Skip to content

WatcherWhale/zbsniff2json

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
logo.png
logo.png
 
 
requirements.txt
requirements.txt
 
 
zbsniff2json
zbsniff2json
 
 

Repository files navigation

Zigbee Sniff2JSON

Welcome to our Sniff2JSON tool. This project was developed for the course "Wireless technologies". It sniffs for Zigbee traffic and outputs a JSON file with all required specifics.

logo

Requirements

This project is based on the Killerbee project, primarily we altered the zbdump script to accomplish our tool. It still depends on some of the packages of Killerbee, be sure to have those available as well.

  • CC2531 usb dongle
  • The Killerbee project: https://github.com/riverloopsec/killerbee
  • requirements.txt

Usage

When all requirements are met, you can use the following command to start sniffing.

$ sudo ./zbsniff2json -c <CHANNEL> -o <OUTPUT FILE> -u
usage: zbsniff2json [-h] [-i DEVSTRING] [-d DEVICE] -o OUTPUT [-c CHANNEL] [-s SUBGHZ_PAGE] [-u]

zbsniff2json - a sniffing tool for ZigBee/IEEE 802.15.4 networks

options:
  -h, --help            Show this help message and exit.
  -i DEVSTRING, --iface DEVSTRING, --dev DEVSTRING
                        (Required) String: Path to the interface of the device being used.
  -d DEVICE, --device DEVICE
                        (Required) String: Name of the hardware device being used. E.g. apimote.
  -o OUTPUT, --output OUTPUT
                        (Required) Output file path.
  -c CHANNEL, --channel CHANNEL
                        (Required) Int: Channel value to listen on, from 11-26.
  -s SUBGHZ_PAGE, --subghz_page SUBGHZ_PAGE
                        (Optional) Int: Page value to listen on.
  -u, --update          (Optional) Update MAC vendor lookup table.

Output

The output is a JSON file that contains multiple JSON objects: below an example json capture file.

{"type": "new_scn", "cha": 25, "frq":2475.0, "dev": null, "dvl": ["CC2531 USB Dongle (1:6)"], "pag":0}
{"type": "new_nwk", "pan": "0x7187", "cha": 25}
{"type": "new_dev", "pan": "0x7187", "dev": "00:17:88:01:09:b2:36:e4", "man": "Philips Lighting BV", "cha": 25}

  • new_scn; A new scan is starting.

    • Cha
      The channel the tool is currently sniffing.
    • Frq
      The frequency the tool is on.
    • Dev
      The MAC address of the sniffing tool
    • Dvl
      The hardware this script is using to sniff.
    • Pag
      Frequency page

  • new_nwk; A new network is discovered that has not been discovered before.

    • Pan
      PAN-ID of the network.
    • Cha
      The channel that hosts this network.

  • new_dev; A new device is found that has not been discovered before.

    • Pan
      The PAN-ID of the network this device is connected to.
    • Dev
      The MAC address of the device.
    • Man
      If found: The manufacturer of this device.
    • Cha
      The channel that hosts this device.

About

Zigbee Sniff2Json

Resources

Readme

License

View license
Activity

Stars

1 star

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages