Ejemplo n.º 1
0
def aps_lookup(pkt):
    global table_of_manufacturers
    global channel
    table_of_manufacturers = manufacturer.MacParser(
        manufacturer_table).refresh()

    parsed_list = []
    ap = {}

    if (channel > 13):
        channel = 1
    channel_hopper()
    channel += 1

    # we are checking if ssid is already in the access_points list (and we also want same ssid with different bssid)
    if ((pkt.haslayer(Dot11Beacon) or pkt.haslayer(Dot11ProbeResp))
            and (pkt[Dot11].addr3 not in access_points)):

        # for future work
        #print pkt[Dot11].cap
        #print pkt[Dot11ProbeResp].cap
        access_points.add(pkt[Dot11].addr3)
        ssid = pkt[Dot11].info
        ap.update({"essid": ssid})

        bssid = pkt[Dot11].addr3
        ap.update({"mac": bssid.upper()})

        channel = int(ord(pkt[Dot11Elt:3].info))
        ap.update({"channel": channel})

        capability = pkt.sprintf("{Dot11Beacon:%Dot11Beacon.cap%}\
		        {Dot11ProbeResp:%Dot11ProbeResp.cap%}")

        extra = pkt.notdecoded
        sig_str = -(256 - ord(extra[-4:-3]))

        ap.update({"signal": sig_str})

        manufacturer_data = manufacturer.search(table_of_manufacturers,
                                                str(pkt.addr2))
        if (manufacturer_data == []):
            vendor = "Not Found"
            ap.update({"manufacturer": "Null"})
        else:
            vendor = manufacturer_data[0].manuf
            ap.update({"manufacturer": vendor})

        if (str(vendor) == "None"):
            vendor = "Not Found"

        if (re.search("privacy", capability)):
            encryption = "1"
            key_type = "Protected"
            ap.update({"key type": key_type})
            # for future work
            #print pkt[Dot11Elt].ID
            #if (pkt[Dot11Elt].ID == 48):
            #	key_type = "WPA2"
            #	ap.update({"key type":key_type})
            #	encryption = key_type
            #elif (pkt[Dot11Elt].ID == 221 and pkt[Dot11Elt].info.startswith('\x00P\xf2\x01\x01\x00')):
            #	key_type = "WEP"
            #	ap.update({"key type":key_type})
            #	encryption = key_type

            #encryption = "1"
            #key_type="Yes"
            #ap.update({"key type":key_type})
        else:
            encryption = "0"
            key_type = "Open"
            ap.update({"key type": key_type})

        # call passive detectors
        if (profile):
            passive_detectors.authorized_aps(ap, profile)
        passive_detectors.free_WiFis_detect(ap, captured_aps)
        passive_detectors.spot_karma(ap)

        captured_aps.append(ap)

        spaces = 23 - len(ssid)
        spaces = ' ' * spaces

        if encryption == "0":
            print colors.get_color("OKGREEN") + "%s %s %s %2d %s   %s  %s" % (
                ssid, spaces, bssid, int(channel), vendor, encryption,
                sig_str) + colors.get_color("ENDC")
        else:
            print "%s %s %s %2d %s   %s  %s" % (
                ssid, spaces, bssid, int(channel), vendor, encryption, sig_str)
        ## For Database Module
        ##db_api.insert_in_db_scapy(conn, ssid, bssid, int(channel), vendor, encryption)

    signal.signal(signal.SIGINT, signal_handler)
Ejemplo n.º 2
0
def scan(*arg):
	##print ("Scanning "+str(len(arg)))
	active_probing, profile = False, False
	interface = arg[0]
	if(len(arg)==2):
		profile = arg[1]
	elif(len(arg)==3):
		active_probing = arg[1]
		interface_monitor = arg[2]
	elif(len(arg)==4):
		profile = arg[1]
		active_probing = arg[2]
		interface_monitor = arg[3]

