Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/PegasusLab/WiFi-Miner-Detector
Detecting malicious WiFi with mining cryptocurrency.
https://github.com/PegasusLab/WiFi-Miner-Detector
Last synced: 21 days ago
JSON representation
Detecting malicious WiFi with mining cryptocurrency.
- Host: GitHub
- URL: https://github.com/PegasusLab/WiFi-Miner-Detector
- Owner: PegasusLab
- Created: 2018-01-22T03:11:49.000Z (almost 7 years ago)
- Default Branch: master
- Last Pushed: 2018-03-16T10:31:00.000Z (over 6 years ago)
- Last Synced: 2024-08-05T17:40:47.431Z (4 months ago)
- Language: Python
- Size: 127 KB
- Stars: 49
- Watchers: 5
- Forks: 17
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-hacking-lists - PegasusLab/WiFi-Miner-Detector - Detecting malicious WiFi with mining cryptocurrency. (Python)
README
# WiFi Miner Detector
by qingxp9 @ 360PegasusTeam## Overview
A tool for detecting malicious WiFi with mining cryptocurrency.Some weeks ago I read a news "Starbucks Wi-Fi Hijacked People's Laptops to Mine Cryptocurrency". The attackers inject the CoinHive javascript miner to HTTP Response, so I write this tool to detect malicious WiFi with miner scripts. Now it can detect:
- [CoinHive](https://coinhive.com/)
- [DeepMiner](https://github.com/deepwn/deepMiner)
- [Crypto-Loot](https://crypto-loot.com/)
- [CoinIMP](https://www.coinimp.com/)It is based on analyzing the unencrypted 802.11 Data Frame to find keywords in HTTP data, Because this attack is major occured in public open WiFi.
## Requirements
```
sudo apt install python-pip
pip install scapy
pip install scapy_http
```And you'll need a WiFi card that supports monitor mode. You can check by running: iw list. Something like:
```
Supported interface modes:
* IBSS
* managed
* AP
* AP/VLAN
* monitor
* mesh point
```I tested it with TP-Link TL-WN722N (chipset Atheros AR9271), and works well.
## Usage
```
sudo python wifi_miner_detector.py wlan0
```![demo](https://github.com/360PegasusTeam/WiFi-Miner-Detector/blob/master/demo.gif)
you can add any rules in **HTTPHandler** to expand it. Just pull a request if you have any idea.
## References
- http://www.freebuf.com/articles/web/161010.html
- https://www.anquanke.com/post/id/95697
- https://twitter.com/qingxp9/status/957908040556015616