Last chance to enter The Hackaday Prize.

Bringing the Shark to the Bee

Wireshark, a tool recognized universally as being one of the best network analyzers available, has long been used by legitimate network professionals as well as a shadier crowd (and everywhere in between). While useful for analyzing both wired and Wi-Fi traffic, monitoring 802.15.4 protocols (such as Zigbee) have not been a common use in the past. [Akiba] of FreakLabs has brought us a solution which works around the normal limitations of Wireshark’s libpcap base, which does not accept simple serial input from¬†most homebrew setups that use FTDI or Arduinos to connect to Zigbee devices. Using named pipes and a few custom scripts, [Akiba] has been able to coax Wireshark into accepting input from one of FreakLabs Freakduino boards.

While there are certainly professional wireless analyzing tools out there that connect directly into Wireshark, we at Hackaday love showing off anyone who takes the difficult, cheap, out of the way method of doing things over the neat, expensive, commercial method any day.


  1. iToast says:

    Guard your robots! The hackers are coming! They have wireshark on zigbee!!! They will make your robots rebel and attack!!!

  2. great!
    wirelesshark :)

  3. M4CGYV3R says:

    You could almost say he ‘Jumped the Shark’ on this one…

  4. Kevin says:

    I was playing around with this today with the AT86RF212 (800/900MHz) and it works like a charm. Great debugging tool on the cheap.

  5. NatureTM says:

    Next step, repossess some DIY UAV’s?

  6. Colin says:

    Well Done, Akiba! I’m looking forward to what the zigbee sniffing leads to.

  7. Akiba says:

    Ha ha ha…I mostly do protocol stack development so nothing too interesting I’m afraid. Others do much more exciting stuff. Travis Goodspeed and Josh Wright come immediately to mind :)

  8. Knuckleball says:

    “we at Hackaday love showing off anyone who takes the difficult, cheap, out of the way method of doing things over the neat, expensive, commercial method any day.”

    Quote of the year nomination.

  9. Bill Porter says:

    I assume this really doesn’t help (at least in a timely and efficient manor) with ‘cracking’ Xbee links with AES encryption? My drones are safe then.

  10. strider_mt2k says:

    I’d like to second Knuckleball’s nomination.

    This is very cool.
    A little above my level but one can aspire and learn…

  11. lowf says:

    Wow could of saved a lot of money spent on that ember sniffer (although their gui is pretty fancy)

  12. Taylor says:

    Nice! I just got a Fluke 233 multimeter with the wireless display (awesome meter btw). That’s 2.4GHz, and I feel like it would be zigbee. Anyone in the sfbay want to help sniff that guy? I’m not familiar with wireshark.
    tlalexander <— gmail

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


Get every new post delivered to your Inbox.

Join 91,220 other followers