Alright… Here we are again, another edition of Hack Week which is so damn long overdue… This is part one of four in our war-driving series.

Pardon me for the wrong year on the watermark, I did this article late last year and was delayed until now as the PZportal crew decided it would be best to release all related War-driving articles continuously for the next few weeks.

For this issue of Hack Week, we will be doing an antenna mod on a WUSB54G WiFi receiver for War-driving. So what is War-driving? Read on to find out…

—————————————————

Background

The concept behind war-driving is simple; to probe and log all WiFi networks in the vicinity while driving. The purpose is to consolidate all results, particularly wireless security deployment, and share with the community to raise awareness on wireless network security. War-driving is technically legal as it does not involve unauthorized access to other’s wireless network.

Since most war-driving research are conducted overseas and there seemed to be no publicly done war-driving locally, the PZPortal team thought it will be good to conduct our own war-driving session and apply it in to a more Singaporean context.

Our purpose of conducting this war-driving experiment is to answer a few questions, as well as hoping to bring about public awareness on having a secure and stable wireless connection.

1 – How aware Singaporeans are, about securing their wireless networks?

2 – What are the most commonly used encryption methods used by Singaporeans?

3 – What are the most commonly used channels

4 – The penetration rate of WiFi usage at home and around the neighbourhood

The public’s view and opinion on war-driving in Singapore is largely unknown as there have been no publicly published war-driving results. Since war-driving is often wrongly associated with unauthorised usage of other people’s WiFi and there have been several high profiles WiFi piggybacking cases in the past thus the public’s opinion of war-driving may not go down very well.

The PZPortal team hopes that, through this War-driving experiment we are able to share with the community and the general public our results and analysis.

Items needed:

- Laptop/Netbook

- External Wireless receiver with high gain antenna (We will be using modified Linksys WUSB54G)

- War-driving software (Netstumbler for XP, Vistumbler for Vista, Kismet for Linux)

With you guys understanding the meaning and uses of War-driving, we will dive straight to modding the WUSB54G!

Modification of WUSB54G to accept a SMA connector antenna for range increment

The reason why we chose WUSB54G as our WiFi receiver of choice is because it is supported by Backtrack, a security auditing linux distro. Also, one of the PZportal editors happens to have a functional WUSB54G wireless receiver.

Even though the WUSB54G wireless receiver has retractable antenna, the antenna gain is simply too low so we attempted a simple hack to solder a RP-SMA connector on to the wireless receiver’s board and attach a 5dbi antenna to it. But before we begin, it is important to note that not all WUSB54G has the Ralink chip and only the WUSB54G Version 4 has it. The Ralink chip is essential if you are interested in using it to do some wireless penetration testing.

You can check the version number by looking at the underside of the WiFi receiver as illustrated by the picture below

After verifying that your WUSB54G is a Version 4, you can start to hunt for the following components:

- RP-SMA connector and the coaxial cable

- Hi-gain antenna with SMA connection (Currently we are using a 5-dbi antenna)

You can get the RP-SMA connector and coaxial cable from Sim Lim Tower but do note that you have to get it individually and if you come across a shop that do sell it as a set, don’t buy because it will cost much more than you get it separately and having it custom made.

The total cost of the RP-Connector and coaxial cable (including getting them to assemble it together) is around $11.00. It is actually recommended to get the technicians at LHS Electronics to assemble it together for you unless you know what you are doing.  You can get the hi-gain antenna by hunting around Sim Lim Square for one.

Once you have obtained all the items necessary to attempt this hack, it is time for us to open the casing which houses the radio receiver. To open the casing, you will need to use a Trox screwdriver, once you get inside you will realize that the WiFi receiver is actually a small piece of PCB (Printed circuit board) that occupies half of the entire casing!

On the PCB you will see a confusing array of resistors and electronic components. You will also see a huge ‘heatsink’, which is actually a Shield to protect the RF (Radio Frequency) chip underneath it from Electromagnetic interference (EMI)

The only thing that we will be working on is the wire that is connected to the PCB at the side of the RF chip as indicated by the red circle in the picture. Get ready your soldering iron, another extra pair of hands and maybe a magnifying glass as the next part of this hardware mod will be a little bit tricky.

While preparing the soldering iron for use, you will have to strip the white plastic cover off the coaxial cable concealing the signal wire which we are looking for.

Once the white plastic cover is stripped off, it will reveal the shielding for the signal wire. Slowly untwine the shielding and leave it aside, don’t cut it off because the shielding will act as the ground.

Once the shield is out of the way, you will see the signal wire. Like the white plastic cover, carefully strip the transparent cover off the signal wire.

With the signal wire expose, you are ready to solder it on to the PCB. Remember the extra hands I told you to bring along? Yeah, it is time for you to utilize it. Just follow the diagram above and you will not go wrong.

One word of caution, do not apply too much solder as excessive solder might spill over to the other contacts causing a short circuit! Remember that we are dealing with very small wires and contacts!

The finished product with the higher gain antenna.

This concludes the antenna mod for WUSB54G. Stay tuned for more on War-driving in Singapore!