def parse(list):
parsed_list = []
for network in list:
try:
ap={}
network = network.strip()
essid=""
address=""
quality=""
signal=""
channel=""
encryption_key=""
key_type=""
group_cipher=""
pairwise_cipher=""
authentication_suites=""
tsf=""
frequency=""
#Get Frequency
match = re.search('Frequency:(\S+)', network)
if match:
frequency = match.group(1)
ap.update({"frequency":frequency})
#Get the TSF
match = re.search('Extra:tsf=(\S+)', network)
if match:
tsf = match.group(1)
i = int(tsf, 16)
tsf = str(timedelta(microseconds=i))[:-4]
ap.update({"tsf":tsf})
#Get the name of the AP
match = re.search('ESSID:"(([ ]*(\S+)*)*)"',network)
if match:
essid = match.group(1)
ap.update({"essid":essid})
#Get the BSSID of the AP
match = re.search('Address: (\S+)',network)
if match:
address = match.group(1)
ap.update({"mac":address})
#Get the Channel of the AP
match = re.search('Channel:(\S+)',network)
if match:
channel = match.group(1)
ap.update({"channel":channel})
#Find the brand of the AP
global table_of_manufacturers
manufacturer_data = manufacturer.search(table_of_manufacturers,str(address))
if(len(manufacturer_data)>0):
ap.update({"manufacturer":manufacturer_data[0].manuf})
ap.update({"comment":manufacturer_data[0].comment})
else:
ap.update({"manufacturer":"Null"})
ap.update({"comment":"Null"})
#Get the quality of the signal and the signal level
match = re.search('Quality=(\d+/\d+) Signal level=(-\d+) dBm',network)
if match:
quality = match.group(1)
a = quality[0:2]
b = quality[3:5]
quality_calc = format((float(a)/float(b)), '.2f')
signal = match.group(2)
ap.update({"quality":quality})
ap.update({"quality_calc":quality_calc})
ap.update({"signal":signal})
#Check if there is an Encryption key on the AP
match = re.search('Encryption key:(\S+)',network)
if match:
encryption_key = match.group(1)
ap.update({"encryption":encryption_key})
#Find the encryption type (WEP, WPA, WPA2 or Open)
match = re.search(r'(?<=802.11i/)[a-zA-Z0-9_ ]*',network)
if match and match != "Unknown" and match != "IEEE 802":
key_type=match.group(0)
ap.update({"key type":key_type})
elif ap['encryption']=='on':
key_type="WEP"
ap.update({"key type":key_type})
else:
key_type="Open"
ap.update({"key type":key_type})
#Get the Cipher being used
match = re.search(r'Group Cipher : ([a-zA-Z0-9_ ]*)',network)
if match:
group_cipher=match.group(1)
ap.update({"group cipher":group_cipher})
elif ap['encryption']=='on':
group_cipher="WEP"
ap.update({"group cipher":group_cipher})
else:
group_cipher=""
ap.update({"group cipher":group_cipher})
#Get the Pairwise Cipher being used
match = re.search('Pairwise Ciphers ([(\d+)]*) : ([a-zA-Z0-9_ ]*)',network)
if match:
pairwise_cipher=match.group(2)
ap.update({"pairwise cipher":pairwise_cipher})
elif ap['encryption']=='on':
pairwise_cipher="WEP"
ap.update({"pairwise cipher":pairwise_cipher})
else:
pairwise_cipher=""
ap.update({"pairwise cipher":pairwise_cipher})
#Get the Authentication Suites
match = re.search('Authentication Suites ([(\d+)]*) : ([a-zA-Z0-9_ ]*)',network)
if match:
authentication_suites=match.group(2)
ap.update({"authentication suites":authentication_suites})
elif ap['encryption']=='on':
authentication_suites=""
ap.update({"authentication suites":authentication_suites})
else:
authentication_suites=""
ap.update({"authentication suites":authentication_suites})
parsed_list.append(ap)
except:
pass
return parsed_list
def aps_lookup(pkt):
global table_of_manufacturers
global channel
table_of_manufacturers = manufacturer.MacParser(
manufacturer_table).refresh()
parsed_list = []
ap = {}
if (channel > 13):
channel = 1
channel_hopper()
channel += 1
# we are checking if ssid is already in the access_points list (and we also want same ssid with different bssid)
if ((pkt.haslayer(Dot11Beacon) or pkt.haslayer(Dot11ProbeResp))
and (pkt[Dot11].addr3 not in access_points)):
# for future work
#print pkt[Dot11].cap
#print pkt[Dot11ProbeResp].cap
access_points.add(pkt[Dot11].addr3)
ssid = pkt[Dot11].info
ap.update({"essid": ssid})
bssid = pkt[Dot11].addr3
ap.update({"mac": bssid.upper()})
channel = int(ord(pkt[Dot11Elt:3].info))
ap.update({"channel": channel})
capability = pkt.sprintf("{Dot11Beacon:%Dot11Beacon.cap%}\
{Dot11ProbeResp:%Dot11ProbeResp.cap%}")
extra = pkt.notdecoded
sig_str = -(256 - ord(extra[-4:-3]))
ap.update({"signal": sig_str})
manufacturer_data = manufacturer.search(table_of_manufacturers,
str(pkt.addr2))
if (manufacturer_data == []):
vendor = "Not Found"
ap.update({"manufacturer": "Null"})
else:
vendor = manufacturer_data[0].manuf
ap.update({"manufacturer": vendor})
if (str(vendor) == "None"):
vendor = "Not Found"
if (re.search("privacy", capability)):
encryption = "1"
key_type = "Protected"
ap.update({"key type": key_type})
# for future work
#print pkt[Dot11Elt].ID
#if (pkt[Dot11Elt].ID == 48):
# key_type = "WPA2"
# ap.update({"key type":key_type})
# encryption = key_type
#elif (pkt[Dot11Elt].ID == 221 and pkt[Dot11Elt].info.startswith('\x00P\xf2\x01\x01\x00')):
# key_type = "WEP"
# ap.update({"key type":key_type})
# encryption = key_type
#encryption = "1"
#key_type="Yes"
#ap.update({"key type":key_type})
else:
encryption = "0"
key_type = "Open"
ap.update({"key type": key_type})
# call passive detectors
if (profile):
passive_detectors.authorized_aps(ap, profile)
passive_detectors.free_WiFis_detect(ap, captured_aps)
passive_detectors.spot_karma(ap)
captured_aps.append(ap)
spaces = 23 - len(ssid)
spaces = ' ' * spaces
if encryption == "0":
print colors.get_color("OKGREEN") + "%s %s %s %2d %s %s %s" % (
ssid, spaces, bssid, int(channel), vendor, encryption,
sig_str) + colors.get_color("ENDC")
else:
print "%s %s %s %2d %s %s %s" % (
ssid, spaces, bssid, int(channel), vendor, encryption, sig_str)
## For Database Module
##db_api.insert_in_db_scapy(conn, ssid, bssid, int(channel), vendor, encryption)
signal.signal(signal.SIGINT, signal_handler)