terbo/wlansniff-pcapy.py

## wlansniff-pcapy.py
#!usr/bin/env python

MAX_LEN      = 1514    # max size of packet to capture
PROMISCUOUS  = 1       # promiscuous mode?
READ_TIMEOUT = 100     # in milliseconds
PCAP_FILTER  = ''      # empty => get everything (or we could use a BPF filter)
MAX_PKTS     = -1      # number of packets to capture; -1 => no limit

import pcapy, impacket, binascii
import time, platform
from impacket import ImpactDecoder

hostname = platform.node()

RTD = ImpactDecoder.RadioTapDecoder()
delim=','
QR=lambda x:'"'+str(x)+'"'

def getBssid(arr):
  #Get Binary array to MAC addr format
  out = []
  s = binascii.hexlify(arr)
  t = iter(s)
  st = ':'.join(a+b for a,b in zip(t,t))
  return st

def sniff_pcapy():
  c = pcapy.open_live("mon0", MAX_LEN, PROMISCUOUS, READ_TIMEOUT)
  c.loop(-1, pcapy_packet)

def pcapy_packet(header, data):
  radio_packet = RTD.decode(data)
  signal = -(256-radio_packet.get_dBm_ant_signal())
  dot11 = radio_packet.child()

  if dot11.get_type() == impacket.dot11.Dot11Types.DOT11_TYPE_DATA:
    return
    base = dot11.child()
    ip  = getBssid(base.get_address1())
    client = getBssid(base.get_address3())
    bssid = getBssid(base.get_address2())
    print 'Data:', channel, signal, bssid, ip, client

  elif dot11.get_type() == impacket.dot11.Dot11Types.DOT11_TYPE_MANAGEMENT:
    base = dot11.child().child()
    if base.__class__ != impacket.dot11.Dot11ManagementProbeRequest: return

    bssid_base = dot11.child()

    out = [hostname, time.time()]
    try: ssid = str(base.get_ssid())
    except: ssid = ''
    out.append(getBssid(bssid_base.get_source_address()))
    out.append(signal)
    out.append(ssid)

    print delim.join([QR(x) for x in out])

sniff_pcapy()

## wlansniff-scapy.py
#!usr/bin/env python

import time
import platform
from scapy.all import sniff, Dot11, Dot11Elt

delim = ','
QR = lambda x: '"'+str(x)+'"'
hostname = platform.node()

def pktcb(p):
  if (p.haslayer(Dot11) and p.type == 0 and p.subtype == 4):
    try:
      out = [hostname, time.time()]
      out.append(p.addr2[:32]) # mac
      out.append(str(-(256-ord(p.notdecoded[-4:-3])))) # signal
      out.append(p[Dot11Elt].info.decode('utf-8')[:32]) # ssid
      out = delim.join([QR(x) for x in out])
      print(out)
    except:
      pass

sniff(iface='mon0', store=0, prn=pktcb)

## wlansniff-tshark.py
#!usr/bin/env python

import time, platform, pyshark

hostname = platform.node()
delim = ','
QR = lambda x:'"'+str(x)+'"'

def sniff_pyshark():
  capture = pyshark.LiveCapture(interface='mon0')
  capture.apply_on_packets(pktcb)
def pktcb(p):
  if p['wlan'].fc_type_subtype not in ('0x04'): return
  out = [hostname, time.time()]
  out.append(p['wlan'].ta)
  out.append(p['radiotap'].dbm_antsignal)
  out.append(p['wlan_mgt'].ssid)

  if out[-1] == 'SSID: ': out[-1] = ''

  print delim.join([QR(x) for x in out])

sniff_pyshark()
	#!usr/bin/env python

	MAX_LEN = 1514 # max size of packet to capture
	PROMISCUOUS = 1 # promiscuous mode?
	READ_TIMEOUT = 100 # in milliseconds
	PCAP_FILTER = '' # empty => get everything (or we could use a BPF filter)
	MAX_PKTS = -1 # number of packets to capture; -1 => no limit

	import pcapy, impacket, binascii
	import time, platform
	from impacket import ImpactDecoder

	hostname = platform.node()

	RTD = ImpactDecoder.RadioTapDecoder()
	delim=','
	QR=lambda x:'"'+str(x)+'"'

	def getBssid(arr):
	#Get Binary array to MAC addr format
	out = []
	s = binascii.hexlify(arr)
	t = iter(s)
	st = ':'.join(a+b for a,b in zip(t,t))
	return st

	def sniff_pcapy():
	c = pcapy.open_live("mon0", MAX_LEN, PROMISCUOUS, READ_TIMEOUT)
	c.loop(-1, pcapy_packet)

	def pcapy_packet(header, data):
	radio_packet = RTD.decode(data)
	signal = -(256-radio_packet.get_dBm_ant_signal())
	dot11 = radio_packet.child()

	if dot11.get_type() == impacket.dot11.Dot11Types.DOT11_TYPE_DATA:
	return
	base = dot11.child()
	ip = getBssid(base.get_address1())
	client = getBssid(base.get_address3())
	bssid = getBssid(base.get_address2())
	print 'Data:', channel, signal, bssid, ip, client

	elif dot11.get_type() == impacket.dot11.Dot11Types.DOT11_TYPE_MANAGEMENT:
	base = dot11.child().child()
	if base.__class__ != impacket.dot11.Dot11ManagementProbeRequest: return

	bssid_base = dot11.child()

	out = [hostname, time.time()]
	try: ssid = str(base.get_ssid())
	except: ssid = ''
	out.append(getBssid(bssid_base.get_source_address()))
	out.append(signal)
	out.append(ssid)

	print delim.join([QR(x) for x in out])

	sniff_pcapy()
	#!usr/bin/env python

	import time
	import platform
	from scapy.all import sniff, Dot11, Dot11Elt

	delim = ','
	QR = lambda x: '"'+str(x)+'"'
	hostname = platform.node()

	def pktcb(p):
	if (p.haslayer(Dot11) and p.type == 0 and p.subtype == 4):
	try:
	out = [hostname, time.time()]
	out.append(p.addr2[:32]) # mac
	out.append(str(-(256-ord(p.notdecoded[-4:-3])))) # signal
	out.append(p[Dot11Elt].info.decode('utf-8')[:32]) # ssid
	out = delim.join([QR(x) for x in out])
	print(out)
	except:
	pass

	sniff(iface='mon0', store=0, prn=pktcb)
	#!usr/bin/env python

	import time, platform, pyshark

	hostname = platform.node()
	delim = ','
	QR = lambda x:'"'+str(x)+'"'

	def sniff_pyshark():
	capture = pyshark.LiveCapture(interface='mon0')
	capture.apply_on_packets(pktcb)
	def pktcb(p):
	if p['wlan'].fc_type_subtype not in ('0x04'): return
	out = [hostname, time.time()]
	out.append(p['wlan'].ta)
	out.append(p['radiotap'].dbm_antsignal)
	out.append(p['wlan_mgt'].ssid)

	if out[-1] == 'SSID: ': out[-1] = ''

	print delim.join([QR(x) for x in out])

	sniff_pyshark()