This guide walks through the setup of an automated wardriving system using a Raspberry Pi.
- Prerequisites
- Installation and Configuration
- GPS Configuration
- GPS via Serial Connection
- USB GPS & Kismet Configuration
- Setting Up RaspAP
- Automating Kismet, GPS Detection, and Starting the Python HTTP Server
- Automating Script Execution at Boot
- Usage
- Raspberry Pi (3/4/5 recommended) running Raspberry Pi OS Lite (64-bit, Bullseye or Bookworm).
- USB WLAN adapter(s) compatible with Linux.
- GPS module or compatible USB device.
- Connect via ssh:
ssh user@<PIDEVICEIP>or use an external monitor and keyboard - Update:
sudo apt update && sudo apt upgrade -y
-
Remove any previous kismet from source
sudo rm -rfv /usr/local/bin/kismet* /usr/local/share/kismet* /usr/local/etc/kismet*
-
Add Kismet to apt sources & install
Note
Enter yes when asked for suid-root helpers during installation.
- Debian Bullseye ( i386 amd64 armhf arm64 )
wget -O - https://www.kismetwireless.net/repos/kismet-release.gpg.key --quiet | gpg --dearmor | sudo tee /usr/share/keyrings/kismet-archive-keyring.gpg >/dev/null
echo 'deb [signed-by=/usr/share/keyrings/kismet-archive-keyring.gpg] https://www.kismetwireless.net/repos/apt/git/bullseye bullseye main' | sudo tee /etc/apt/sources.list.d/kismet.list >/dev/null
sudo apt update
sudo apt install kismet- Debian Bookworm ( amd64 arm64 )
wget -O - https://www.kismetwireless.net/repos/kismet-release.gpg.key --quiet | gpg --dearmor | sudo tee /usr/share/keyrings/kismet-archive-keyring.gpg >/dev/null
echo 'deb [signed-by=/usr/share/keyrings/kismet-archive-keyring.gpg] https://www.kismetwireless.net/repos/apt/git/bookworm bookworm main' | sudo tee /etc/apt/sources.list.d/kismet.list >/dev/null
sudo apt update
sudo apt install kismet -
Add your username to the Kismet group:
sudo usermod -aG kismet your-user-here -
Reload the Groups: Either log back out and log in, or in some cases, reboot.
-
Check that you are in the Kismet group with the
groupscommand output.
For help visit the Kismet Docs
Important
If using a USB GPS unit, skip this section.
BEGIN GPIO SERIAL GPS INSTRUCTIONS
- If using a GPS module instead of USB device, Pins 14 & 15 are used GPS data.
- Most any will work, view the Pin Out here
- Connect your GPS module to the Raspberry Pi Zero as follows:
- GPS Module TX to Raspberry Pi RX on GPIO 15 (physical pin 10)
- GPS Module RX to Raspberry Pi TX on GPIO 14 (physical pin 8)
- GPS Module Ground to Raspberry Pi Ground
- GPS Module Power to Raspberry Pi 3.3V or 5V (depending on your GPS module requirements)
- Install
gpsdsudo apt-get install gpsd gpsd-clients
Disable the serial console that might be using the serial pins:
-
Open the
raspi-configtool:sudo raspi-config
-
Navigate to Interface Options > Serial Port.
-
Answer 'No' to the login shell over serial and 'Yes' to the serial port hardware being enabled.
Edit the gpsd configuration file to adjust settings:
-
Open the configuration file:
sudo nano /etc/default/gpsd
-
Ensure the
DEVICESline points to the serial device your GPS is connected to (usually/dev/serial0or/dev/ttyS0):START_DAEMON="true" DEVICES="/dev/ttyS0" GPSD_OPTIONS="-n"
-
Save and exit the editor.
-
Restart
gpsdto apply the changes:sudo systemctl restart gpsd
-
Test if the GPS module is working properly with gpsd:
cgps -s
END GPIO SERIAL GPS INSTRUCTIONS
dmesg | grep ttyLook for lines that indicate your GPS device, typically /dev/ttyUSB0, or using the RX & TX, ttyS0.
sudo nano /etc/kismet/kismet.conf-
Add or modify the line for your GPS device:
gpstype=serial:device=/dev/ttyUSB0 -
Replace
/dev/ttyUSB0with the correct port for your USB GPS device
(Optional, enables an access point on the pi) Install RaspAP for easy system management via your own access point. Visit the RaspAP Docs for more info.
-
One-line quick installer:
curl -sL https://install.raspap.com | bash -
Follow the installation prompts, connect to the default AP then access the RaspAP web interface at
http://raspberry_pi_ip/to configure your network settings.
