comma-separated and enclosed in quotes if there are multiple +# MAC addresses allowed. MAC address masks are allowed. +#apspoof=Foo1:ssidregex="(?i:foobar)",validmacs=00:11:22:33:44:55 +#apspoof=Foo2:ssid="Foobar",validmacs="00:11:22:33:44:55,aa:bb:cc:dd:ee:ff" + +# Known WEP keys to decrypt, bssid,hexkey. This is only for networks where +# the keys are already known, and it may impact throughput on slower hardware. +# Multiple wepkey lines may be used for multiple BSSIDs. +# wepkey=00:DE:AD:C0:DE:00,FEEDFACEDEADBEEF01020304050607080900 + +# Is transmission of the keys to the client allowed? This may be a security +# risk for some. If you disable this, you will not be able to query keys from +# a client. +allowkeytransmit=true + +# How often (in seconds) do we write all our data files (0 to disable) +writeinterval=10 + +# Do we use sound? +# Not to be confused with GUI sound parameter, this controls wether or not the +# server itself will play sound. Primarily for headless or automated systems. +enablesound=false +# Path to sound player +soundbin=play + +sound=newnet,true +sound=newcryptnet,true +sound=packet,true +sound=gpslock,true +sound=gpslost,true +sound=alert,true + +# Does the server have speech? (Again, not to be confused with the GUI's speech) +enablespeech=false +# Binary used for speech (if not in path, full path must be specified) +speechbin=flite +# Specify raw or festival; Flite (and anything else that doesn't need formatting +# around the string to speak) is 'raw', festival requires the string be wrapped in +# SayText("...") +speechtype=raw + +# How do we speak? Valid options: +# speech Normal speech +# nato NATO spellings (alpha, bravo, charlie) +# spell Spell the letters out (aye, bee, sea) +speechencoding=nato + +speech=new,"New network detected s.s.i.d. %1 channel %2" +speech=alert,"Alert %1" +speech=gpslost,"G.P.S. signal lost" +speech=gpslock,"G.P.S. signal O.K." + +# How many alerts do we backlog for new clients? Only change this if you have +# a -very- low memory system and need those extra bytes, or if you have a high +# memory system and a huge number of alert conditions. +alertbacklog=50 + +# File types to log, comma seperated. Built-in log file types: +# alert Text file of alerts +# gpsxml XML per-packet GPS log +# nettxt Networks in text format +# netxml Networks in XML format +# pcapdump tcpdump/wireshark compatible pcap log file +# string All strings seen (increases CPU load) +logtypes=pcapdump,gpsxml,netxml,alert + +# Format of the pcap dump (PPI or 80211) +pcapdumpformat=ppi +# pcapdumpformat=80211 + +# Default log title +logdefault=Kismet + +# logtemplate - Filename logging template. +# This is, at first glance, really nasty and ugly, but you'll hardly ever +# have to touch it so don't complain too much. +# +# %p is replaced by the logging prefix + '/' +# %n is replaced by the logging instance name +# %d is replaced by the starting date as Mon-DD-YYYY +# %D is replaced by the current date as YYYYMMDD +# %t is replaced by the starting time as HH-MM-SS +# %i is replaced by the increment log in the case of multiple logs +# %l is replaced by the log type (pcapdump, strings, etc) +# %h is replaced by the home directory + +logtemplate=%p%n-%D-%t-%i.%l + +# Where state info, etc, is stored. You shouldnt ever need to change this. +# This is a directory. +configdir=%h/.kismet/ + diff --git a/net/kismet/files/kismet_drone.conf b/net/kismet/files/kismet_drone.conf new file mode 100644 index 000000000..bd165403c --- /dev/null +++ b/net/kismet/files/kismet_drone.conf @@ -0,0 +1,69 @@ +# Kismet drone config file + +version=newcore.1 + +# Name of drone server (informational) +servername=Kismet-Drone + +# Drone configuration +# Protocol, interface, and port to listen on +dronelisten=tcp://127.0.0.1:2502 +# Hosts allowed to connect, comma separated. May include netmasks. +# allowedhosts=127.0.0.1,10.10.10.0/255.255.255.0 +droneallowedhosts=127.0.0.1 +# Maximum number of drone clients +dronemaxclients=10 +droneringlen=65535 + +# Do we have a GPS? +gps=true +# Do we use a locally serial attached GPS, or use a gpsd server? +# (Pick