Skip to main content

How to Wardrive: Know where to go

Inspired by others, and my goal of getting a golden WiGLE badge, I went wardriving for my birthday. I was hoping for 50k, and I ended up with just over 61k. I'm less than 80k away from my goal!

But how do you pick a place to wardrive, and how do you actually do it? The easiest way is to download WiGLE on an android phone, get some transportation, and be set on your way. But if you want more detail or some tips, keep reading. 

Avon Lady Method:

  1. Find a city within reasonable distance of travel
  2. Examine the results for the past few years of the area; do not use the overall coverage of all time. 
  3. Verify if the city is desirable for wardriving
    • Little coverage in the past few years
    • Most residential areas are not covered
  4. Use maps to search and define high density residential areas (i.e. apartments, town homes). 
  5. Create an order that allows for little overlapping and in a convenient driving pattern.
  6. Use landmarks around the city to define the internal roads
  7. Wardrive
  8. Profit ("internet points")
----

Evansville, IN

I picked this location because of its relative distance to me, and the fact it looked like stumblers haven't touched the area recently. Below shows a map of Evansville 2020 - 2023. So for the last two years this is the only progress than Evansville has made. It looks like most of the concentration is on major roads, with only a few residential areas defined.

Figure 1

Residential areas have multiple wifi devices per dwelling, so apartment complexes have a high density of wifi and bluetooth. Those places aren't well defined by the map, so I assumed I would get a lot of results there. 

But you can't just drive around and magically get yourself to where the map is bare. It takes some planning. I call this the Avon Lady Method. Avon ladies may blanket a neighborhood with their brochures, selecting high density areas to get the most clients. Shoutout to my mom. 

I pulled up Evansville on Google Maps and got to work. Printing out a couple of paper maps of Evansville, I matched up the roads to the results on Google Maps searching for apartments. I plotted some areas on the paper map to see where I was going to drive. I then wrote the order of the apartments to the path that I wanted.

Figure 2

The numbers at the top reference a part of the map. They aren't really important. After laying out the order of the results, I broke the lists up into different quadrants of the city. Then we went down the list crossing them off as we blanketed the residentially areas. 

This would get us isolated parts of the map, but what about the center? What about the business part of the city? Using Google Maps again, I zoomed out and picked the businesses than would get the pattern I wanted and put those in order too. I called these landmarks. 

Figure 3
  

The result got me the same amount of networks as all of 2021 and 2021 in Evansville. Removing all results by others, here's what the wardrive worked out to:

Figure 4

There's clumps and clusters on the map from the residential areas. Using the landmarks caused the outlining on the connected streets. Combining the two maps of Evansville yielded this result of total stumblers (including me) in 2020 - 2023:

Figure 5

Comparing this figure to figure 1 shows a significant coverage change and a much more covered city. Overall this was moderately successful. About 14 hours of wardriving yielded 60k-ish results. Evansville is not a big city, and wouldn't hold a candle to large cities like SF or NYC. These areas are well covered my many stumblers; there's less opportunity to find new networks. It's currently January 31st, and here's what's already been covered in the past 31 days: 

Figure 6

It's easy to see where the major cities are and how their coverage for this year has already been explored. That doesn't mean there's not still plenty of wardriving to be had, but it does mean there's less. These numbers could rival the 60k found in Evansville, but it would be a longer, harder trip. Look at SF's coverage, I see you stumblers. 

Next post, I'll talk about the devices I used and their individual results. You'll be shocked on how good cheap, old equipment can be! Thanks for reading; happy wardriving. 

 



Comments

Post a Comment

Popular posts from this blog

How to program a NTAG215 NFC Tag

Hi! Did you just acquire a NTAG215 NFC tag? Very cool. Maybe you scanned it and it brought you here. Here's how to edit the content on the tag to make it do what you want.  Easy Steps Download an NFC writing app on a smartphone like this one for Android or this one for iPhone. I assume you might have this app already if you're reading this tag. Done Decide what type of data you want to save. If you picked up more than one of the NFC tags, you may have a variety of data saved to them like the ones below: Plain text URL/URI Link to a search Social networks Video File Application Mail Contact Phone number SMS Location Address Proximity search Street View Emergency info Bitcoin address Bluetooth connection WiFi network settings other custom fields Make sure if you select the correct format to make it easier to scan, save the write data, and re-scan the tag. Switch back to the read function and test your tag! Next Method The above method doesn't cover making everything, such a...
Post a Comment
Read more

Phishing Kits

Let's make a phishing attack (just kidding). The easiest way to do so is obtaining a pre-made phishing kit. Phishing kits represent a significant and growing danger. These tools, readily available in the darker corners of the internet, empower even technically unsophisticated criminals to launch effective phishing campaigns. This post aims to demystify phishing kits, explore their dangers, and provide practical advice on safeguarding against these insidious threats.  Phishing kits are pre-packaged sets of tools and resources designed to facilitate phishing attacks. The parts of a phishing kit can be broken down into the following components: Email templates Webpage clones (usually scraped from the legit site) Scripts and code repositories  Hosting Platforms Delivery Systems Readme & docs Premium services Real-time data analysis tools Customer service* Social engineering tools These kits are designed for ease of use, allowing attackers to launch phishing campaigns with mini...
Post a Comment
Read more

Anti-Phishing Working Group Report from Q2 2023

 The Anti-Phishing Working Group (APWG) is an international coalition focused on unifying the global response to cybercrime, particularly phishing and e-mail fraud. Established in 2003, APWG brings together businesses, government entities, law enforcement, and non-governmental organizations to combat phishing, crimeware, and e-mail spoofing.They create regular reports on the nature of phishing "in the wild" and share trends in this report. You can download the report here .  I wanted to report on a more recent trend report, but at the time of writing I haven't seen a newer one. It being in the middle of 2023, I believe the report is recent enough.  I found a few areas of interest, and questioned a few pieces. There was a reported downward trend in phishing. Despite the high numbers, there was a notable downward trend in phishing by the end of the quarter, indicating a possible shift in tactics or improved countermeasures. I have doubt that phishing is occurring less,...
Post a Comment
Read more