Use Kismet to Watch Wi-Fi User Activity Through Walls

Using Kismet to spy on users draws from signal intelligence techniques, in which we try to learn about something we can't see by the signals it's giving off. In this case, we are dealing with Wi-Fi, and what we are trying to see is routers and connected devices, human activity, and what devices belong to who. This is enough to piece together a lot more than you might think.

Using Kismet to spy on users draws from signal intelligence techniques, in which we try to learn about something we can't see by the signals it's giving off. In this case, we are dealing with Wi-Fi, and what we are trying to see is routers and connected devices, human activity, and what devices belong to who. This is enough to piece together a lot more than you might think.

Installing Kismet

To install Kismet on Kali Linux, we'll first clone the git repository with the command below.

Install dependencies

sudo apt-get install build-essential git libmicrohttpd-dev zlib1g-dev libnl-3-dev libnl-genl-3-dev libcap-dev libpcap-dev libncurses5-dev libnm-dev libdw-dev libsqlite3-dev

Install kismet

git clone https://www.kismetwireless.net/git/kismet.git
cd kismet
./configure
make

When this is complete, we'll run the resulting file to complete the installation with the suidinstall option. This is important because Kismet is directly taking in signals and writing data to your computer. It is a terrible idea to do this as a root user because if any of that data is malicious, it could be executed as root. When unprivileged users need to accomplish tasks that require privileges, like controlling the wireless network adapter, Linux lets us give privileges to programs instead of users so we don't have to make everyone, including malware, root. To mitigate [giving root access], Kismet uses separate processes to control the network interfaces and capture packets. These capture programs are much smaller than Kismet itself and do minimal (or no) processing on the contents of the packets they receive.

sudo make suidinstall

After Kismet is installed, add yourself to the Kismet group to be able to capture packets as a non-root user. Be sure to replace "YourUsername" with your actual username.

sudo usermod -a -G kismet YourUsername

Put Your Wireless Card in Monitor Mode

sudo airmon-ng start YourCardName

Launch Kismet

Be sure to put the name of the card you put in wireless monitor mode after the -c. Kismet uses the -c to specify the capture source.

kismet -c YourCardNameMon

Persistent Network Surveillance

Once we start Kismet, we should see a list of all the Wi-Fi devices we can detect nearby. The number of devices detected will vary depending on if you're scanning 2.4 GHz, 5 GHz, or both. If you have the ability to add an antenna to your wireless network adapter, a higher gain (or directional) antenna can extend your range and the number of devices detected.

You can arrange these networks by name, signal strength, and other properties. It's advised that you do so by signal strength so that you can see what networks are strongest (and thus closest) first. Once you have a network you'd like to target, click on it (or scroll down to it) in Kismet to learn more information about it.