Categories
tech

Sparrow-Wifi – Next-Gen GUI-based WiFi And Bluetooth Analyzer For Linux

Sparrow-wifi has been constructed from the bottom as much as be the following era 2.4 GHz and 5 GHz Wifi spectral consciousness device. At its most elementary it supplies a extra complete GUI-based substitute for equipment like inSSIDer and linssid that runs particularly on linux. In its maximum complete use circumstances, sparrow-wifi integrates wifi, software-defined radio (hackrf), complicated bluetooth equipment (conventional and Ubertooth), conventional GPS (by means of gpsd), and drone/rover GPS by means of mavlink in one resolution.
Raspberry Pi segment for updates. A setup script is now incorporated to get the undertaking operating on Raspbian Stretch.]
Written totally in Python3, Sparrow-wifi has been designed for the next situations:

  • Basic wifi SSID identity
  • Wifi supply hunt – Switch from commonplace to seek mode to get more than one samples in step with 2nd and use the telemetry home windows to trace a wifi supply
  • 2.4 GHz and 5 GHz spectrum view – Overlay spectrums from Ubertooth (2.4 GHz) or HackRF (2.4 GHz and 5 GHz) in genuine time on best of the wifi spectrum (priceless in deficient connectivity troubleshooting when overlapping wifi does not appear to be the purpose)
  • Bluetooth identity – LE commercial listening with same old bluetooth, complete promiscuous mode in LE and vintage bluetooth with Ubertooth
  • Bluetooth supply hunt – Track LE commercial resources or iBeacons with the telemetry window
  • iBeacon commercial – Advertise your individual iBeacons
  • Remote operations – An agent is incorporated that gives all the GUI capability by means of a far flung agent the GUI can communicate to.
  • Drone/Rover operations – The agent may also be run on techniques akin to a Raspberry Pi and flown on a drone (its made a number of flights on a Solo 3DR), or hooked up to a rover in both GUI-controlled or independent scan/list modes.
  • The far flung agent is JSON-based so it may be built-in with different packages
  • Import/Export – Ability to import and export to/from CSV and JSON for simple integration and revisiualization. You too can simply run ‘iw dev scan’ and reserve it to a report and import that as smartly.
  • Produce Google maps when GPS coordinates are to be had for each came upon SSID’s / bluetooth gadgets or to devise the wifi telemetry through the years.

A couple of pattern screenshots. The first is the principle window appearing a fundamental wifi scan, the second one presentations the telemetry/monitoring window used for each Wifi and bluetooth monitoring.

Installation
sparrow-wifi makes use of python3, qt5, and qtchart for the UI. On a normal debian variant you’ll might have already got python3 and qt5 put in. The solely addition to run it’s qtchart. The following instructions must get you up and operating with wifi on each Ubuntu and Kali linux:

sudo apt-get set up python3-pip gpsd gpsd-clients python3-tk python3-setuptools
sudo pip3 set up QScintilla PyQtChart gps3 dronekit manuf python-dateutil numpy matplotlib

Some people were operating sparrow with a python virtualenv, in order for you to run it in an remoted python atmosphere, the next series must get you up and operating:

git clone https://github.com/ghostop14/sparrow-wifi
cd sparrow-wifi
virtualenv --python=python3 $HOME/sparrow
supply $HOME/sparrow/bin/turn on
pip3 set up gps3 python-dateutil requests pyqt5 pyqtchart numpy matplotlib
sudo python3 sparrow-wifi.py

NOTE: If you are seeking to run on a Raspberry Pi, see the Raspberry Pi segment under. Only the far flung agent has been run on a Pi, one of the GUI elements would not set up / arrange at the ARM platform.

Running sparrow-wifi
Because it wishes to make use of the usual command-line device ‘iw’ for wifi scans, it is important to run sparrow-wifi as root. Simply run this from the cloned listing:

sudo ./sparrow-wifi.py

WiFi Notes
One merchandise of observe on wifi scanning, particularly within the 5 GHz vary is to discover a card that works. It’s now not such a lot a subject with the ‘iw’ device, on the other hand in additional complicated configurations the place tracking mode is needed, it may be a subject.

