def aps_lookup(pkt):
global table_of_manufacturers
global channel
table_of_manufacturers = manufacturer.MacParser(
manufacturer_table).refresh()
parsed_list = []
ap = {}
if (channel > 13):
channel = 1
channel_hopper()
channel += 1
# we are checking if ssid is already in the access_points list (and we also want same ssid with different bssid)
if ((pkt.haslayer(Dot11Beacon) or pkt.haslayer(Dot11ProbeResp))
and (pkt[Dot11].addr3 not in access_points)):
# for future work
#print pkt[Dot11].cap
#print pkt[Dot11ProbeResp].cap
access_points.add(pkt[Dot11].addr3)
ssid = pkt[Dot11].info
ap.update({"essid": ssid})
bssid = pkt[Dot11].addr3
ap.update({"mac": bssid.upper()})
channel = int(ord(pkt[Dot11Elt:3].info))
ap.update({"channel": channel})
capability = pkt.sprintf("{Dot11Beacon:%Dot11Beacon.cap%}\
{Dot11ProbeResp:%Dot11ProbeResp.cap%}")
extra = pkt.notdecoded
sig_str = -(256 - ord(extra[-4:-3]))
ap.update({"signal": sig_str})
manufacturer_data = manufacturer.search(table_of_manufacturers,
str(pkt.addr2))
if (manufacturer_data == []):
vendor = "Not Found"
ap.update({"manufacturer": "Null"})
else:
vendor = manufacturer_data[0].manuf
ap.update({"manufacturer": vendor})
if (str(vendor) == "None"):
vendor = "Not Found"
if (re.search("privacy", capability)):
encryption = "1"
key_type = "Protected"
ap.update({"key type": key_type})
# for future work
#print pkt[Dot11Elt].ID
#if (pkt[Dot11Elt].ID == 48):
# key_type = "WPA2"
# ap.update({"key type":key_type})
# encryption = key_type
#elif (pkt[Dot11Elt].ID == 221 and pkt[Dot11Elt].info.startswith('\x00P\xf2\x01\x01\x00')):
# key_type = "WEP"
# ap.update({"key type":key_type})
# encryption = key_type
#encryption = "1"
#key_type="Yes"
#ap.update({"key type":key_type})
else:
encryption = "0"
key_type = "Open"
ap.update({"key type": key_type})
# call passive detectors
if (profile):
passive_detectors.authorized_aps(ap, profile)
passive_detectors.free_WiFis_detect(ap, captured_aps)
passive_detectors.spot_karma(ap)
captured_aps.append(ap)
spaces = 23 - len(ssid)
spaces = ' ' * spaces
if encryption == "0":
print colors.get_color("OKGREEN") + "%s %s %s %2d %s %s %s" % (
ssid, spaces, bssid, int(channel), vendor, encryption,
sig_str) + colors.get_color("ENDC")
else:
print "%s %s %s %2d %s %s %s" % (
ssid, spaces, bssid, int(channel), vendor, encryption, sig_str)
## For Database Module
##db_api.insert_in_db_scapy(conn, ssid, bssid, int(channel), vendor, encryption)
signal.signal(signal.SIGINT, signal_handler)
def scan(*arg):
##print ("Scanning "+str(len(arg)))
active_probing, profile = False, False
interface = arg[0]
if(len(arg)==2):
profile = arg[1]
elif(len(arg)==3):
active_probing = arg[1]
interface_monitor = arg[2]
elif(len(arg)==4):
profile = arg[1]
active_probing = arg[2]
interface_monitor = arg[3]
global table_of_manufacturers
table_of_manufacturers = manufacturer.MacParser(manufacturer_table).refresh()
sys.stdout=Unbuffered(sys.stdout)
table = ['Date','AP Name','CH','BSSID','Brand','Signal','Quality','Frequency','Encryption','Cipher', 'Authentication','TSF']
print (colors.get_color("BOLD") + '{:^22s}|{:^24s}|{:^9s}|{:^19s}|{:^15s}|{:^8s}|{:^9s}|{:^11s}|{:^18s}|{:^8s}|{:^16s}|{:^16s}'.format(table[0],table[1],table[2],table[3],table[4],table[5],table[6],table[7],table[8],table[9],table[10],table[11]) + colors.get_color("ENDC"))
while True:
ap_list = get_results(interface)
try:
for line in ap_list:
# filter to check if APs already exists
if filter_aps(line, profile):
limited = False
if len(line['essid'])>21:
limited = True
# apply detections heuristics
if limited:
if (noknowled_detector.suspicious_behaviours(line,captured_aps) == "suspicious_1"):
print (colors.get_color("FAIL") + '{:^22s} {:<23s} {:^9s} {:^19s} {:^15s} {:^8s} {:^9s} {:^10s} {:^18s} {:^8s} {:^16s} {:<18s}'.format(getTimeDate(),line['essid'][0:21],line['channel'],line['mac'], line['manufacturer'],line['signal'],line['quality'],line['frequency'],line['key type'],line['group cipher'], line['authentication suites'], line['tsf']) + colors.get_color("ENDC") )
