Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/PegasusLab/WiFi-Miner-Detector

Detecting malicious WiFi with mining cryptocurrency.
https://github.com/PegasusLab/WiFi-Miner-Detector

Last synced: 21 days ago
JSON representation

Detecting malicious WiFi with mining cryptocurrency.

Awesome Lists containing this project

README

        

# WiFi Miner Detector
by qingxp9 @ 360PegasusTeam

## Overview
A tool for detecting malicious WiFi with mining cryptocurrency.

Some weeks ago I read a news "Starbucks Wi-Fi Hijacked People's Laptops to Mine Cryptocurrency". The attackers inject the CoinHive javascript miner to HTTP Response, so I write this tool to detect malicious WiFi with miner scripts. Now it can detect:

- [CoinHive](https://coinhive.com/)
- [DeepMiner](https://github.com/deepwn/deepMiner)
- [Crypto-Loot](https://crypto-loot.com/)
- [CoinIMP](https://www.coinimp.com/)

It is based on analyzing the unencrypted 802.11 Data Frame to find keywords in HTTP data, Because this attack is major occured in public open WiFi.

## Requirements
```
sudo apt install python-pip
pip install scapy
pip install scapy_http
```

And you'll need a WiFi card that supports monitor mode. You can check by running: iw list. Something like:

```
Supported interface modes:
* IBSS
* managed
* AP
* AP/VLAN
* monitor
* mesh point
```

I tested it with TP-Link TL-WN722N (chipset Atheros AR9271), and works well.

## Usage
```
sudo python wifi_miner_detector.py wlan0
```

![demo](https://github.com/360PegasusTeam/WiFi-Miner-Detector/blob/master/demo.gif)

you can add any rules in **HTTPHandler** to expand it. Just pull a request if you have any idea.

## References

- http://www.freebuf.com/articles/web/161010.html
- https://www.anquanke.com/post/id/95697
- https://twitter.com/qingxp9/status/957908040556015616