- Joined
- Apr 28, 2020
- Messages
- 964
- Points
- 113
ZigBee Hacking by ZigDiggity
ZigDiggity a ZigBee Hacking Toolkit is a Python-based IoT (Internet of Things) penetration testing framework targeting the ZigBee Smart home protocol
ZigBee continues to grow in popularity as a method for providing simple wireless communication between devices (i.e. low power/traffic, short distance), & can be found in a variety of consumer products that range from smart home automation to healthcare. Security concerns introduced by these systems are just as diverse and plentiful, underscoring a need for quality assessment tools.This ZigBee penetration testing framework enables cybersecurity professionals, auditors, and developers to run complex interactions with ZigBee networks using a single device.The current version of ZigDiggity is solely designed for use with the Raspbee, the RaspBee premium is ZigBee addon for Raspberry Pi with Firmware.
The RaspBee provides:
Introducing ZigDiggity 2.0, a ZigBee penetration testing framework created by Matt Gleason & Francis Brown of Bishop Fox. Special thanks to Caleb Marion! , ZigDiggity version 2 is a major overhaul of the original package and aims to enable cybersecurity professionals, auditors, and developers to run complex interactions with ZigBee networks using a single device.
Usage
Currently scripts are available in the root of the repository, they can all be run using Python3:
python3 listen.py -c 15
When running with wireshark, root privileges may be required.
Scripts
ZigDiggity a ZigBee Hacking Toolkit is a Python-based IoT (Internet of Things) penetration testing framework targeting the ZigBee Smart home protocol
ZigBee continues to grow in popularity as a method for providing simple wireless communication between devices (i.e. low power/traffic, short distance), & can be found in a variety of consumer products that range from smart home automation to healthcare. Security concerns introduced by these systems are just as diverse and plentiful, underscoring a need for quality assessment tools.This ZigBee penetration testing framework enables cybersecurity professionals, auditors, and developers to run complex interactions with ZigBee networks using a single device.The current version of ZigDiggity is solely designed for use with the Raspbee, the RaspBee premium is ZigBee addon for Raspberry Pi with Firmware.
The RaspBee provides:
- Pluggable add on with radio module (IEEE 802.15.4) for Raspberry Pi
- Brings Raspberry Pi as LAN-ZigBee gateway
- Frequency: 2.4 GHz ISM band, can be used worldwide
- Based on Atmel´s single chip microcontroller ATmega256RFR2
- With ZigBee firmware and extensive software package to control up to 200 devices
Introducing ZigDiggity 2.0, a ZigBee penetration testing framework created by Matt Gleason & Francis Brown of Bishop Fox. Special thanks to Caleb Marion! , ZigDiggity version 2 is a major overhaul of the original package and aims to enable cybersecurity professionals, auditors, and developers to run complex interactions with ZigBee networks using a single device.
Usage
Currently scripts are available in the root of the repository, they can all be run using Python3:
python3 listen.py -c 15
When running with wireshark, root privileges may be required.
Scripts
- ack_attack.py - Performs the acknowledge attack against a given network.
- beacon.py - Sends a single beacon and listens for a short time. Intended for finding which networks are near you.
- find_locks.py - Examines the network traffic on a channel to determine if device behavior looks like a lock. Displays which devices it thinks are locks.
- insecure_rejoin.py - Runs an insecure rejoin attempt on the target network.
- listen.py - Listens on a channel piping all output to wireshark for viewing.
- scan.py - Moves between channels listening and piping the data to wireshark for viewing.
- unlock.py - Attempts to unlock a target lock
Last edited: