OpenWrt based Wi-Fi MAC scanner
You will be able in 3 minutes:
- Setup your own Wi-Fi MAC addresses scanner with OpenWrt.
- Setup FTP upload server which will collect all data from all routers.
Parsing final data not covered by this article.
You can do it with a programming language you prefer.
You can use PuTTY to connect to your router with SSH protocol.
You can do it with a programming language you prefer.
You can use PuTTY to connect to your router with SSH protocol.
We're using OpenWrt version 19.07.2 but fell free to use any other OpenWrt version.
Please note, you already should have Internet configured on router to proceed.
Please note, you have to change upload.maccollector.com to your own hostname with FTP server on it.
Installing OpenWrt on Wi-Fi router
Not covering here.
Installing dependent software packages on OpenWrt
Invoke following command one-by-one in router's console:
opkg update opkg install procps-ng-pkill opkg install wireless-tools opkg install aircrack-ng opkg install lftp opkg install screen opkg install nano #following is optional (useful for debug): opkg install diffutils opkg install tcpdump
Creating MAC scanner script
We create it in on-boot place so script will be invoked automatically after each reboot.
Do not foter to change upload.maccollector.com to your host before pasting it to the router's console.
Do not foter to change upload.maccollector.com to your host before pasting it to the router's console.
cat <<'EOF'> /etc/rc.d/S99wifi #!/bin/sh export PATH="/usr/sbin/:/sbin/:$PATH" set -xv ######################### cat <<'EOFAA'> /root/wifi.sh #!/bin/sh export PATH="/usr/sbin/:/sbin/:$PATH" set -xv ifconfig wlan0 down #iwconfig obsolete, see https://openwrt.org/docs/guide-user/network/wifi/wireless-tool/wireless.utilities iwconfig wlan0 mode monitor ifconfig wlan0 up MYHOST=$(grep 'option hostname' /etc/config/system|awk '{print $3}'| tr -d "'"); pkill airodump-ng rm -fv /tmp/outfile-* while [ ! -e /tmp/stop ]; do date airodump-ng wlan0 -w /tmp/outfile --background 1 --output-format csv & PID=$! sleep 300; kill $PID; pkill airodump-ng sleep 1; lftp -u ftp:ftp -e "cd upload; put /tmp/outfile-01.csv -o outfile_${MYHOST}_`date '+%Y-%m-%d-%H-%M-%S'`.csv; bye;" upload.maccollector.com ; cat /dev/null > /tmp/outfile-01.csv ; rm -fv /tmp/outfile-* done EOFAA ######################### chmod 755 /root/wifi.sh screen -S wifi -d -m /bin/sh /root/wifi.sh EOF chmod 755 /etc/rc.d/S99wifi
Configuring interfaces file
Edit /etc/config/wireless with: vi or nano.
as described below:
as described below:
vi /etc/config/wireless
Found block starting with following line: config wifi-device 'radio0' and comment out (append # before it) following line (should be last line in block), change it form: option disabled '1' to: # option disabled '1'
Found block starting with following line: config wifi-iface 'default_radio0' and append following line (should be appended as a last line in block): option disabled '1'
Following block should be added to the bottom of file: config wifi-iface 'wifinet0' option device 'radio0' option network 'lan' option mode 'monitor' option hidden '1'Also make few blank lines after this block.
Now comprehensive example of how things will looks like:
root@OpenWrt:~# cat /etc/config/wireless config wifi-device 'radio0' option type 'mac80211' option channel '11' option hwmode '11g' #THIS SHOULD BE KEEP AS ORIGINAL HIST LINE MAY VARY FOR YOU: option path 'platform/ar934x_wmac' option htmode 'HT20' #COMMENT THIS OUT: # option disabled '1' #this block will be ther already: config wifi-iface 'default_radio0' option device 'radio0' option network 'lan' option mode 'ap' option ssid 'OpenWrt' option encryption 'none' #APPEND IT HERE: option disabled '1' #This block should be added to the bottom: config wifi-iface 'wifinet0' option device 'radio0' option network 'lan' option mode 'monitor' option hidden '1' root@OpenWrt:~#
Post-setup steps
Reboot the router and setup Linux FTP server to receiving router's data.
reboot
Setup collecting FTP server
We will use vsftpd as the FTP sever.
In this example we are using vsftpd version 3.0.2.
In this example we are using vsftpd version 3.0.2.
cp -aiv /etc/vsftpd.conf /etc/vsftpd.conf-`\date -I` cat <<'EOF'> /etc/vsftpd.conf listen=NO listen_ipv6=YES use_localtime=YES #secure_chroot_dir=/var/run/vsftpd/empty secure_chroot_dir=/srv/ftp #secure_chroot_dir=/srv rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key ssl_enable=NO pam_service_name=vsftpd ftp_username=ftp anonymous_enable=YES local_enable=YES write_enable=YES local_umask=022 anon_umask=000 anon_upload_enable=YES anon_mkdir_write_enable=YES dirmessage_enable=YES xferlog_enable=YES connect_from_port_20=YES #very short of data #xferlog_std_format=YES chroot_local_user=NO chroot_list_enable=NO #listen=YES #listen_ipv6=YES pasv_enable=YES pasv_min_port=49152 pasv_max_port=65535 #pam_service_name=vsftpd userlist_enable=YES tcp_wrappers=YES anon_other_write_enable=YES anon_root=/srv/ftp #anon_root=/srv #anon_root=/ no_anon_password=YES hide_ids=YES #ls: Login failed: 500 OOPS: vsftpd: refusing to run with writable root inside chroot() allow_writeable_chroot=YES max_clients=100500 userlist_file=/etc/vsftpd/allowed_list #google: vsftpd user ftp 530 Permission denied #https://www.thegeekdiary.com/error-530-permission-denied-when-user-logs-in-to-vsftpd-server-via-ftp/ userlist_deny=NO xferlog_enable=YES log_ftp_protocol=YES #syslog_enable=YES xferlog_file=/var/log/vsftpd.log download_enable=NO dirlist_enable=NO EOF
cat <<'EOF'> /etc/vsftpd/allowed_list ftp EOF
chown root:root /etc/vsftpd/ chmod 755 /etc/vsftpd/ chown root:root /etc/vsftpd/allowed_list chmod 644 /etc/vsftpd/allowed_list #chown root:adm /var/log/vsftpd.log chmod 777 /var/log/vsftpd.log chown root:root /srv/ /srv/ftp/ chmod 755 /srv/ /srv/ftp/ chown ftp:ftp /srv/ftp/upload/ chmod 755 /srv/ftp/upload/
You can change router's name
To be able to differentiate one router from other routers you can set unique name to each of it:
vi /etc/config/system reboot
All done
Now you're all set.
Just reload vsftpd.
Just reload vsftpd.