Understand and measure signal strength with Wifi Pineapple

It’s a long title for a tutorial this time. Don’t worry I will try my best to make it short and understandable. Many people wonder why there penetration of Wifi networks not really works and forget about an very important point: “Wifi Signal Strength”. But what is it? How can I measure it? Do I need to buy expensive software? Here a try to enlighten you. For this explanation I will use the Wifi Pineapple device with some command line tools and a nice UI module.

Objectiv

Understand the basics of Wifi Signal Strength and learn how to measure it.

Precondition

Wifi Pineapple device incl. SSH connection into it plus internet connection (to download the module).

The basics

The WiFi signal strength is given as the logarithmic (not linear) unit of measurement of the power dBm. Decibels are relative to milliwatts and are expressed as a negative number from 0 to -100. For example, a signal value of -50 is much stronger than a signal value of -70. A difference of 3 dBm is therefore halving or doubling the strength of the previous value. The following table should give some information about the values.

Signal strengthQualityDescription
-30 dBmExcellentOne of the best values ​​that can be achieved.
-50 dBmGoodAn very good signal level which allows all applications in the network.
-70 dBmAcceptableNot a good value, there are already severe application problems.
-90 dBmVery badVery bad value, there is usually no connection here.

The measurement

Now let’s get to the measurement quickly. Start the Wifi Pineapple and connect.

# SSH into Wifi Pineapple device
$ ssh root@192.168.2.10

Let’s take a look at the values ​​of the wifi devices themselves (these will be different).

# show statistics on each wireless interface in the system
$ cat /proc/net/wireless

# show interface configuration with ifconfig
$ ifconfig wlan0
$ ifconfig wlan1

# show interface configuration with iwconfig
$ iwconfig wlan0
$ iwconfig wlan1

Now we scan the Wifi’s and have the values ​​displayed (repeat this multiple times to get the average).

# use iwlist to scan (old way)
$ iwlist wlan0 scanning | egrep -i 'SSID|Quality'

# use iw to scan (modern way)
$ iw wlan0 scan | egrep -i 'SSID|signal'

Make it more visible

Under the Wifi Pineapple modules you can search for “SignalStrength” and install it. After successful installation, select the module then select one of your available wifi interfaces and press button “Scan”.

Wifi Pineapple module SignalStrength scan

After short time you will have outputs as table and graph.

Signal Level Graph

That’s it already. With these basics, you should be able to understand and perform your wifi penetration tests even better.

Wifi Pineapple Module DWall

This is the first tutorial about Wifi Pineapple modules. I will start with a simple one called DWall. With this module you can gather and display easily live informations from connected clients wich using the HTTP protocol.

Objective

Installation and usage of module DWall on the Wifi Pineapple.

Precondition

Your Wifi Pineapple need to have an internet connection.

Installation

This time we will use the browser UI for the installation. Let’s start… Look for DWall among the available modules, click the “Install” button and select the location (you should always select the SD card, if available).

DWall installation on Wifi Pineapple

Via Terminal you can verify the installation, too.

# list installed modules on sdcard folder
$ ssh root@192.168.2.10 -C 'ls -la /sd/modules/'

Usage

After successful installation (which should be quite fast), select the module. Now activate it and start the listener. As soon as a connected client makes requests with HTTP, you will see them in the module output. Depending on the responce, also other data such as pictures.

DWall report on Wifi Pineapple UI

Now the last one should also understand why encryption (HTTPS) is so important! Even if it is already used a lot, you will figure that many websites still work without encryption.

HTTPS and Wireshark

Using the two browsers (Firefox and Chrome), I’ll show you how to analyze the TLS traffic with Wireshark. If you only want to use one of the browsers, you can, of course.

What you need?

  • Wireshark (latest version)
  • Google Chrome (latest version)
  • Firefox (latest version)

Let’s start

After export do not change or restart you terminal. Or set an environmental variable (global/user specific) for example in .bashrc/.bash_profile/etc. file.

# create empty file
$ touch ~/Desktop/keys.log

# create environment variable
$ export SSLKEYLOGFILE=$HOME/Desktop/keys.log

# start Firefox
$ /Applications/Firefox.app/Contents/MacOS/firefox-bin --ssl-key-log-file=$HOME/Desktop/keys.log

# start Chrome
$ /Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --ssl-key-log-file=$HOME/Desktop/keys.log

In another terminal, you can watch the file.

