Home

Awesome

<img src="https://github.com/akestoridis/zigator/raw/27dfb2fa3022d7886bef3050c2637473bb4e5995/zigator-header.png">

zigator

Zigator: A security analysis tool for Zigbee and Thread networks

<!-- START OF BADGES -->

Status of tests workflow GitHub release (latest by date) GitHub commits since latest release (by date) Python version requirement License

<!-- END OF BADGES -->

Disclaimer

Zigator is a software tool that analyzes the security of Zigbee and Thread networks, which is made available for benign research purposes only. The users of this tool are responsible for making sure that they are compliant with their local laws and that they have proper permission from the affected network owners.

Installation

You can install Zigator in a Python 3 virtual environment as follows:

$ git clone https://github.com/akestoridis/zigator.git
$ cd zigator/
$ python3 -m venv venv/
$ source venv/bin/activate
(venv) $ pip install --upgrade pip
(venv) $ pip install .

The following command should display the version of Zigator that you installed:

(venv) $ zigator -v

If you decided to install Zigator outside of a Python 3 virtual environment and then you received an error message that the zigator command was not found, make sure that your system's PATH environment variable includes the directory of the installed executable. For example, if it was installed in ~/.local/bin, add the following line at the end of your ~/.bashrc file:

export PATH=$PATH:~/.local/bin

After reloading your ~/.bashrc file, you should be able to find the zigator command.

Features

Zigator enables its users to do the following:

Getting Started

You can view a synopsis of all the subcommands that Zigator supports as follows:

(venv) $ zigator -h

The -h flag can also be used to view the supported arguments of different Zigator subcommands. For example, the following command displays the supported arguments of the inject subcommand:

(venv) $ zigator inject -h

Similarly, you can view the supported arguments of the inject subcommand for the forging of a Zigbee beacon, before forwarding it for injection over UDP, with the following command:

(venv) $ zigator inject udp zigbeebeacon -h

For instance, you can forward a forged Zigbee beacon for injection over UDP, that has its PAN ID set to 0xbbcc and the remaining fields set to their default values, by executing the following command:

(venv) $ zigator inject udp zigbeebeacon --mac_srcpanid 0xbbcc

Note that some Zigator subcommands can only be executed by the superuser. For example, you will have to execute your installed executable with sudo in order to send a forged packet to a raw socket, e.g.:

(venv) $ sudo ./venv/bin/zigator inject sll zigbeebeacon --mac_srcpanid 0xbbcc

A disclaimer will be printed whenever the user executes a command that would launch an attack. The user will have to accept responsibility for their actions if they want to proceed.

Related Publications

Acknowledgments

This project was supported in part by the Carnegie Mellon CyLab Security and Privacy Institute and in part by Carnegie Mellon University.

License

Copyright (C) 2020-2022 Dimitrios-Georgios Akestoridis

This project is licensed under the terms of the GNU General Public License version 2 only (GPL-2.0-only).