Bluetooth
For people conversant in WiFi however ‘new’ to Bluetooth scanning, bluetooth is other sufficient that a few of what you could wish to see in response to wifi would possibly not be to be had (and might appear slightly irritating to start with). It all essentially comes right down to how bluetooth operates. Bluetooth makes use of frequency hopping throughout all of the 2.4 GHz vary, so it does not found in great blank unmarried channel buckets like wifi does. To complicate issues there’s a low power (BTLE) and Classic mode which are incompatible from an RF standpoint, so usually a bluetooth adapter can solely scan for one sort or the opposite at any given time.
Bluetooth gadgets also are usually solely discoverable when promoting (suppose broadcasting broadcasting). The solely different approach to in finding bluetooth gadgets is with a tool that may sniff all bluetooth packets out of the air, which same old bluetooth adapters do not do. Which is the place {hardware} like an Ubertooth are available to get a greater view of the bluetooth atmosphere. And after all then if they are now not transmitting you shouldn’t have anything else to move off of. And if you must catch packets being transmitted you could wish to scan/linger longer to look it, expanding scan body charges to so long as 30 seconds to a minute.
So with all that mentioned, with a normal / integrated bluetooth adapter, Sparrow-wifi can do commercial scanning for bluetooth low power (BTLE) gadgets. If they are promoting their transmit energy, it will try a variety calculation. This what the most recent iBeacon answers and merchandise do to be bodily locatable. However with multi-pathing, inside partitions, and so forth. do not be expecting an excessive stage of accuracy. As an added bonus, sparrow-wifi too can promote it its personal iBeacons for monitoring (this may well be helpful from a far flung agent to activate location discovery). However now not all bluetooth playing cards will promote it transmit energy so that you would possibly not all the time get vary. If you do have an Ubertooth, sparrow-wifi can use it for promiscuous discovery of each BTLE and vintage bluetooth gadgets. Of path there is a tradeoff. Traditional LE scans replace quicker for monitoring which is more uncomplicated for bluetooth ‘hunt’, on the other hand promiscuous mode can determine extra gadgets on the expense of wanting to linger lon ger to pay attention.
If you want to scan for bluetooth, you can want a couple of issues:

  1. A bluetooth adapter (take a look at with ‘hcitool dev’ to ensure it presentations up). With an adapter you’ll do fundamental BTLE commercial and iBeacon scans.
  2. [Optional ] An Ubertooth for promiscuous discovery scans (BTLE and Classic Bluetooth)
    • Ubertooth equipment put in and functioning (you’ll take a look at it with ubertooth-specan-ui)
    • Blue Hydra put in into /decide/bluetooth/blue_hydra (mkdir /decide/bluetooth && cd /decide/bluetooth && git clone https://github.com/pwnieexpress/blue_hydra.git). Then you should definitely’ve adopted the blue_hydra set up directions. You can take a look at it with bin/blue_hydra. This msut be in /decide/bluetooth/blue_hydra or the app would possibly not in finding it.

I strongly counsel operating ‘hcitool lescan’ from the command-line first to ensure the whole lot is operating k. If you’ve gotten an Ubertooth, run ubertooth-specan-ui and run blue_hydra to ensure the ones equipment paintings correctly sooner than making an attempt in sparrow-wifi.
Some troubleshooting guidelines:

  • If you do not see any gadgets with a fundamental LE commercial scan, check out “hcitool lescan” from the command-line and spot when you get any mistakes. If so deal with them there. Sometimes a handy guide a rough “hciconfig hci0 down && hciconfig hci0 up” can repair it.
  • If you’ve gotten an Ubertooth and do not see any spectrum check out operating ubertooth-specan or ubertooth-specan-ui from the command line. If you get any mistakes deal with them there.

