Media – DragonOS

DragonOS FocalX GPSD w/ Remote Kismet Wi-Fi Survey (Python-Kismet-Metagpsd, Alfa, BU-353S4)

This video explains how to use several tools included in DragonOS in such a way that'll enable GPSD location + Kismet information to be sent securely back to a Kismet ...server and associate it to the source it's running on. That allows the devices located during the survey to have real time location information. You could basically set up as many remote nodes as you wanted and have them all sending back to one central Kismet server. This can be used as a distributed wireless intrusion detection system for the purposes of protecting your network.

Although I only show a Wi-Fi survey in this video, understand any of the other Kismet Cap tools that have the "static gps" option can also be configured with MetaGPS. You can also use the Pipenv directions mentioned on the hobobandy project page if you don't want to use the included virtual environment in DragonOS *AFTER* using sudo pip3 install pipenv.

** python3-websockets has been fixed in 22.04 and is a deb package in the kismet dev repo now (I’ll add to my PPA too) but with it installed you do not need to do the venv part I show. The metagps py file will just run with the native python3 in DragonOS. **

More on Kismet Remote Captures here,
https://www.kismetwireless.net/docs/readme/remotecap/remotecap/

And the new MetaGPSD python script is here,
https://github.com/hobobandy/python-kismet-metagpsd

You'll need to add one package with pip as described in the video after activating the python venv, everything else is included.

Follow @cemaxecuter on Twitter for more DragonOS and SDR info.
Become a patron @ https://www.patreon.com/cemaxecuter[+] Show More

DragonOS FocalX GPSD w/ Remote Kismet Wi-Fi Survey (Python-Kismet-Metagpsd, Alfa, BU-353S4)

This video explains how to use several tools included in DragonOS in ...

DragonOS FocalX RedHawk Domain Manager Setup w/ Remote RTLSDR Client (RTLSDR v3, Docker)

"REDHAWK is a software-defined radio (SDR) framework designed to ...

"REDHAWK is a software-defined radio (SDR) framework designed to support the development, deployment, and management of real-time software radio applications."
https://redhawksdr.org/2.2.5/getting-started/

With that in mind, this video covers how to setup the ...RedHawk 2.2.5 (newest docker available, but not the newest RedHawk) domain manager on DragonOS FocalX using Docker. You'll also see how a second system with the same setup plus RTLSDR communicates back to the domain controller. Hopefully I'll get around to more research on RedHawk. It seems to have an interesting history, but honestly the documentation/setup may be something I'll just have to build on as time permits.

A few things about the setup shown in the video.

I notice that log4j appears in the 2.2.X RedHawk w/ the 3.x version mentioning log4j being replaced by reload4j, so keep that in mind in terms of vulnerabilities, I’ve not looked into it much.

I installed docker-compose even though "docker compose" was actually available after installing docker from the offical repository. Turns out the way I did it in the video avoids a warning about the "redhawk_sdrroot volume already existing but was not created by Docker Compose".

After setting up the .env with the HOSTNAME, you should run source .env in the terminal before proceeding with docker-compose commands. That will make those environmental variables available and will fill in the $HOSTNAME, etc.

I also had issues with the IDE script that's supposed to open it. Instead I found that running it directly in terminal worked, notice I changed the workspace location. Which this reminds me, I didn't create the workspace directory in the video. You can create it where you'd like, but I should've ran mkdir /home/dragon/workspace for example.

sudo docker run --rm -d -e RHUSER_ID=$(id -u) -e OMNISERVICEIP=$HOSTNAME -e DISPLAY=$DISPLAY -v redhawk_sdrroot:/var/redhawk/sdr -v /home/dragon/workspace -v /tmp.X11-unix/tmp/.X11-unix -P --network host --name redhawk_development_1 geontech/redhawk-development:${RH_VERSION}

By the end of the docker setup you should be able to run the RTLSDR script either locally or remotely. In my case I was running one instance of DragonOS FocalX in a virtual machine and for whatever reason during the video wasn't getting the RTLSDR passed through. I switched to my host DragonOS FocalX which had the same setup steps performed on it and used it to share the RTLSDR over the network to the RedHawk domain controller.

Follow @cemaxecuter on Twitter for more DragonOS and SDR info.
Become a patron @ https://www.patreon.com/cemaxecuter[+] Show More