elif (noknowled_detector.suspicious_behaviours(line,captured_aps) == "suspicious_2" or noknowled_detector.suspicious_behaviours(line,captured_aps) == "suspicious_4"):
print (colors.get_color("FAIL1") + '{:^22s} {:<23s} {:^9s} {:^19s} {:^15s} {:^8s} {:^9s} {:^10s} {:^18s} {:^8s} {:^16s} {:<18s}'.format(getTimeDate(),line['essid'][0:21],line['channel'],line['mac'], line['manufacturer'],line['signal'],line['quality'],line['frequency'],line['key type'],line['group cipher'], line['authentication suites'], line['tsf']) + colors.get_color("ENDC") )
elif (noknowled_detector.suspicious_behaviours(line,captured_aps) == "suspicious_3"):
print (colors.get_color("FAIL2") + '{:^22s} {:<23s} {:^9s} {:^19s} {:^15s} {:^8s} {:^9s} {:^10s} {:^18s} {:^8s} {:^16s} {:<18s}'.format(getTimeDate(),line['essid'][0:21],line['channel'],line['mac'], line['manufacturer'],line['signal'],line['quality'],line['frequency'],line['key type'],line['group cipher'], line['authentication suites'], line['tsf']) + colors.get_color("ENDC") )
else:
print '{:^22s} {:<23s} {:^9s} {:^19s} {:^15s} {:^8s} {:^9s} {:^10s} {:^18s} {:^8s} {:^16s} {:<18s}'.format(getTimeDate(),line['essid'][0:21],line['channel'],line['mac'], line['manufacturer'],line['signal'],line['quality'],line['frequency'],line['key type'],line['group cipher'], line['authentication suites'], line['tsf'])
else:
if (noknowled_detector.suspicious_behaviours(line,captured_aps) == "suspicious_1"):
print (colors.get_color("FAIL") + '{:^22s} {:<23s} {:^9s} {:^19s} {:^15s} {:^8s} {:^9s} {:^10s} {:^18s} {:^8s} {:^16s} {:<18s}'.format(getTimeDate(),line['essid'],line['channel'],line['mac'], line['manufacturer'],line['signal'],line['quality'],line['frequency'],line['key type'],line['group cipher'], line['authentication suites'], line['tsf']) + colors.get_color("ENDC") )
elif (noknowled_detector.suspicious_behaviours(line,captured_aps) == "suspicious_2" or noknowled_detector.suspicious_behaviours(line,captured_aps) == "suspicious_4"):
print (colors.get_color("FAIL1") + '{:^22s} {:<23s} {:^9s} {:^19s} {:^15s} {:^8s} {:^9s} {:^10s} {:^18s} {:^8s} {:^16s} {:<18s}'.format(getTimeDate(),line['essid'],line['channel'],line['mac'], line['manufacturer'],line['signal'],line['quality'],line['frequency'],line['key type'],line['group cipher'], line['authentication suites'], line['tsf']) + colors.get_color("ENDC") )
elif (noknowled_detector.suspicious_behaviours(line,captured_aps) == "suspicious_3"):
print (colors.get_color("FAIL2") + '{:^22s} {:<23s} {:^9s} {:^19s} {:^15s} {:^8s} {:^9s} {:^10s} {:^18s} {:^8s} {:^16s} {:<18s}'.format(getTimeDate(),line['essid'],line['channel'],line['mac'], line['manufacturer'],line['signal'],line['quality'],line['frequency'],line['key type'],line['group cipher'], line['authentication suites'], line['tsf']) + colors.get_color("ENDC") )
else:
print '{:^22s} {:<23s} {:^9s} {:^19s} {:^15s} {:^8s} {:^9s} {:^10s} {:^18s} {:^8s} {:^16s} {:<18s}'.format(getTimeDate(),line['essid'],line['channel'],line['mac'], line['manufacturer'],line['signal'],line['quality'],line['frequency'],line['key type'],line['group cipher'], line['authentication suites'], line['tsf'])
if(profile):
passive_detectors.authorized_aps(line, profile)
if( line['key type'] == "Open"):
passive_detectors.free_WiFis_detect(line, captured_aps)
passive_detectors.spot_karma(line)
#passive_detectors.deauth_detector(interface_monitor) # new stufx
if (active_probing):
passive_detectors.spoting_PineAP(line, active_probing, interface_monitor)
else:
passive_detectors.spoting_PineAP(line)
#if (deauth_detect):
#passive_detectors.deauth_detector(interface_monitor) # new stufx
# end of detections heuristics
passive_detectors.check_tsf(line)
captured_aps.append(line)
signal.signal(signal.SIGINT, signal_handler)
time.sleep(1)
except Exception, err:
logs_api.errors_log(str(err))
pass
def scan(*arg):
active_probing, profile = False, False
email = arg[0]
interface = arg[1]
global interface_monitor
if(len(arg) == 3):
profile = arg[2]
elif(len(arg) == 4):
active_probing = arg[2]
