ADS-B Piaware Flight Tracker

I recently purchased a Raspberry PI2 CanaKit from Amazon. My goal is to use it with Ham Radio, but to get a quick project going I set it up as a ADS-B flight tracker.

For those who don’t know, ADS-B stands for Automatic dependent surveillance – broadcast, and is used by airplanes to send out a broadcast message on 1090 MHz of their positions, flight number, altitude, and speed. The technology is utilized by air traffic controllers as a secondary way to track flights besides radar tracking.

This project took me about half an hour to setup and is still running. I’ll go over the setup and items needed to get this going. It costs less than $100 bucks to do all of this.

Tools needed:

  1. Raspberry Pi
  2. NooElec SDR Receiver
  3. Piaware software – FlightAware.com
  4. Setup an account with FlightAware.com

It is extremely easy to get this going. Flightaware.com, a flight status tracking website, provides all the steps and information needed to create your Piaware device. Basically you download the Piaware software. Install it on your microSD card and insert it into your Raspberry Pi. From there, hook up you NooElec receiver and antenna (it is best to have an outside antenna if possible or one with little obstructions).  Cable up your Ethernet cable and then power on the Raspberry Pi. Once on you can register the device with your FlightAware.com account. You can also browse locally to your Raspberry Pi an see the flights as they pass near you. Below is a screen shot of one I took tonight.

ADSB1

If you click on the Flightaware link next to the flight number, it will bring up the FAA logged route for this aircraft.

ADSB2

Being close to a military base, I see a lot of aircraft appearing and disappearing on the tracker. I’ve been told that the reason for this is that military aircraft only have to enable their transponders when in civilian airspace (this is what I’m told). Also, the military aircraft usually have interesting flight names, but I won’t discuss those here. This project has been fun and I have enjoyed seeing the amount of air traffic and their routes while flying near me. I’ve noticed a sort of “Interstate in the Sky”, as many of the planes travel the same routes. Not sure how much longer I will run this, but it will definitely run until I figure out the Ham Radio application for this device.

234 total views, 1 views today

My Pen Testing Tool Kit

When I first became interested in Pen Testing I had no idea where to begin or the tools to use. In this blog I will cover the tools I use most often and their purpose. Every kit is different, but this is what I use the most.

Here is my list, I will discuss each item in detail:

  1. Kali Linux
    A. Installed on HP 110 Netbook
  2. Alfa AWUSO36NH Wireless Adapter
  3. Wifi Pineapple
  4. 2 x Yagi Wifi antennas
  5. USB Rubber Ducky
  6. NooElec USB RTL-SDR
  7. Maxpedition Lunada Gearslinger Bag

PenTestingToolKit

Kali Linux

When I first started getting into Pen Testing I was trained on CentOS then I moved to Backtrack. I’ve now moved to Kali, which most people are now are using. Granted, you can use any OS you want for Pen Testing, and usually I have to use different ones, but Kali has almost all the tools in one place.

I installed Kali on an old HP Mini 110 netbook. It is not the fastest, but it does fine for running scans and exploits. If you are attempting to do something processor intensive, like password cracking, it is a good idea to run this on a machine that has more power.

This leads me to the next feature with Kali. Kali gives you the option to create a bootable USB image. This link covers how to set that up. The good thing about having a bootable USB is that you do not have to install the OS on your machine to use it. Just run it in live mode and you’re good to go.

The last option for running Kali is to run it as a virtual machine, which I do use regularly. I personally use VirtualBox whenever I do virtual machines. VirtualBox is free and has a lot of helpful articles. Kali actually has images available for download forVirtualBox and WMware.

 Alfa Network Wireless Adapter

In my opinion there are two easy ways into someone’s network. The first is to “ask,” for access via social engineering. The second is wireless exploitation. Wireless testing is one of my favorite aspects of pen testing. I use a Alfa AWUSO36NH Wireless Adapter for wireless testing. The Alfa adapter allows you to run WiFi scans to determine encryption on networks, network names, MAC addresses, and also inject packets back into the networks you are trying to test. With this tool you can crack WEP in no time, capture WPA2 handshakes for offline cracking, and exploit WPS enabled Access Points. You can also use different antennas, like the Yagi ones in my kit.

WiFi Pineapple

The WiFi Pineapple is another wireless auditing tool. It comes with two antennas, which can be swapped for other antennas. The Pineapple can do recon of access points in an area, exploits on those access points, or act a free, open WiFi network. If a person were to connect to the open network you can utilize the Pineapple to act as a man in the middle and strip out packets, spoof DNS, capture credentials, and much more. The WiFi Pineapple is sold by Hak5 and is a great, fun tool to use.

Yagi WiFi antennas

To help increase the distance for my wireless testing I purchased two directional Yagi Antennas. These antennas can connect to the Alpha Networks Card or the WiFi Pineapple. These antennas were around $20 dollars for the two on EBay.

USB Rubber Ducky

The USB Rubber Ducky is the ultimate Social Engineering tool. This looks like a common thumb drive, but it is far from that. It is actually a keystroke injection attack platform. Basically it acts like a keyboard when plugged into a person’s machine and automatically types out commands. The commands are placed on the rubber ducky via a simple scripting language, saved to a Micro SD card, and inserted into the rubber ducky. These scripts can execute programs, save files and FTP them to remote locations, insert backdoor connections to machines, and many more things. A pen tester could drop the device in a common area in the hopes a user will plug it in. The rubber ducky can execute commands very quickly, making it an ideal tool to use when testing physical security. If you are able to get in front of a machine, plug the rubber ducky in and let it run the scripted commands while you do some more exploring around the complex. Of course, you’ll need to have it configured prior to using it.

NooElec USB RTL-SDR

The NooElec USB RTL-SDR is a mini Software Defined Radio USB device. It comes with a small antenna, but you can purchase a larger replacement if you want. With SDR, a pen tester could test anything that run over radio waves, not just WiFi. Things such as smart meters and RFIDs are a few examples. I’m new to SDR, but have had some fun with it like picking up the local Fire/EMS/Police dispatch. This device is very inexpensive, around $20.

Maxpedition Lunada Gearslinger Bag

No Pen Testing kit is complete without a tacticool bag to carry it all in. The maxpedition bag is very durable and can store everything I carry, with the exception of the yagi antennas. These can actually be strapped to the sides if necessary with the use of the MOLLE system. The bag is not very big, but can pack in an IPad or netbook without a problem. Definitely a great bag for when you don’t want to tote around a full size backpack.

My pen testing tool kit took me several years to put together. I’m still modifying it all the time. This is an ever evolving game, and so should your pen testing tool kit.

274 total views, 1 views today

Ham Radio Attic Antenna

About a year ago I obtained my Ham Radio Technician License.  The very first radio I purchased was a Baofeng UV-5R Handheld. This radio was good for listening while driving around, but I needed a good setup in the Cole Command Center. I ended up getting a Kenwood TM-V71a radio with the Kenwood KPS-15 Power supply, that I setup as a base station.

IMG_0116

The setup was fantastic minus one thing, the antenna. Due to my HOA regulations I am not allowed to place a visible antenna on the outside of my house. I debated stringing one in a tree behind my house, but decided against it. After some research I decided the best thing to do would be to install an attic antenna.

The antenna I purchased was a Comet GP-1 from the antenna farm, Link.

IMG_0558

The second problem I ran into was the fact that there were no wall plates designed for the connections for this antenna and radio.  I searched all over looking for something that mirrored a tv coax wall plate, but for the PL259 connector, but came up with nothing. I ended up purchasing a female2female PL259 connector and a blank wall plate. After some measuring I drilled out the blank wall plate and placed the connector through it.

IMG_0327

IMG_0328

The next step in the process was to cut the wall plate hole and drop the coax cable from the attic to the wall plate. I had an old phone drop that I removed off the stud and replaced it with a hollow wall drop and the new custom plate.

IMG_0329

IMG_0330

IMG_0331

Once the cable was connected to the back of my radio everything worked like a champ. I can hit the local repeaters with no problems and have even made a direct contacts about 45 miles away.

303 total views, 1 views today