Spectrum
Near real-time spectral overlays in each spectrums is one characteristic that differentiates sparrow-wifi from different wifi equipment. To get spectral overlays, two choices are to be had. The more economical method is to make use of an Ubertooth One. Spectrum scanning is one of the options of the {hardware} with 1 MHz channel solution. The problem is that Ubertooth is simply targeted at the 2.4 GHz spectrum (finally that is the place bluetooth purposes), so that you will be unable to scan the 5 GHz vary. If you’ve gotten extra enjoy and/or {hardware} fascinated by software-defined radio (SDR) and feature a HackRF One to be had, whilst a bit of costlier an choice, you’ll scan each the 2.4 (with 0.5 MHz solution) and 5 GHz (with 2 MHz solution) spectrum levels. The subsequent 2 sections supply some main points distinctive to every {hardware} instrument. In common the objective of sparrow-wifi have been body charges of about 10 fps native and 5 fps by means of the far flung agent (relying on far flung {hardware} and community connectivity).
The following screenshot presentations a 2.4 GHz standpoint with an Ubertooth spectrum (with 1 MHz containers) overlay. It’s fairly fascinating to observe the spectrum when bluetooth gadgets also are energetic. You can apply the bluetooth channel hopping within the spectrum. There are different protocols akin to zigbee and different IoT protocols, even cordless telephones that might also display up within the 2.4 GHz spectrum that may now not in a different way display up on a wifi-only view. Having the spectral overlay supplies a useful standpoint on different interference within the spectrum for troubleshooting say as an example if no overlapping wi-fi channels appear to be the supply of deficient connectivity.

Ubertooth One
Once you get an Ubertooth One, the very first thing you must do is download and construct the most recent equipment and flash it with the most recent firmware model. With that during position, check out operating ubertooth-specan-ui for a pleasing fast graphical spectrum show. If that is operating, the Ubertooth must paintings high quality in sparrow-wifi (simply shut any operating Ubertooth equipment sooner than making an attempt to show the spectrum). Sparrow-wifi will routinely stumble on that the Ubertooth is provide and the equipment are to be had on startup and permit the correct menu alternatives. Note that when you birth sparrow-wifi with out the Ubertooth hooked up, simply shut sparrow-wifi and reopen it and it must see it. You can manually take a look at it with lsusb to look that the Ubertooth is provide.

HackRF One
HackRF fortify has been added to make the most of the hackrf_sweep functions added to the HackRF firmware. With a HackRF you’ll sweep all of the vary for a view of the spectrum. While hackrf_sweep can sweep from 2.4 GHz thru 5 GHz, the body charge is simply too sluggish (like 1 body each 2 seconds), so you’ll use it for solely one band at a time. With that mentioned, when you have each an Ubertooth and a HackRF, you want to use the Ubertooth to show the 2.4 GHz band and the HackRF to show the 5 GHz band concurrently.
IMPORTANT: Standard RF and antenna laws follow. If you need to observe both band, you should definitely have an antenna able to receiving in that band (the usual telescoping HackRF antenna almost certainly would possibly not paintings as it is just rated as much as 1 GHz). And when you do wish to snatch an exterior dual-band antenna used on wi-fi playing cards, simply observe that the connector polarity is usually reversed (rp-sma reasonably than the sma connector at the HackRF) so you can wish to snatch an adapter to glue it to the HackRF (they are just a couple greenbacks on Amazon). An RP-SMA antenna will screw directly to the SMA connector however the middle pin is not there so you will not if truth be told obtain anything else. Just a phrase of warning.
Notes: The 5 GHz spectrum, even with a dual-band antenna may also be tough to look indicators in the similar means as in 2.4 GHz. The SNR for 5 GHz turns out a lot not up to 2.4 GHz. Some of this may well be attributed to the HackRF as 5 GHz is getting in opposition to the threshold of its useable frequency vary, whilst a part of it may also be attributed to 5 GHz now not penetrating partitions, ceilings, and so forth. in addition to 2.4 GHz. Sometimes the 5 GHz band presentations higher in a waterfall plot to differentiate an energetic sign, but when that is what you want check out the device qspectrumanalyzer.
Troubleshooting guidelines:

  • If you do not see any spectrum in any respect check out operating hackrf_sweep from the command-line. If you get any mistakes, deal with them there.

