Do you have a younger sibling? Are you worried about them going places on the internet they shouldn't? This should help you out ;)
*Please note that you will need to customize this script to the particular device you are trying to sniff. Instructions are below.
Create a blank MongoDB project and take note of the connection string. This is the connection string that you get from the MongoDB website. It should look something like this: mongodb+srv://<username>:<password>@<cluster>.mongodb.net/<dbname>?retryWrites=true&w=majority
Uhhmm... you need Python. I hope this goes without saying. If you don't have Python... well... get Python.
Once you have Python, open command prompt and run the following:
pip install pyshark pymongo scapyYou will need Wireshark. This is the program that will sniff the network traffic. You can download it from here. Follow the following instructions to install:
- Download and run the installer
- Click
Next - Click
Noted - Click
Next - Deselect everything except for
TShark(you can selectWiresharkas well if you want but it's not necessary) and clickNext - Click
Next - Click
Next - If you don't have Npcap installed, install it
- Click
Next - Click
Install
In the script there are a number of setup markers. Each marker is right above the line for its respective instruction step.
- If you want debug messages, set this to
True. If you don't want debug messages, leave it asFalse. - Set the MONGODB_CONNECTION_STRING environment variable your specific MongoDB connection string you took note of earlier.
- Add the domains here that you want to exclude and that are of the form "www.". For example, if you want to exclude "www.google.com" you would add "google.com".
- Add all other domains here that you want to exclude.
- Set the interface to the network interface you want to sniff. This may take a little bit of work to find, see the section below for instructions. Once you have the interface, insert it in the
{...}space provided (replace the...with the Network Interface).
- Open command prompt in this directory and run the following:
ipconfig /all- Find the network interface that you are connected to the internet with. It should be named something like
Wireless LAN Adapter Wi-Fi. It will probably not be named exactly that but there should usually be only one interface with "Wi-fi" in the name. Take note of the physical address (or MAC address). - Run the following:
python setup/x.py- Find the network interface with the same MAC address as the one you took note of in step 2, it will be a bunch of letters and numbers in the form
XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX. This is the Network Interface we're looking for.
This part can tend to be tricky. If, after these instructions, you still can't find the network interface, ask Chad! He's always happy to help.
At this point, your personalized script should be ready to run. Depending on your particular needs, you may want to create a batch file to automatically run the script on startup. If you need help with this, ask Chad! What? You thought I would give you everything for free? Come on, I did all the really hard work. You can do this simple little part yourself.
After that, you're good to go! All files other than the main script (and batch file if you made one) are no longer needed. Maybe rename the script something like "System32_boot.py"... your younger sibling will never know what hit them.