# tail file (optional)
$ tail -f ~/Desktop/keys.log
...
CLIENT_RANDOM
33da89e4b6d87d25956fd8e8c1e6965575e379ca263b145c8c1240c7f76b0d2a
348d23440ef23807a88c9bda8c8e5826316b15bba33bbfe776120fb9d711c1b04dcf8
1e99e4a58e9d0c57ac955f12a7
...

Wireshark and open Preferences -> Protocols -> SSL. Browse here for file “$HOME/Desktop/keys.log” and confirm your settings.

Wireshark SSL Settings

Start your record (may with filters) and open URL in browser. For example, you can now view the data in Wireshark via the “Decrypted SSL data” tab.

Create QA dashboards with Grafana (Part 5)

In the last tutorial of this series, we create the dashboards for testing and support. Part 1, Part 2, Part 3 and Part 4 should have been successfully completed.

Dashboard Testing

First, I show the result. With a little Drag & Drop and resizing, your dashboard might look like this. But after all, it’s up to your creativity how the results look.

Final Dashboard Testing

I will just show now the most important configurations, from the 4th part you should already know the others.

Add following panels. 1x Graph panel, 2x Singlestat panel and 1x Pie Chart panel. Now edit the Graph panel.

Under tab General enter for Title: Results: $Testers. On tab Metrics select Data Source InfluxDB_test_db and enter From: default suite WHERE: qa =~ /^$Testers$/, SELECT: field(passed) alias(Test Passed) field(skipped) alias(Tests Skipped) field(failed) alias(Tests Failed), FORMAT AS: Time series and ALIAS BY: $col.

Testing Graph Metrics

For tab Axes just enable Show checkbox on Left Y and X-Axis, Unit: short, Scale: linear and Mode: Time. On tab Legend enable checkboxes Show, As Table, Min, Max and Current. On tab Display enable only checkbox Lines.

Now you can edit the Singlestat panels (one after the other). Here the important screens for Passed Total: $Testers:

Testing Singlestat Metrics

Tab Options (Singlestat)

Testing Singlestat Options

For Singlestat Failed Total: $Testers, just change field(passed) to field(failed).

The Pie Chart Average: $Testers is simple, too. Here are the most important settings.

Testing Pie Chart Metrics

Tab Options (Pie Chart)

Testing Pie Chart Options

You’re done with 2nd dashboard. Don’t forget to save (incl. variables and so on)!

Dashboard Support

Let’s get to the last dashboard (Support). Again, the result.

Final Dashboard Support

Now add the following panels. 1x Graph panel and 1x Pie Chart panel (we dynamically generate the others).

Here now the important settings. On tab General have attentions to Repeat!

Support Graph General

Tab Metrics (Graph)

Support Graph Metrics

Tab Axes (Graph)

Support Graph Axes

Tab Display (Graph)

Support Graph Display

The tab Legend for Graph panel have only Show checkbox enabled. Let’s go to the Pie Chart settings. On tab General have attentions to Repeat!

Support Pie Chart General

Tab Metrics (Pie Chart)

Support Pie Chart Metrics

Tab Options (Pie Chart)

Support Pie Chart Options

That’s it with this series. I hope you have all the knowledge to create with Grafana awesome QA dashboards.

Create QA dashboards with Grafana (Part 4)

Finally, we can create the first dashboard. The prerequisite for this is that you have successfully completed the previous tutorials (Part1, Part2, Part3).

Pipeline graph panel

Now go to the still empty dashboard Pipeline. Add the Graph Panel here and select Edit in the title of panel.

Pipeline Graph Panel

In the Metrics tab you now enter the following values. Data Source: InfluxDB_pipeline_db, From: default, pipeline, WHERE: stage =~ /^$Stage$/, SELECT: field(duration), FORMAT AS: Time series and ALIAS BY: Duration.

Note: In case your graph is not displayed correctly, select on the Time picker dropdown: Last 30 days.

Pipeline Graph Metrics

Change to General tab and enter for Title: Duration: $Stage.

Pipeline Graph General

Change to Axes tab and enable checkboxes Show for Left Y and X-Axis. The Unit value for Left Y should be: minutes(m).