GPS
Sparrow-wifi depends upon gpsd to offer same old GPS communications. During trying out there have been quite a lot of GPS-related problems value being acutely aware of. First when it comes to GPS receivers, you should definitely get one that works with gpsd. I’ve examined it with a GlobalSAT ND-105C Micro USB receiver. I’ve extensively utilized a GPS app on an android instrument to offer GPS over bluetooth (even if this takes some tinkering, and would preclude the usage of the bluetooth adapter for scanning whilst the usage of it for GPS).
So the primary essential observe is at the GPS receiver aspect. If you might be making plans on the usage of the GPS receiver indoors, you could wish to be certain that the GPS you get particularly states it’s going to paintings indoors. Anyone with a Garmin or different out of doors sports activities GPS machine could also be mindful that they generally tend not to synchronize with satellites smartly whilst indoors. The inventory GPS at the Solo 3DR drone is similar means as is the GlobalSAT receiver. When they are with reference to home windows, and so forth. they’ll in any case sync up after a while, however reception indoors is not nice and if you are in an place of work construction or different steel/concrete construction, the receiver will have a tricky time receiving the satellite tv for pc indicators. So stay this in thoughts when choosing a GPS receiver.
In phrases of having the receiver to paintings with gpsd, there have been some demanding situations that have been encountered getting it to paintings. First, one of the best ways to check the gps is to prevent the gpsd provider (provider gpsd forestall), and run gpsd from the command-line with debugging enabled. If you’ve gotten a USB-based GPS you must see a tool that appears like /dev/ttyUSB0 display up when it is hooked up. If that is the case, a command very similar to this may birth gpsd within the foreground for a fast take a look at:

gpsd -D 2 -N /dev/ttyUSB0

If you spot excellent knowledge, you’ll daemonize it through simply doing away with the -N parameter. On Ubuntu, modifying /and so forth/default/gpsd and particularly striking /dev/ttyUSB0 within the instrument parameter and restarting the provider labored high quality. However on Kali linux and the Raspberry Pi, the similar procedure did not paintings as though the gpsd provider was once ignoring the parameter. In the ones circumstances, the GPS provider was once set not to auto-start and the gpsd daemon was once began manually from the command-line with the command ‘gpsd /dev/ttyUSB0’.
Once the daemon is up and dealing, xgps is a device that is a part of the gpsd-clients package deal that gives a actually great GUI to test GPS and satellite tv for pc standing. If you run xgps it’s going to inform you when the receiver is synchronized and come up with quite a lot of different parameters to ensure it’s operating accurately. If the whole lot seems love it’s operating with xgps, then sparrow-wifi must be capable to pull the information as another gpsd shopper would.

Running sparrow-wifi far flung agent
Because the agent has the similar necessities because the GUI when it comes to machine get entry to, it is important to run the agent as root as smartly. Simply run:

sudo ./sparrowwifiagent.py

By default it’s going to pay attention on port 8020. There are quite a lot of choices that may be noticed with –help, and an area configuration report may also be used.
An change port may also be specified with:

sudo ./sparrowwifiagent.py --port=<myport>

There are quite a lot of choices together with IP connection restrictions and record-local-on-start. Here’s the –help parameter record at the moment:

utilization: sparrowwifiagent.py [-h] [--port PORT] [--allowedips ALLOWEDIPS]
[--mavlinkgps MAVLINKGPS] [--sendannounce]
[--userpileds] [--recordinterface RECORDINTERFACE]
[--ignorecfg] [--cfgfile CFGFILE]
[--delaystart DELAYSTART]

