Forked from anonymous/gist:4061ed85ff058c14f52f
Last active
August 29, 2015 14:06
Star
You must be signed in to star a gist
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # code | |
| #!/usr/bin/env ruby | |
| require 'set' | |
| require 'socket' | |
| Socket.const_set("ETH_P_ALL", 0x0300) | |
| r_sock = Socket.new(Socket::PF_PACKET, Socket::SOCK_RAW, Socket::ETH_P_ALL) | |
| ap_list = Set.new | |
| puts "\n %-24s %s\n\n" % ["BSSID", "ESSID"] | |
| while true | |
| pkt = r_sock.recvfrom(2048)[0] | |
| if pkt[26].eql? "\x80" | |
| unless ap_list.include? pkt[36..42] and pkt[63].ord > 0 | |
| ap_list.add pkt[36...42] | |
| puts " %-24s %s" % [ pkt[64...64 + pkt[63].ord], pkt[36...42].unpack('H*').first.scan(/.{2}/).join(':').upcase ] | |
| end | |
| end | |
| end | |
| # EOF | |
| # output | |
| root@unknown:~# ./rbsniff.rb | |
| BSSID ESSID | |
| TNCAP508CAF 9C:97:26:50:8C:AF | |
| TNCAP508CAF 9C:97:26:50:8C:AF | |
| TALKTALK-CAC138 88:53:D4:CA:C1:3A | |
| SKY26349 E8:BE:81:60:66:EE | |
| TNCAP508CAF 9C:97:26:50:8C:AF | |
| TALKTALK-CAC138 88:53:D4:CA:C1:3A | |
| TALKTALK-CAC138 88:53:D4:CA:C1:3A | |
| TNCAP508CAF 9C:97:26:50:8C:AF | |
| TALKTALK-CAC138 88:53:D4:CA:C1:3A | |
| TNCAP508CAF 9C:97:26:50:8C:AF | |
| TALKTALK-CAC138 88:53:D4:CA:C1:3A | |
| TNCAP508CAF 9C:97:26:50:8C:AF | |
| TALKTALK-CAC138 88:53:D4:CA:C1:3A | |
| TNCAP508CAF 9C:97:26:50:8C:AF | |
| TALKTALK-CAC138 88:53:D4:CA:C1:3A | |
| TALKTALK-CAC138 88:53:D4:CA:C1:3A | |
| TALKTALK-CAC138 88:53:D4:CA:C1:3A | |
| TALKTALK-CAC138 88:53:D4:CA:C1:3A | |
| TALKTALK-CAC138 88:53:D4:CA:C1:3A | |
| TNCAP508CAF 9C:97:26:50:8C:AF | |
| ^C./rbsniff.rb:12:in `recvfrom': Interrupt | |
| from ./rbsniff.rb:12:in `<main>' |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment