Zigator: Security analysis tool for Zigbee networks
Zigator is a software tool that analyzes the security of Zigbee networks, which is made available for benign research purposes only. The users of this tool are responsible for making sure that they are compliant with their local laws and that they have proper permission from the affected network owners.
You can install Zigator in a Python 3 virtual environment using pip as follows:
$ git clone https://github.com/akestoridis/zigator.git
$ cd zigator/
$ python3 -m venv venv/
$ source venv/bin/activate
(venv) $ pip install --upgrade pip
(venv) $ pip install .The following command should display the version of Zigator that you installed:
(venv) $ zigator -vIf you get an error message that the zigator command was not found, make sure that your system's PATH environment variable includes the directory of the installed executable.
For example, if it was installed in ~/.local/bin, add the following line at the end of your ~/.bashrc file:
export PATH=$PATH:~/.local/binAfter reloading your ~/.bashrc file, you should be able to find the zigator command.
Zigator enables its users to do the following:
- Derive preconfigured Trust Center link keys from install codes
- Decrypt and verify Zigbee packets
- Encrypt and authenticate Zigbee packets
- Parse almost all the header fields of Zigbee packets up to the APS layer
- Infer information from captured Zigbee packets
- Produce statistics from a database of Zigbee packets
- Visualize data from a database of Zigbee packets
- Train decision tree classifiers from a database of Zigbee packets
- Inject forged packets over UDP and SLL
- Launch selective jamming and spoofing attacks with an ATUSB
- Deploy stand-alone WIDS sensors
If you cannot capture your own Zigbee packets, you may use the pcap files of the CRAWDAD dataset cmu/zigbee-smarthome for your analysis. More specifically, registered users of CRAWDAD can download the following zip files:
- https://crawdad.org/download/cmu/zigbee-smarthome/sth3-room.zip
- https://crawdad.org/download/cmu/zigbee-smarthome/sth2-room.zip
- https://crawdad.org/download/cmu/zigbee-smarthome/sth3-duos.zip
- https://crawdad.org/download/cmu/zigbee-smarthome/sth2-duos.zip
- https://crawdad.org/download/cmu/zigbee-smarthome/sth3-house.zip
- https://crawdad.org/download/cmu/zigbee-smarthome/sth2-house.zip
- https://crawdad.org/download/cmu/zigbee-smarthome/sth3-trios.zip
- https://crawdad.org/download/cmu/zigbee-smarthome/sth2-trios.zip
Each of these zip files contains a pcap file of captured Zigbee packets and a text file that provides a description of the experimental setup and the keys that were used to encrypt and authenticate them.
You can view a synopsis of all the subcommands that Zigator supports as follows:
(venv) $ zigator -hThe -h flag can also be used to view the supported arguments of different Zigator subcommands.
For example, the following command displays the supported arguments of the inject subcommand:
(venv) $ zigator inject -hSimilarly, you can view the supported arguments of the inject subcommand for the forging of a beacon, before forwarding it for injection over UDP, with the following command:
(venv) $ zigator inject udp beacon -hZigator was used in the following publications:
- D.-G. Akestoridis and P. Tague, “HiveGuard: A network security monitoring architecture for Zigbee networks,” to appear in Proc. IEEE CNS’21.
- D.-G. Akestoridis, M. Harishankar, M. Weber, and P. Tague, “Zigator: Analyzing the security of Zigbee-enabled smart homes,” in Proc. ACM WiSec’20, 2020, pp. 77–88, doi: 10.1145/3395351.3399363.
Copyright (C) 2020-2021 Dimitrios-Georgios Akestoridis
This project is licensed under the terms of the GNU General Public License version 2 only (GPL-2.0-only).
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent