Skip to main content

Why WiGLE?

 In August 2018 a couple of friendly hackers who find their home in the Wireless Village introduced me to WiGLE! I was familiar with wardriving, but it was not efficient and was more, and shall we say -- purposeful. 

Wardriving has many benefits when gathered with purpose. Who am I talking about? obviously WiGLE. Prior to WiGLE, I used a few tools like airmon-ng/airdump-ng, and then processed everything either through tshark, Wireshark, tcpdump, and NetworkMiner. So, I never had a need to get into wardriving, per se. The group introduced me, and that's how it all got started! 

So why wardriving? WiGLE's scoring system and groups make it way more fun. There are many great was wardriving helps others - and I stole these points right from the WiGLE FAQ section, and added a few of my own. 

  • It's fun: time to compete with others around the world! 
    • WiGLE has given me the opportunity to make new friends! Some of us are spread across the world, but we're all able to work on a team together to increase our team rank. We're doing pretty good. 
    • The group that made and maintains WiGLE are an awesome set of people too!
  • It's moderately accessible: whether you're scooting, walking, bussin', driving, you can map networks!
  • It helps others look for free wifi! Millions of Americans rely on free wifi, particularly from places like libraries. 
    • In my dnsprincess-opinion, the internet is a utility that should be provided for, but unfortunately, it's not. If you're curious about the debate around broadband, read this article.
  • Journalism: "WiGLE is a handy resource for journalists looking for data points on Wifi proliferation, statistics, and security. WiGLE keeps statistics on manufacturer distribution, top SSID's, encryption modes, channel selection, geographic distribution and much more."
  • Site surveys and perimeter network access: Site surveys help businesses understand what networks they have present at their facility if the APs need their channels or power adjusted, etc. WiGLE can help identify employee-created networks or malicious APs. 
  • Research Projects & Class Assignments! I've made a handful of network security assignments based on using the information found from WiGLE. Most of the time I link to digital forensics. Here's an example question:
    • You've received a phone for forensic processing. One of the artifacts you found was the last wireless network the phone was connected to at the time of the crime 88:3d:24:b5:ce:6b 
    • What type of device what found? What was the location of the device? Is this a reliable network to establish a location? (ps the last answer is no.
  • Helping others and the public: It's important for everyone to understand their network affects their personal security. "Most users didn't realize that their private networks could be accessed by anyone in the area (at various distances with antennas and amplifiers). WiGLE, and Wardriving in general, helped to educate users and put pressure on manufacturers to make network security better and easier. Nowadays WPA2 is the standard and defaults to "on" for most manufactured devices."
  • Creates a community of fun hackers! Check out the wireless village

In the next post I'll talk about my covert cute setup (warwalking, warscootin'), and my truck setup (wardriving)! Until then, find an old laptop and run kismet or get an android phone and download WiGLE! You can sign up for an account and sign up now!


Popular posts from this blog

Wardriving OSINT & SE

 Disclaimer: do NOT use this information to be a jerk. Don’t try to get the location of my examples, or you’re a big meanie. There's already a post out there about tracking people with wifi. It's helpful for those who use a hotspot or maybe a vehicle hotspot. I believe a personal device that broadcasts Bluetooth is more likely than a hotspot.  Tracking What wardriving can’t do = track people via Bluetooth devices Or shouldn’t be able to work. Most modern Bluetooth devices use MAC randomization, which changes the MAC address of the Bluetooth device at random. Even if you can track a device it may only be short-term, as it’ll change again.  But sometimes they don't turn over to a randomized MAC. Do what you will with that. If you want to see how easy it is to make a random MAC go here . But what if you only need a short-term answer? Better start stumblin’. Let’s forget the purpose of needing that MAC address long-term. With all MAC addresses, OUI can tell you what the

The big list of remote job openings

From a conversation in my Discord ; one member brought up a lot of the best remote jobs and job boards come from Twitter. This is a decentralized way of distributing information, which is better than not sharing the information but can be hard to find.  This list is not a replacement for that, but it's pretty close. Here's the master remote vacancy list for remote jobs in the United States. This job board is in no way just for IT jobs, there are all sorts of jobs from sales, teaching, upper management, data entry, design, customer service, and more. Take a look if you're looking for a new job.  Some Tips: Try searching the full row for the job in Google. There are better job boards where the job posting is more up to date; instead of using the link provided. Don't spam one company, make sure if you're using the shotgun approach, you aren't letting the companies you're applying for know that There's a lot of advice on how to get a job online. Some of you

Common techniques for accessing phishing attacks

Can't load the phishing site that you know is there? Here to do some incident response or some SOC tasks? If you’re attempting to respond to an incident or just investigate some phishing pages, you may find that they are inconsistently accessible. Fraudsters will make phishing sites less available to their non-targets to curb their detection. Here’s what to know about phishing attacks and how to access them. What is a fake 404 page? It’s pretty easy to make a fake 404 page to display. <html><head> <title>404 Not Found</title> </head><body><h1>Not Found</h1>                  <p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p>                    <hr>                    <address>Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Server at localhost Port 80                                <style>