Pipeline Graph Axes

Under tab Legend choose enable following checkboxes: Show, As Table, Min and Max. For Decimals enter value “2”.

Pipeline Graph Legend

Our last action for the Graph panel will be done in tab Display. Here we add the Threshold. T1: gt, 15, Color critical, enable checkbox Fill and Y-Axis: left.

Pipeline Graph Display

We are done with Graph panel … don’t forget to save!

Pipeline singlestat panel (Last Status)

Now we add 2 more singlestat panels. One should show the Last Status and the other Last Duration. Press Edit for Last Status panel.

Pipeline Singlestat Panel

In the Metrics tab you now enter the following values. Data Source: InfluxDB_pipeline_db, From: default, pipeline, WHERE: stage =~ /^$Stage$/, SELECT: field(status)last() and FORMAT AS: Time series.

Pipeline Singlestat Metrics

Change to General tab and enter for Title: Last status: $Stage.

Pipeline Singlestat General

Close Panel edit mode and save.

Pipeline singlestat panel (Last Duration)

Last Singlestat will have following Metrics. Data Source: InfluxDB_pipeline_db, From: default, pipeline, WHERE: stage =~ /^$Stage$/, SELECT: field(duration) and FORMAT AS: Time series. Under tab General just add Title: Last Duration: $Stage.

Pipeline Singlestat Options

For tab Options select Stat: Current, Font size: 50%, Unit: minutes(m), Thresholds: 10,15, enable checkbox Show for Gauge, Min: 0, Max: 30 and enable checkboxes Threshold labels plus Threshold markers. Close Edit mode and save.

Final Pipeline Dashboard

Now you can play with the size and placement of the panels. My Pipeline dashboard now looks like this:

Pipeline Final Dashboard

If you change the variables (S1, S2, S3), the values ​​of the panels should change.

This leaves only 2 dashboards left. See you in next tutorial.

Create QA dashboards with Grafana (Part 3)

In the third part of this tutorial series we will create Query Variables and Annotations for our three Dashboards (Testing, Support, Pipeline). Thus, we can later provide interactive dashboards (instead of static ones). Stakeholders should be able to independently filter or select information, which makes the Grafana dashboards more interesting.

Note: This part assumes that you have completed the first and second part successfully.

Variables for dashboard Testing

For Dashboard Testing we need a query variable: QA. Go to the Dashboard Settings on Testing. Now select the “Add variable” button in the “Variables” category.

Grafana Dashboard Variables

Assign a unique name and label: Testers, select as Type: Query, Data source: InfluxDB_test_db and Refresh: On Dashboard Load. As Query insert: SHOW TAG VALUES WITH KEY = “qa”. In the Preview you should see already all values. Last enable checkboxes for Multi-value and Include all value. Press “Add” and “Save” buttons when you’r done.

Grafana Variables Testing

On the empty dashboard should now be a dropdown, with the values ​​visible.

Variables and annotations for dashboard Support

For Dashboard Support we need a query variable: Support. Assign a unique name and label: Support, select as Type: Query, Data source: InfluxDB_support_db, Refresh: On Dashboard Load and Sort: Alphabetical (asc). As Query insert: SHOW TAG VALUES WITH KEY = “support”. In the Preview you should see already all values. Last enable checkboxes for Multi-value and Include all value. Press “Add” and “Save” buttons when you’r done.

Grafana Variables Support

In addition, this dashboard should also have an annotation. Select the “Add Annotation Query” button in the “Annotations” category.

Grafana Dashboard Annotations

Give name: In vector, select Data source: InfluxDB_support_db, enable checkbox: Enabled and add Query: SELECT FROM “in” FROM “tickets” WHERE $timeFilter AND “in” >= 20. Press button’s “Add” and “Save”.

Grafana Annotations Support

On the empty dashboard should now be a dropdown and a checkbox.

Variables and annotations for dashboard Pipelines

Our last dashboard Pipelines will have a variable and annotation, too. Create therefore a variable with following configuration. Name/Label: Stage, Type: Query, Data source: InfluxDB_pipeline_db, Refresh: On Dashboard Load, Query: SHOW TAG VALUES WITH KEY = “stage” and Sort: Alphabetical (asc). Press buttons “Add” and “Save”.

