trackerjacker: Like nmap for mapping wifi networks you’re not connected to

trackerjacker

Like nmap for mapping wifi networks you’re not connected to. Maps and tracks wifi networks and devices through raw 802.11 monitoring.

trackerjacker can help with the following:

  • I want to know all the nearby wifi networks and know all the devices connected to each network.
  • I want to know who’s hogging all the bandwidth.
  • I want to run a command when this MAC address sends more than 100000 bytes in a 30 second window (maybe to determine when an IP camera is uploading a video, which is indicative that it just saw motion).
  • I want to deauth anyone who uses more than 100000 bytes in a 10 second window.
  • I want to deauth every Dropcam in the area so my Airbnb hosts don’t spy on me.
  • I want to be alerted when any MAC address is seen at a power level greater than -40dBm that I’ve never seen before.
  • I want to see when this particular person is nearby (based on the MAC of their mobile phone) and run a command to alert me.
  • I want to write my own plugin to run some script to do something fun every time a new Apple device shows up nearby.

Install

pip3 install trackerjacker

Supported platforms: Linux (tested on Ubuntu, Kali, and RPi) and macOS (pre-alpha)

Usage

Find detailed usage like this:

trackerjacker -h

trackerjacker

There are 2 major usage modes for trackerjackermap mode and track mode:

Map mode example

Map command:

trackerjacker -i wlan1337 --map

By default, this outputs the wifi_map.yaml YAML file, which is a map of all the nearby WiFi networks and all of their users. Here’s an example wifi_map.yaml file:

TEST_SSID:
  00:10:18:6b:7a:ea:
    bssid: 00:10:18:6b:7a:ea
    bytes: 5430
    channels:
    - 11
    devices:
      3c:07:71:15:f1:48:
        bytes: 798
        signal: 1
        vendor: Sony Corporation
      78:31:c1:7f:25:43:
        bytes: 4632
        signal: -52
        vendor: Apple, Inc.
    signal: -86
    ssid: TEST_SSID
    vendor: Broadcom

BRANSONS_WIFI:
  90:48:9a:e3:58:25:
    bssid: 90:48:9a:e3:58:25
    bytes: 5073
    channels:
    - 1
    devices:
      01:00:5e:96:e1:89:
        bytes: 476
        signal: -62
        vendor: ''
      30:8c:fb:66:23:91:
        bytes: 278
        signal: -46
        vendor: Dropcam
      34:23:ba:1c:ba:e7:
        bytes: 548
        signal: 4
        vendor: SAMSUNG ELECTRO-MECHANICS(THAILAND)
    signal: -80
    ssid: BRANSONS_WIFI
    vendor: Hon Hai Precision Ind. Co.,Ltd.

hacker_network:
  80:2a:a8:e5:de:92:
    bssid: 80:2a:a8:e5:de:92
    bytes: 5895
    channels:
    - 11
    devices:
      80:1f:02:e6:44:96:
        bytes: 960
        signal: -46
        vendor: Edimax Technology Co. Ltd.
      80:2a:a8:8a:ec:c8:
        bytes: 472
        signal: 4
        vendor: Ubiquiti Networks Inc.
      80:2a:a8:be:09:a9:
        bytes: 5199
        signal: 4
        vendor: Ubiquiti Networks Inc.
      d8:49:2f:7a:f0:8f:
        bytes: 548
        signal: 4
        vendor: CANON INC.
    signal: -46
    ssid: hacker
    vendor: Ubiquiti Networks Inc.
  80:2a:a8:61:aa:2f:
    bssid: 80:2a:a8:61:aa:2f
    bytes: 5629
    channels:
    - 44
    - 48
    devices:
      78:88:6d:4e:e2:c9:
        bytes: 948
        signal: -52
        vendor: ''
      e4:8b:7f:d4:cb:25:
        bytes: 986
        signal: -48
        vendor: Apple, Inc.
    signal: -48
    ssid: null
    vendor: Ubiquiti Networks Inc.
  82:2a:a8:51:32:25:
    bssid: 82:2a:a8:51:32:25
    bytes: 3902
    channels:
    - 48
    devices:
      b8:e8:56:f5:a0:70:
        bytes: 1188
        signal: -34
        vendor: Apple, Inc.
    signal: -14
    ssid: hacker
    vendor: ''
  82:2a:a8:fc:33:b6:
    bssid: 82:2a:a8:fc:33:b6
    bytes: 7805
    channels:
    - 10
    - 11
    - 12
    devices:
      78:31:c1:7f:25:43:
        bytes: 4632
        signal: -52
        vendor: Apple, Inc.
      7c:dd:90:fe:b4:87:
        bytes: 423223
        signal: 4
        vendor: Shenzhen Ogemray Technology Co., Ltd.
      80:2a:a8:be:09:a9:
        bytes: 5199
        signal: 4
        vendor: Ubiquiti Networks Inc.
    signal: -62
    ssid: null
    vendor: ''

 

Note that, since this is YAML, you can easily use it as an input for other scripts of your own devising. I have an example script to parse this “YAML DB” here: parse_trackerjacker_wifi_map.py.

Tutorial

Copyright (c) 2016 Caleb Madrigal

Source: https://github.com/calebmadrigal/

Share