A How-To Guide for Using ZigDiggity, the Zigbee Hacking Toolkit
Introducing ZigDiggity, a ZigBee testing framework created by Bishop Fox.
About ZigDiggity
ZigDiggity version 2 is a major overhaul of the original package and aims to enable security auditors and developers to run complex interactions with ZigBee networks using a single device.
Go to https://github.com/BishopFox/ZigDiggity for complete tooling
Install Instructions
Using a default install of Raspbian, perform the following steps:
- Plug your Raspbee into your Raspberry Pi
- Enable serial using the
sudo raspbi-config
command- Select "Advanced Options/Serial"
- Select NO to "Would you like a login shell to be accessible over serial?"
- Select YES to enabling serial
- Restart the Raspberry Pi
- Install GCFFlasher available Here
- Flash the Raspbee's firmware
udo GCFFlasher -f firmware/zigdiggity_raspbee.bin
sudo GCFFlasher -udo GCFFlasher -r
- Install the python requirements using
pip3 install -r requirements.txt
- Patch scapy
sudo cp patch/zigbee.py /usr/local/lib/python3.5/dist-packages/scapy/layers/zigbee.py
- Install wireshark on the device using
sudo apt-get install wireshark
Hardware
The current version of ZigDiggity is solely designed for use with the Raspbee
Usage
Currently scripts are available in the root of the repository, they can all be run using Python3:
python3 listen.py -c 15
When running with Wireshark, root privileges may be required.
Scripts
ack_attack.py
- Performs the acknowledge attack against a given network.beacon.py
- Sends a single beacon and listens for a short time. Intended for finding which networks are near you.find_locks.py5
- Examines the network traffic on a channel to determine if device behavior looks like a lock. Displays which devices it thinks are locks.insecure_rejoin.py
- Runs an insecure rejoin attempt on the target network.listen.py
- Listens on a channel piping all output to Wireshark for viewing.scan.py
- Moves between channels listening and piping the data to Wireshark for viewing.unlock.py
- Attempts to unlock a target lock
Notes
The patterns used by ZigDiggity version 2 are designed to be as reliable as possible. The tool is still in fairly early stages of development, so expect to see improvements over time.
Subscribe to Bishop Fox's Security Blog
Be first to learn about latest tools, advisories, and findings.
Thank You! You have been subscribed.