Sparrow-wifi agent

not obligatory arguments:
-h, --help display this assist message and go out
--port PORT Port for HTTP server to pay attention on
--allowedips ALLOWEDIPS
IP addresses allowed to connect with this agent. Default
is any. This could be a comma-separated record for
more than one IP addresses
--mavlinkgps MAVLINKGPS
Use Mavlink (drone) for GPS. Options are: '3dr' for a
Solo, 'sitl' for native simulator, or complete connection
string ('udp/tcp::' akin to:
'udp:10.1.1.10:14550')
--sendannounce Send a UDP broadcast packet at the specified port to
announce presence
--userpileds Use RPi LEDs to sign state. Red=GPS
[off=None,blinking=Unsynchronized,solid=synchronized],
Green=Agent Running [On=Running, blinking=servicing
HTTP request]
--recordinterface RECORDINTERFACE
Automatically birth recording in the neighborhood with the given
wi-fi interface (headless mode) in a recordings
listing
--ignorecfg Don't load any config information (helpful for overriding
and/or trying out)
--cfgfile CFGFILE Use the desired config report reasonably than the default
sparrowwifiagent.cfg report
--delaystart DELAYSTART
Wait seconds sooner than initializing

Drone / Rover Operations
Being ready to “conflict fly” (the drone equivilent of “wardriving” well-liked within the wifi global) was once every other objective of the undertaking. As a consequence, having the ability to have a light-weight agent which may be run on a small platform akin to a Raspberry Pi which may be fixed on a drone was once included into the design necessities. The agent has been flown effectively on a Solo 3DR drone (retaining the full weight underneath the 350 g payload weight).
The Solo was once an ideal selection for the undertaking for the reason that controller acts as a wifi get entry to level and communicates with the drone over a standard IP community the usage of the mavlink protocol. This lets in different gadgets akin to laptops, capsules, and the Raspberry Pi to easily sign up for the controller wifi community and feature IP connectivity. This was once essential for box operations because it stored the operational complexity down.
Because those drones have onboard GPS as a part of their fundamental capability, it is imaginable over mavlink (with the assistance of dronekit) to tug GPS coordinates immediately from the drone’s GPS. This is helping stay the full payload weight down as an extra GPS receiver does now not wish to be flown as a part of the payload. Also, in an effort to stay the choice of duties required through the drone operator to a minimal all the way through flight, the agent may also be began, stay up for the drone GPS to be synchronized, use the Raspberry Pi lighting to sign operational readiness, and routinely birth recording wifi networks to an area report. The GUI then supplies an interface to retrieve the ones remotely stored information and pull again for visualisation.
This state of affairs has been examined with a Cisco AE1000 dual-band adapter hooked up to the Pi. Note although that I bumped into a subject scanning 5 GHz from the Pi that I in any case discovered the answer for. With a dual-band adapter, if you do not disable the inner Pi wi-fi adapter you will not get any 5 GHz effects (this can be a identified factor). What you can wish to do is disable the onboard wifi through modifying /boot/config.txt and including the next line then reboot ‘dtoverlay=pi3-disable-wifi’. Now you are able to scan each bands from the Pi.
The fastest approach to birth the agent on a Raspberry Pi (IMPORTANT: see the Raspbery Pi segment first, if you are operating Raspian Squeeze, you can wish to construct Python 3.5 first (Stretch already has 3.5) to run the agent for the reason that subprocess instructions used have been to begin with got rid of from python3 then put again in 3.5) and pull GPS from a Solo drone is to start out it with the next command at the Pi:

sudo python3.5 ./sparrowwifiagent.py --userpileds --sendannounce --mavlinkgps 3dr

The Raspberry Pi crimson and inexperienced LED’s will then be used as visible signs transitioning thru the next states:

  1. Both lighting off – Initializing
  2. Red LED Heartbeat – Connected to the drone (dronekit automobile attach was once a success)
  3. Red LED Solid – Connected and GPS synchronized and operational (the drone can take a few mins for the GPS to settle as a part of its fundamental flight initialization)
  4. Green LED Solid – Agent HTTP server is up and the agent is operational and in a position to serve requests

Note: Without the mavlink environment, if the usage of an area GPS module, the crimson LED will transition thru the similar heartbeat=GPS provide however unsynchronized, cast = GPS synchronized states.
If you would not have a 2nd set of arms whilst flying your drone and wish to fly the Pi with no need to fret concerning the agent, you’ll birth the agent in auto-record mode. There are a couple of scripts within the scripts listing that birth with ‘rpi’ that may be scheduled for tracking the agent and beginning it as suitable. The general purpose is a headless configuration the place the Pi begins up (you can wish to configure the wifi at the Pi forward of time to routinely hook up with the controller wifi community), the agent will likely be began and routinely pass into wifi list mode the usage of the drone’s gps for recording. Once you are achieved the sparrow-wifi agent menu provides you with a display screen to control the information within the recordings listing at the agent and download or delete the information there. These scripts within the scripts listing are simply samples. It is extremely really helpful that you simply customise them and the Pi integration to satisfy your particular wishes, and through all way stay protection (and federal regula tions) in thoughts when doing anything else with a drone as you are accountable for each.

Raspberry Pi Notes

Raspbian Stretch
Raspbian Stretch now comprises the proper model of Python, so not more customized python builds. The solely factor that must be customized treated is that PyQTChart isn’t within the apt repository or to be had by means of pip to construct on raspbian. However, thank you to parents over at this thread: https://github.com/mu-editor/mu/problems/441, I’ve been ready to breed their pyqtchart construct procedure on Raspbian Stretch. So to make everybody’s existence more uncomplicated, there may be now a script incorporated with the undertaking referred to as rpi.setup_prerequisites.sh. Sudo that script first, then Sparrow “must” be just right for you. I examined it on a Pi 3B board with the 7″ touchscreen and it really works nice.

Raspbian Jesse
You can run the far flung agent on a Raspberry pi, on the other hand the set up necessities are slightly other. First, Python3 didn’t come with one of the subprocess module functions within the preliminary 3.x variations previous to 3.5. However they did put them again in from 3.5 ahead. In phrases of Raspian builds, Raspbian Squeeze solely has Python 3.4.x within the repository. So step one will likely be to download and construct Python 3.5. However if you are operating on Debian Stretch (the most recent as of now), you’ll skip the 3.5 construct. The repositories do have Python 3.5.
You can use the next series to construct python if you want to (it is important to apt-get set up libsqlite3-dev previous to construction Python since it is inbuilt at collect time now):

sudo apt-get set up libsqlite3-dev

cd /tmp
wget https://www.python.org/ftp/python/3.5.5/Python-3.5.5.tgz
tar -zxvf Python-3.5.5.tgz
cd Python-3.5.5
./configure && make -j3 && sudo make set up

Once this is achieved, set up the important modules into the 3.5 construct: sudo pip3.5 set up gps3 dronekit manuf python-dateutil
Then you’ll run the agent immediately with instructions like this:

/usr/native/bin/python3.5 ./sparrowwifiagent.py

/usr/native/bin/python3.5 ./sparrowwifiagent.py --mavlinkgps=3dr --recordinterface=wlan0

Note that when you omit to particularly birth them with 3.5 you’ll get an exception thrown since a subprocess serve as will likely be lacking.
Another essential observe about the usage of twin band USB wi-fi adapters at the Raspberry Pi (examined on a Pi 3), is that so long as the inner wi-fi is enabled, Raspbian would possibly not see the 5 GHz band.
Add this line to your /boot/config.txt to disable the inner wi-fi, then your dual-band USB wi-fi will be capable to see the 5 GHz band:

dtoverlay=pi3-disable-wifi

The crimson and inexperienced LED’s are extensively utilized at the Raspberry Pi to offer some visible comments:

  1. Both lighting off – Initializing
  2. Red LED Heartbeat – gpsd discovered however unsynchronized (crimson mild will keep off if gpsd isn’t put in or now not operating)
  3. Red LED Solid – gpsd receiver synchronized
  4. Green LED Solid – Agent HTTP server is up and the agent is operational and in a position to serve requests
Download Sparrow-Wifi