SigintOS: A Wireless Pentest Distro Review
Good news! There’s new security distro called SigintOS becoming available for download. SigintOS is an Ubuntu based distribution with a number of built in wireless pentesting applications for software defined radios such as RTL-SDRs and other TX capable SDRs like the famous HackRF, bladeRF and USRP radios.
Software defined radio (SDR) is rapidly becoming a well-known term on Information Security industry. The once considered a black art is now a highly demanded professional skill for any red teaming engagement. From the ability to intercept cellphones, real time air traffic radar, set off emergency alert systems, GPS spoofing and more, SDR is opening a whole new set of doors for penetration testing and security research. This new distro will be a great tool to learn the basics of software defined radio, and use these tools to explore and attack using the airwaves.
Many of us in the pentesting world have heard of SDRs like HackRF, which are great but somewhat expensive. However, there are much cheaper options. RTL-SDR dongles can be bought off China retailers for about $25 as a whole kit including cables, antenna, and free software.
Having a RTL-SDR dongle, one can sit behind a computer and watch all of our IoT and new wireless devices above and beyond WiFi networks. A good portion of the time, these communications are not very secure. SDRs put the power in all of our hands the power to analyze these packets of data and test for ourselves how secure our devices are.
A RTL-SDR dongle can receive frequencies of 24MHz to 1.766GHz. Then by applying direct sampling and upgraded hardware, frequencies from 500KHz to 24MHz are open for listening.
While generic RTL-SDR can be found as cheap as $10 it is advisable to spend a little more and buy one with these two features:
- A temperature compensated oscillator (TCXO) — Accurate tuning, frequency reading and almost zero temperature frequency drift. No need to calculate ppm correction for GSM sniffing.
- SMA female antenna port — Most dongles use the less common MCX or PAL antenna ports. SMA which is much more common so more adapters and antennas are available for it. It is also more durable and has lower insertion losses.
Introduction to SigintOS
SigintOS is open-source project which is created and maintained by Murat Şişman.
A computer with a minimum of 2GB of RAM and a dual core processor is enough to use SigintOS deployment.
You must have at least one of the following hardware to run the software that is being distributed.
- RTL-SDR ($30 with TCXO & SMA)
- HackRF ($299)
- BladerRF ($420)
While Kali Linux is the industry’s leading Linux distribution in penetration testing and ethical hacking. It is a distribution that comes shipped with tons and tons of hacking and penetration tools and software by default, however the support of radio attack tools has always been deficient, sometimes lacking or having old versions of the tools, as it is not the main purpose of the distribution.
SigintOS works live on DVD or USB memory. Users can also perform the installation process on the hard disk. For installation, simply download sigintos.iso from https://www.sigintos.com/download and burn it as bootable to USB flash drive or DVD. The image comes as a 2GB ISO file, and it’s possible to smoothly on virtualization applications such as VMware and VirtualBox.
The best thing about this distro is that it is not just a bunch of tools, but that they are perfectly integrated into the system with a nice frontend, in addition to having various proofs of concept tools already installed.
The distro appears to be very well designed, with a built in UI that grants easy access to the some common attack tools like:
GSM base station search tool
GSM IMSI catcher
Generic narrow-band signal jammer
According to my tests, they are all functional, although for those who transmit, you will need an SDR capable of radio broadcasting as HackRF or BladeRF.
SigintOS also has various other preinstalled programs such as GNU Radio, rtl-sdr, gr-gsm, YatesBTS, wireshark and GQRX.
The OS also teases an LTE search and LTE IMSI Cather which to access requires that you get in contact with the creator, presumably for some licencing.
The only drawback is the lack of classic WiFi hacking tools (aircrack, reaver, wifite, kismet, …) that would allow us to have a definitive workstation to own all of the airwaves.
Bottom line, an SDR toolset is a must have tool for both the hacker looking to penetrate targets and for the security conscious sysadmin who performs their own security audits.