	global table_of_manufacturers
	table_of_manufacturers = manufacturer.MacParser(manufacturer_table).refresh()
	sys.stdout=Unbuffered(sys.stdout)
	
	table = ['Date','AP Name','CH','BSSID','Brand','Signal','Quality','Frequency','Encryption','Cipher', 'Authentication','TSF']
	print (colors.get_color("BOLD") + '{:^22s}|{:^24s}|{:^9s}|{:^19s}|{:^15s}|{:^8s}|{:^9s}|{:^11s}|{:^18s}|{:^8s}|{:^16s}|{:^16s}'.format(table[0],table[1],table[2],table[3],table[4],table[5],table[6],table[7],table[8],table[9],table[10],table[11]) + colors.get_color("ENDC"))
	while True:
		ap_list = get_results(interface)
		try:
			for line in ap_list:
				# filter to check if APs already exists 
				if filter_aps(line, profile):
					limited = False
					if len(line['essid'])>21:
						limited = True

					# apply detections heuristics
					if limited:
						if (noknowled_detector.suspicious_behaviours(line,captured_aps) == "suspicious_1"):
							print (colors.get_color("FAIL") + '{:^22s} {:<23s}  {:^9s} {:^19s} {:^15s} {:^8s} {:^9s} {:^10s} {:^18s} {:^8s} {:^16s}   {:<18s}'.format(getTimeDate(),line['essid'][0:21],line['channel'],line['mac'], line['manufacturer'],line['signal'],line['quality'],line['frequency'],line['key type'],line['group cipher'], line['authentication suites'], line['tsf']) + colors.get_color("ENDC") )
						elif (noknowled_detector.suspicious_behaviours(line,captured_aps) == "suspicious_2" or noknowled_detector.suspicious_behaviours(line,captured_aps) == "suspicious_4"):
							print (colors.get_color("FAIL1") + '{:^22s} {:<23s}  {:^9s} {:^19s} {:^15s} {:^8s} {:^9s} {:^10s} {:^18s} {:^8s} {:^16s}   {:<18s}'.format(getTimeDate(),line['essid'][0:21],line['channel'],line['mac'], line['manufacturer'],line['signal'],line['quality'],line['frequency'],line['key type'],line['group cipher'], line['authentication suites'], line['tsf']) + colors.get_color("ENDC") )
						elif (noknowled_detector.suspicious_behaviours(line,captured_aps) == "suspicious_3"):
							print (colors.get_color("FAIL2") + '{:^22s} {:<23s}  {:^9s} {:^19s} {:^15s} {:^8s} {:^9s} {:^10s} {:^18s} {:^8s} {:^16s}   {:<18s}'.format(getTimeDate(),line['essid'][0:21],line['channel'],line['mac'], line['manufacturer'],line['signal'],line['quality'],line['frequency'],line['key type'],line['group cipher'], line['authentication suites'], line['tsf']) + colors.get_color("ENDC") )
						else:
							print '{:^22s} {:<23s}  {:^9s} {:^19s} {:^15s} {:^8s} {:^9s} {:^10s} {:^18s} {:^8s} {:^16s}   {:<18s}'.format(getTimeDate(),line['essid'][0:21],line['channel'],line['mac'], line['manufacturer'],line['signal'],line['quality'],line['frequency'],line['key type'],line['group cipher'], line['authentication suites'], line['tsf'])
					else:
						if (noknowled_detector.suspicious_behaviours(line,captured_aps) == "suspicious_1"):
							print (colors.get_color("FAIL") + '{:^22s} {:<23s}  {:^9s} {:^19s} {:^15s} {:^8s} {:^9s} {:^10s} {:^18s} {:^8s} {:^16s}   {:<18s}'.format(getTimeDate(),line['essid'],line['channel'],line['mac'], line['manufacturer'],line['signal'],line['quality'],line['frequency'],line['key type'],line['group cipher'], line['authentication suites'], line['tsf']) + colors.get_color("ENDC") )
						elif (noknowled_detector.suspicious_behaviours(line,captured_aps) == "suspicious_2" or noknowled_detector.suspicious_behaviours(line,captured_aps) == "suspicious_4"):
							print (colors.get_color("FAIL1") + '{:^22s} {:<23s}  {:^9s} {:^19s} {:^15s} {:^8s} {:^9s} {:^10s} {:^18s} {:^8s} {:^16s}   {:<18s}'.format(getTimeDate(),line['essid'],line['channel'],line['mac'], line['manufacturer'],line['signal'],line['quality'],line['frequency'],line['key type'],line['group cipher'], line['authentication suites'], line['tsf']) + colors.get_color("ENDC") )
						elif (noknowled_detector.suspicious_behaviours(line,captured_aps) == "suspicious_3"):
							print (colors.get_color("FAIL2") + '{:^22s} {:<23s}  {:^9s} {:^19s} {:^15s} {:^8s} {:^9s} {:^10s} {:^18s} {:^8s} {:^16s}   {:<18s}'.format(getTimeDate(),line['essid'],line['channel'],line['mac'], line['manufacturer'],line['signal'],line['quality'],line['frequency'],line['key type'],line['group cipher'], line['authentication suites'], line['tsf']) + colors.get_color("ENDC") )
						else:
							print '{:^22s} {:<23s}  {:^9s} {:^19s} {:^15s} {:^8s} {:^9s} {:^10s} {:^18s} {:^8s} {:^16s}   {:<18s}'.format(getTimeDate(),line['essid'],line['channel'],line['mac'], line['manufacturer'],line['signal'],line['quality'],line['frequency'],line['key type'],line['group cipher'], line['authentication suites'], line['tsf'])
		
					
					if(profile):
						passive_detectors.authorized_aps(line, profile)
					
					if( line['key type'] == "Open"):
						passive_detectors.free_WiFis_detect(line, captured_aps)

					passive_detectors.spot_karma(line)
					#passive_detectors.deauth_detector(interface_monitor) # new stufx
					
					if (active_probing):
						passive_detectors.spoting_PineAP(line, active_probing, interface_monitor)
					else:
						passive_detectors.spoting_PineAP(line)

					#if (deauth_detect):
						#passive_detectors.deauth_detector(interface_monitor) # new stufx
					# end of detections heuristics	

					passive_detectors.check_tsf(line)

					captured_aps.append(line)

			signal.signal(signal.SIGINT, signal_handler)
			time.sleep(1)
		except Exception, err:
			logs_api.errors_log(str(err))
			pass
Ejemplo n.º 3
0
def scan(*arg):

    active_probing, profile = False, False
    email = arg[0]
    interface = arg[1]
    global interface_monitor
    if(len(arg) == 3):
        profile = arg[2]
    elif(len(arg) == 4):
        active_probing = arg[2]
        interface_monitor = arg[3]
    elif(len(arg) == 4):
        profile = arg[2]
        active_probing = arg[3]
        interface_monitor = arg[4]

    global table_of_manufacturers
    table_of_manufacturers = manufacturer.MacParser(
        manufacturer_table).refresh()

    table = ['Date', 'AP Name', 'CH', 'BSSID', 'Brand', 'Signal', 'Quality',
             'Frequency', 'Encryption', 'Cipher', 'Authentication', 'TSF']
    print(colors. get_color("BOLD") + '{:^22s}|{:^24s}|{:^9s}|{:^19s}|{:^15s}|{:^8s}|{:^9s}|{:^11s}|{:^18s}|{:^8s}|{:^16s}|{:^16s}'.format(
        table[0], table[1], table[2], table[3], table[4], table[5], table[6], table[7], table[8], table[9], table[10], table[11]) + colors.get_color("ENDC"), flush=True)
    while True:
        ap_list = get_results(interface)
        try:
            for line in ap_list:
                # filter to check if APs already exists
                if filter_aps(line, profile):
                    limited = False
                    if (noknowledge_detector.suspicious_behaviours(line, captured_aps) == "suspicious_1"):
                        print(colors.get_color("FAIL") + '{:^22s} {:<23s}  {:^9s} {:^19s} {:^15s} {:^8s} {:^9s} {:^10s} {:^18s} {:^8s} {:^16s}   {:<18s}'.format(getTimeDate(
                            ), line['essid'], line['channel'], line['mac'], line['manufacturer'], line['signal'], line['quality'], line['frequency'], line['key type'], line['group cipher'], line['authentication suites'], line['tsf']) + colors.get_color("ENDC"), flush=True)
                    # captured AP with same bssid and dif essid and encryption (karma)
                    elif (noknowledge_detector.suspicious_behaviours(line, captured_aps) == "suspicious_2" or noknowledge_detector.suspicious_behaviours(line, captured_aps) == "suspicious_4"):
                        print(colors.get_color("FAIL1") + '{:^22s} {:<23s}  {:^9s} {:^19s} {:^15s} {:^8s} {:^9s} {:^10s} {:^18s} {:^8s} {:^16s}   {:<18s}'.format(getTimeDate(
                            ), line['essid'], line['channel'], line['mac'], line['manufacturer'], line['signal'], line['quality'], line['frequency'], line['key type'], line['group cipher'], line['authentication suites'], line['tsf']) + colors.get_color("ENDC"), flush=True)
                    # captured AP with same essid, bssid, encryption and dif channel
                    elif (noknowledge_detector.suspicious_behaviours(line, captured_aps) == "suspicious_3"):
                        print(colors.get_color("FAIL2") + '{:^22s} {:<23s}  {:^9s} {:^19s} {:^15s} {:^8s} {:^9s} {:^10s} {:^18s} {:^8s} {:^16s}   {:<18s}'.format(getTimeDate(
                            ), line['essid'], line['channel'], line['mac'], line['manufacturer'], line['signal'], line['quality'], line['frequency'], line['key type'], line['group cipher'], line['authentication suites'], line['tsf']) + colors.get_color("ENDC"), flush=True)
                    # captured AP with same essid, bssid, channel and dif encryption
                    elif (noknowledge_detector.suspicious_behaviours(line, captured_aps) == "suspicious_4"):
                        print(colors.get_color("ORANGE") + '{:^22s} {:<23s}  {:^9s} {:^19s} {:^15s} {:^8s} {:^9s} {:^10s} {:^18s} {:^8s} {:^16s}   {:<18s}'.format(getTimeDate(
                            ), line['essid'], line['channel'], line['mac'], line['manufacturer'], line['signal'], line['quality'], line['frequency'], line['key type'], line['group cipher'], line['authentication suites'], line['tsf']) + colors.get_color("ENDC"), flush=True)
                    else:
                        email.sendmail("*****@*****.**", "*****@*****.**", "Rouge AP detected..")
                        print('{:^22s} {:<23s}  {:^9s} {:^19s} {:^15s} {:^8s} {:^9s} {:^10s} {:^18s} {:^8s} {:^16s}   {:<18s}'.format(getTimeDate(
                            ), line['essid'], line['channel'], line['mac'], line['manufacturer'], line['signal'], line['quality'], line['frequency'], line['key type'], line['group cipher'], line['authentication suites'], line['tsf']))
                    if(profile):
                        passive_detectors.authorized_aps(line, profile)

                    if(line['key type'] == "Open"):
                        passive_detectors.free_WiFis_detect(line, captured_aps)

                    passive_detectors.spot_karma(line)
                    # passive_detectors.deauth_detector(interface_monitor) # new stufx

                    if (active_probing):
                        passive_detectors.spoting_PineAP(
                            line, active_probing, interface_monitor)
                    else:
                        passive_detectors.spoting_PineAP(line)

                    passive_detectors.check_tsf(line)

                    captured_aps.append(line)

            signal.signal(signal.SIGINT, signal_handler)
            time.sleep(1)
        except Exception as err:
            logs_api.errors_log(str(err))
            pass