only one) +gpstype=gpsd +# gpstype=serial +# What serial device do we look for the GPS on? +gpsdevice=/dev/rfcomm0 +# Host:port that GPSD is running on. This can be localhost OR remote! +gpshost=localhost:2947 +# Do we lock the mode? This overrides coordinates of lock "0", which will +# generate some bad information until you get a GPS lock, but it will +# fix problems with GPS units with broken NMEA that report lock 0 +gpsmodelock=false +# Do we try to reconnect if we lose our link to the GPS, or do we just +# let it die and be disabled? +gpsreconnect=true + +# See the README for full information on the new source format +# ncsource=interface:options +ncsource=null +# for example: +# ncsource=wlan0 +# ncsource=wifi0:type=madwifi +# ncsource=wlan0:name=intel,hop=false,channel=11 + +# Special per-source options +# sourceopts=[sourcename|*]:opt1,opt2 +# sourceopts=*:fuzzycrypt,weakvalidate + +# Comma-separated list of sources to enable, if you don't want to enable all +# the sources you defined. +# enablesource=source1,source2 + +# How many channels per second do we hop? (1-10) +channelvelocity=5 + +# By setting the dwell time for channel hopping we override the channelvelocity +# setting above and dwell on each channel for the given number of seconds. +#channeldwell=10 + +# Users outside the US might want to use this list: +# channellist=IEEE80211b:1,7,13,2,8,3,14,9,4,10,5,11,6,12 +channellist=IEEE80211b:1:3,6:3,11:3,2,7,3,8,4,9,5,10 + +# US IEEE 80211a +channellist=IEEE80211a:36,40,44,48,52,56,60,64,149,153,157,161,165 + +# Combo +channellist=IEEE80211ab:1:3,6:3,11:3,2,7,3,8,4,9,5,10,36,40,44,48,52,56,60,64,149,153,157,161,165 + + diff --git a/net/kismet/files/kismet_drone.config b/net/kismet/files/kismet_drone.config new file mode 100644 index 000000000..749505d11 --- /dev/null +++ b/net/kismet/files/kismet_drone.config @@ -0,0 +1,2 @@ +config kismet_drone + option enabled 0 diff --git a/net/kismet/files/kismet_drone.init b/net/kismet/files/kismet_drone.init new file mode 100755 index 000000000..2cbbe7edb --- /dev/null +++ b/net/kismet/files/kismet_drone.init @@ -0,0 +1,26 @@ +#!/bin/sh /etc/rc.common +# Copyright (C) 2013-2014 OpenWrt.org + +START=99 +STOP=99 + +USE_PROCD=1 +PROG=/usr/bin/kismet_drone +NAME=kismet_drone + +kismet_drone_instance() { + procd_open_instance + procd_set_param command "${PROG}" + procd_append_param command -f /etc/kismet/kismet_drone.conf -s + procd_set_param respawn + procd_close_instance +} + +start_service() { + config_load "${NAME}" + config_foreach kismet_drone_instance +} + +stop_service() { + service_stop "${PROG}" +} diff --git a/net/kismet/files/kismet_server.config b/net/kismet/files/kismet_server.config new file mode 100644 index 000000000..ad39f3e1c --- /dev/null +++ b/net/kismet/files/kismet_server.config @@ -0,0 +1,2 @@ +config kismet_server + option enabled 0 diff --git a/net/kismet/files/kismet_server.init b/net/kismet/files/kismet_server.init new file mode 100755 index 000000000..7d731e777 --- /dev/null +++ b/net/kismet/files/kismet_server.init @@ -0,0 +1,26 @@ +#!/bin/sh /etc/rc.common +# Copyright (C) 2013-2014 OpenWrt.org + +START=99 +STOP=99 + +USE_PROCD=1 +PROG=/usr/bin/kismet_server +NAME=kismet_server + +kismet_server_instance() { + procd_open_instance + procd_set_param command "${PROG}" + procd_append_param command -f /etc/kismet/kismet.conf -s + procd_set_param respawn + procd_close_instance +} + +start_service() { + config_load "${NAME}" + config_foreach kismet_server_instance +} + +stop_service() { + service_stop "${PROG}" +} diff --git a/net/kismet/patches/010-dont-add-host-include-paths.patch b/net/kismet/patches/010-dont-add-host-include-paths.patch new file mode 100644 index 000000000..23a87bdcf --- /dev/null +++ b/net/kismet/patches/010-dont-add-host-include-paths.patch @@ -0,0 +1,14 @@ +diff --git a/configure b/configure +index 6936a47..9a85269 100755 +--- a/configure ++++ b/configure +@@ -6980,9 +6980,6 @@ else + fi + + +-# Add additional cflags since some distros bury panel.h +-CPPFLAGS="$CPPFLAGS -I/usr/include/ncurses" +- + termcontrol="none"; + + if test "$wantclient" = "yes"; then