May 9th, 2009

Here is one of the tools we presented at our ChicagoCon talk. It passively identifies wireless access points based on matching the Information Elements in their beacon packets against a fingerprint database. It is written in Python and uses Scapy, and has been tested in Linux.

Currently we only have a handful of signatures, so if you want to contribute to this tool, here’s what you can do:

1. Get your access point and enable WPA and WPS (if supported).
2. Capture the beacon frames that your access point is broadcasting and save them to a pcap file.
3. Send us the pcap file along with as much information about the access point as you can (make, model, firmware version, hardware revision, ESSID and BSSID).

Once we get your submission we’ll generate a signature for it and update the WiFinger database file. We think this tool has a lot of great potential, so we welcome any and all submissions – if you’ve got a router, let’s put it in there!

WiFinger can be downloaded here.

fingerprinting, Tools, wifi