- SSID:
raspi-webgui - Password:
ChangeMe - Default login to WebUI: username
adminpasswordsecret. - Change these!.
-
Install
jqfor the script parsingsudo apt-get install jq
-
Create the startup script named start_kismet.sh:
This can be done using a text editor. For simplicity, we'll use nano:
- Enter the following command to create and edit the script:
sudo nano ~/start_kismet.sh
- Add the Script Content:
*Script adapted from here Note: Change the /yourUsernameHere to your username
#!/bin/bash
# Wait for 30 seconds to give the system time to detect and bring up interfaces
sleep 30
# Define the user's home directory and the directory for Kismet data
USER_HOME="/home/yourUsernameHere"
KISMET_DIR="${USER_HOME}/kismet"
# Create the Kismet directory if it doesn't exist
mkdir -p "${KISMET_DIR}"
cd "${KISMET_DIR}"
# Find network interfaces that are not wlan0 and bring them up
interfaces=$(iw dev | grep Interface | cut -d ' ' -f2 | grep -v wlan0)
kismet_sources=""
source_count=0
for interface in $interfaces; do
sudo ip link set "$interface" up
let "source_count+=1"
kismet_sources+="-c ${interface}:name=Wifi${source_count} "
done
# Start Kismet with the detected interfaces
kismet $kismet_sources --override wardrive > kismet.log &Or simplified, with a check to restart Kismet and run as daemon: (Sources auto-detected or specified as above in the kismet.conf file)
#!/bin/bash
# Wait for 30 seconds to give the system time to detect and bring up interfaces
sleep 30
# Define the user's home directory and the directory for Kismet data
USER_HOME="/home/yourUsernameHere"
KISMET_DIR="${USER_HOME}/kismet"
# Create the Kismet directory if it doesn't exist
mkdir -p "${KISMET_DIR}"
cd "${KISMET_DIR}"
# Command to start Kismet with WebUI enabled, running in quiet mode
KISMET_COMMAND="kismet -t PiDriver --override wardrive -q -s"
# Function to check if Kismet is running by pinging the web interface
check_kismet() {
if ! curl -Is http://localhost:2501 | grep -q "200 OK"; then
$KISMET_COMMAND
fi
}
# Initial Kismet start
$KISMET_COMMAND
# Loop to check and restart Kismet if not running
while true; do
sleep 60 # Check every 60 seconds
check_kismet
done
-
Save and exit the editor by pressing
CTRL + X, thenY, thenENTER. -
Make the script executable:
sudo chmod +x ~/start_kismet.sh
To ensure the script runs at startup, add it to the crontab:
-
Open the crontab editor:
crontab -e
-
Add the following line at the end of the file:
@reboot /path/to/your/script.sh
-
Save and exit the editor.
Though it’s best practice to scan all available channels, some users may want to see more APs for max yield. By using the most popular (wigle.net stats) channels we can do that:
- Set identifiable network interfaces to yes using raspi-config
- Use ifconfig or airmon-ng to show the device names
- Edit /etc/kismet/kismet.conf and modify the source= lines as so, changing device names to match your own.
source=wlx00c0cab46dh4:name=Device1,channels="1,6,11,36,149,9,4,10,153,7,52,13,108,132,116,124"
source=wlx00c0cab563vb:name=Device2,channels="1,6,11,44,157,48,3,2,100,8,161,56,112,60,136,128"
source=wlx00c0cab565jg:name=Device3,channels="1,6,11,40,149,5,36,100,153,12,52,64,104,116,132,120"
Note
This is an example. Please use the channels that you see fit.
From Kismet Docs:
By default, Kismet enables all channels it discovers on all bands. By specifying a specific band, Kismet will only enable channels on the selected bands.
Example:
# Source0 enables 2.4ghz channels only. source=wlan0:name=Source0:band24ghz=true # Source1 enables 5ghz and 6ghz channels only. source=wlan1:Name=Source1:band5ghz=true,band6ghz=true```
Kismet
- Once the Raspberry Pi boots up, Kismet should start automatically
- Access the Kismet web interface by navigating to
http://<raspberry_pi_ip>:2501in your web browser.
Filesystem
- If using script #1, connect to the pi & access the python http.server:
- Files hosted at:
http://<raspberry_pi_ip>:8080
- Files hosted at:
Alternatively, connect via ssh, sftp, or other methods of your choice.
- Kismet data is stored in
/home/<YOUR_USERNAME>/kismet