Grafana Variables Pipelines

For the annotation give following values. Name: High Duration, Data source: InfluxDB_pipeline_db, Enabled and Query: SELECT “duration” FROM “pipeline” WHERE $timeFilter AND “duration” >= 15. Press “Add” and “Save”.

Grafana Annotations Pipelines

On the empty dashboard should now be a dropdown and a checkbox.

Okay … that’s it for the third part. In the 4th part we will finally add the pannels in the respective dashboards.

Create QA dashboards with Grafana (Part 2)

In the first part of this tutorial series, you created the environment and recorded some fictional data into InfluxDB. Now log in to Grafana and create data sources for your dashboard pannels.

The next steps will only be performed if you have stopped the environment via docker-compose stop.

# go to Project directory
$ cd ~/Projects/GrafanaDemo/

# start environment
$ docker-compose start

# open Grafana in browser (and login)
$ open http://localhost:3000

You should now find yourself on the Home Dashboard.

Data Sources

The first step is to create the InfluxDB data sources for the metrics to be available in Grafana. To do this, navigate to Data Sources now.

Grafana Data Sources

Now click on “Add data source”. We will do this step 2 more times. For each database (test_db, support_db, pipeline_db) in InfluxDB we will specify a separate connection.

Assign a unique name (like InfluxDB_test_db), select as Type: InfluxDB, enter the URL: http://10.1.0.10:8086, select Access: Server (Default) and Database: test_db. Finally, press the “Save & Test” button. Additional values ​​are not necessary for this tutorial.

Grafana Data Source Configuration

If everything went well, you should get the hint “Data source is working.”

Repeat the process for the other two InfluxDB databases (support_db, pipeline_db). Pay attention to the values ​​of name and database. In the end, your configuration should look like this:

Grafana InfluxDB Data Sources

Dashboards

In this step, you will now create three empty dashboards (under General). Similar to the Data Sources – one for each database. Switch to Manage – Dashboards.

Grafana Dashboards

Select the “+ Dashboard” button. Before adding panels, give the dashboard a unique name. To do this, select the “Settings” icon (top right).

Give the name value, for example “Testing” and for Timezone choose: Local Browser Time. Finally, press the “Save” button.

Grafana Dashboard Settings

Repeat the process 2 more times. In the end, you should have created 3 empty dashboards (eq. Testing, Support and Pipelines).

Grafana Dashboards Overview

Perfect, you should now be able to see your 3 dashboards on the “Home Dashboard”.

Grafana Home Dashboard

In the third part of the series, you will learn to create annotation and variables for each dashboard. I hope you had fun and that you have been able to learn something new till here. See you soon in 3rd part.

Wifi Monitor Mode Basics

There are several ways to enable monitor mode for Wifi interfaces. Depending to your OS, installed packages, installed drivers and the Wifi model these methods are available and/or useful. In this tutorial I will explain three different ways.

3 different ways

The first example enables the monitor mode via iwconfig. To start/stop the interface the ip command is used, but you could also use ifconfig command.

# disable interface
$ ip link set wlan0 down

# enable monitor mode
$ iwconfig wlan0 mode monitor

# check interface status (optional)
$ iwconfig wlan0 | grep -i mode | awk '{print $4}'

# enable device
$ ip link set wlan0 up

The second example enables monitor mode via airmon-ng. The explicit start or stop of the interface is not necessary here. Attention, this method will change the name of the interface.

# stop interfering processes
$ airmon-ng check kill

# enable monitor mode
$ airmon-ng start wlan0

# check interface status (optional)
$ iwconfig wlan0mon | grep -i mode | awk '{print $4}'

The third example enables monitor mode via iw. To start/stop the interface the ifconfig command is used, but you could also use ip command.

# disable interface
$ ifconfig wlan0 down

# enable monitor mode
$ iw wlan0 set monitor control

# check interface status (optional)
$ iw dev | grep -i type | awk '{print $2}'

# enable device
$ ifconfig wlan0 up

It may happen that your interface crashes during the scan. In that case, you should choose a different method. If none of the shown examples works properly, it could be due to the Network Manager. In this case, turn it off. Attention, this action is then valid for all interfaces and can disturb your internet connection.

# stop network manager
$ systemctl stop NetworkManager