interface_monitor = arg[3]
elif(len(arg) == 4):
profile = arg[2]
active_probing = arg[3]
interface_monitor = arg[4]
global table_of_manufacturers
table_of_manufacturers = manufacturer.MacParser(
manufacturer_table).refresh()
table = ['Date', 'AP Name', 'CH', 'BSSID', 'Brand', 'Signal', 'Quality',
'Frequency', 'Encryption', 'Cipher', 'Authentication', 'TSF']
print(colors. get_color("BOLD") + '{:^22s}|{:^24s}|{:^9s}|{:^19s}|{:^15s}|{:^8s}|{:^9s}|{:^11s}|{:^18s}|{:^8s}|{:^16s}|{:^16s}'.format(
table[0], table[1], table[2], table[3], table[4], table[5], table[6], table[7], table[8], table[9], table[10], table[11]) + colors.get_color("ENDC"), flush=True)
while True:
ap_list = get_results(interface)
try:
for line in ap_list:
# filter to check if APs already exists
if filter_aps(line, profile):
limited = False
if (noknowledge_detector.suspicious_behaviours(line, captured_aps) == "suspicious_1"):
print(colors.get_color("FAIL") + '{:^22s} {:<23s} {:^9s} {:^19s} {:^15s} {:^8s} {:^9s} {:^10s} {:^18s} {:^8s} {:^16s} {:<18s}'.format(getTimeDate(
), line['essid'], line['channel'], line['mac'], line['manufacturer'], line['signal'], line['quality'], line['frequency'], line['key type'], line['group cipher'], line['authentication suites'], line['tsf']) + colors.get_color("ENDC"), flush=True)
# captured AP with same bssid and dif essid and encryption (karma)
elif (noknowledge_detector.suspicious_behaviours(line, captured_aps) == "suspicious_2" or noknowledge_detector.suspicious_behaviours(line, captured_aps) == "suspicious_4"):
print(colors.get_color("FAIL1") + '{:^22s} {:<23s} {:^9s} {:^19s} {:^15s} {:^8s} {:^9s} {:^10s} {:^18s} {:^8s} {:^16s} {:<18s}'.format(getTimeDate(
), line['essid'], line['channel'], line['mac'], line['manufacturer'], line['signal'], line['quality'], line['frequency'], line['key type'], line['group cipher'], line['authentication suites'], line['tsf']) + colors.get_color("ENDC"), flush=True)
# captured AP with same essid, bssid, encryption and dif channel
elif (noknowledge_detector.suspicious_behaviours(line, captured_aps) == "suspicious_3"):
print(colors.get_color("FAIL2") + '{:^22s} {:<23s} {:^9s} {:^19s} {:^15s} {:^8s} {:^9s} {:^10s} {:^18s} {:^8s} {:^16s} {:<18s}'.format(getTimeDate(
), line['essid'], line['channel'], line['mac'], line['manufacturer'], line['signal'], line['quality'], line['frequency'], line['key type'], line['group cipher'], line['authentication suites'], line['tsf']) + colors.get_color("ENDC"), flush=True)
# captured AP with same essid, bssid, channel and dif encryption
elif (noknowledge_detector.suspicious_behaviours(line, captured_aps) == "suspicious_4"):
print(colors.get_color("ORANGE") + '{:^22s} {:<23s} {:^9s} {:^19s} {:^15s} {:^8s} {:^9s} {:^10s} {:^18s} {:^8s} {:^16s} {:<18s}'.format(getTimeDate(
), line['essid'], line['channel'], line['mac'], line['manufacturer'], line['signal'], line['quality'], line['frequency'], line['key type'], line['group cipher'], line['authentication suites'], line['tsf']) + colors.get_color("ENDC"), flush=True)
else:
email.sendmail("*****@*****.**", "*****@*****.**", "Rouge AP detected..")
print('{:^22s} {:<23s} {:^9s} {:^19s} {:^15s} {:^8s} {:^9s} {:^10s} {:^18s} {:^8s} {:^16s} {:<18s}'.format(getTimeDate(
), line['essid'], line['channel'], line['mac'], line['manufacturer'], line['signal'], line['quality'], line['frequency'], line['key type'], line['group cipher'], line['authentication suites'], line['tsf']))
if(profile):
passive_detectors.authorized_aps(line, profile)
if(line['key type'] == "Open"):
passive_detectors.free_WiFis_detect(line, captured_aps)
passive_detectors.spot_karma(line)
# passive_detectors.deauth_detector(interface_monitor) # new stufx
if (active_probing):
passive_detectors.spoting_PineAP(
line, active_probing, interface_monitor)
else:
passive_detectors.spoting_PineAP(line)
passive_detectors.check_tsf(line)
captured_aps.append(line)
signal.signal(signal.SIGINT, signal_handler)
time.sleep(1)
except Exception as err:
logs_api.errors_log(str(err))
pass