def process_body(self, frame_ctrl, mgt_frame, data):
"""
Process Probe Response and Reassociation Response frames searching for
CCX IEs.
"""
bssid = ieee80211.get_string_mac_address_from_array(mgt_frame.get_bssid())
if frame_ctrl.get_subtype() == ieee80211.TYPE_MGMT_SUBTYPE_REASSOCIATION_RESPONSE:
reassociation_response = self.decoder.get_protocol(dot11.Dot11ManagementReassociationResponse)
data = reassociation_response._get_element(ccx.CISCO_CCX_IE_IP_ADDRESS_ID)
if data:
if bssid not in self.__devices__:
self.__devices__[bssid] = OrderedDict()
ssid = reassociation_response._get_element(dot11.DOT11_MANAGEMENT_ELEMENTS.SSID)
if ssid and self.SSID_KEY not in self.__devices__[bssid]:
self.__devices__[bssid][self.SSID_KEY] = ssid
aux = writer.get_device_information_dict(bssid.upper(), self.__module_name__, self.__devices__[bssid])
self.__output__.put(aux)
if self.CTRL_IP_ADDR_KEY not in self.__devices__[bssid]:
ccx95 = chr(ccx.CISCO_CCX_IE_IP_ADDRESS_ID) + chr(len(data)) + data
self.__devices__[bssid][self.CTRL_IP_ADDR_KEY] = ccx.CiscoCCX95InformationElement(ccx95).get_ip_address()
aux = writer.get_device_information_dict(bssid.upper(), self.__module_name__, self.__devices__[bssid])
self.__output__.put(aux)
else:
if frame_ctrl.get_subtype() == dot11.Dot11Types.DOT11_SUBTYPE_MANAGEMENT_BEACON:
frame = self.decoder.get_protocol(dot11.Dot11ManagementBeacon)
elif frame_ctrl.get_subtype() == dot11.Dot11Types.DOT11_SUBTYPE_MANAGEMENT_PROBE_RESPONSE:
frame = self.decoder.get_protocol(dot11.Dot11ManagementProbeResponse)
else:
return
security = ieee80211.get_security(frame)
data = frame._get_element(ccx.CISCO_CCX_IE_DEVICE_NAME_ID)
if bssid not in self.__devices__ and data:
self.__devices__[bssid] = OrderedDict()
ssid = frame.get_ssid().replace("\x00", "")
self.__devices__[bssid][self.SSID_KEY] = ssid
channel = frame.get_ds_parameter_set()
if channel:
self.__devices__[bssid][self.CHANNEL_KEY] = channel
ccx85 = chr(ccx.CISCO_CCX_IE_DEVICE_NAME_ID) + chr(len(data)) + data
device_name = ccx.CiscoCCX85InformationElement(ccx85).get_device_name()
associated_clients = ccx.CiscoCCX85InformationElement(ccx85).get_associated_clients()
self.__devices__[bssid][self.AP_NAME_KEY] = device_name
self.__devices__[bssid][self.ASSOCIATED_CLIENTS_KEY] = associated_clients
self.__devices__[bssid][self.SECURITY_KEY] = security
aux = writer.get_device_information_dict(bssid.upper(), self.__module_name__, self.__devices__[bssid])
self.__output__.put(aux)
def process_body(self, mgt_frame, data):
"""
TODO: Documentation
"""
device_mac = ieee80211.get_string_mac_address_from_array(mgt_frame.get_source_address())
__data = self.process_airplay_data(data)
if __data:
if device_mac not in list(self.__devices__.keys()):
if self.name_label in __data:
info_items = dict()
info_items['Name'] = __data[self.name_label]
if self.class_label in __data:
info_items['Class'] = __data[self.class_label]
if self.country_label in __data:
info_items['Country'] = __data[self.country_label]
if self.service_request_label in __data:
idx = 0
for item in __data[self.service_request_label]:
info_items['Service Request %d' % idx] = repr(item)
idx += 1
if self.service_response_label in __data:
idx = 0
for item in __data[self.service_response_label]:
info_items['Service Response %d' % idx] = repr(item)
idx += 1
aux = writer.get_device_information_dict(device_mac.upper(), self.__module_name__, info_items)
self.__output__.put(aux)
# Apple Devices has MAC randomization, so we should use the device name to identify them.
self.__devices__[device_mac] = __data[self.name_label]
def process_frame(self, frame_ctl, mgt_frame):
"""
Process Beacon and Probe Response frames searching for HP IE and storing
information.
"""
device_mac = ieee80211.get_string_mac_address_from_array(
mgt_frame.get_source_address())
if device_mac not in self.devices.keys():
self.devices[device_mac] = list()
if frame_ctl.get_subtype() == ieee80211.TYPE_MGMT_SUBTYPE_PROBE_RESPONSE:
_frame = self.decoder.get_protocol(dot11.Dot11ManagementProbeResponse)
elif frame_ctl.get_subtype() == ieee80211.TYPE_MGMT_SUBTYPE_BEACON:
_frame = self.decoder.get_protocol(dot11.Dot11ManagementBeacon)
if _frame:
ssid = _frame.get_ssid()
channel = _frame.get_ds_parameter_set()
security = ieee80211.get_security(_frame)
for item in _frame.get_vendor_specific():
oui = item[0]
if oui == self.hp_ie_oui:
ie_data = item[1]
info_items = OrderedDict()
info_items['SSID'] = ssid
info_items['Channel'] = channel
info_items['Security'] = security
self.process_hp_ie(ie_data, info_items)
aux = writer.get_device_information_dict(device_mac.upper(), self.__module_name__, info_items)
self.__output__.put(aux)
def process_frame(self, frame_ctl, mgt_frame):
"""
Process Probe Response frame searching for WPS IEs and printing the
information.
"""
device_mac = ieee80211.get_string_mac_address_from_array(
mgt_frame.get_source_address())
if device_mac not in self.devices.keys():
self.devices[device_mac] = list()
if frame_ctl.get_subtype(
) == ieee80211.TYPE_MGMT_SUBTYPE_PROBE_RESPONSE:
_frame = self.decoder.get_protocol(
dot11.Dot11ManagementProbeResponse)
if _frame:
ssid = _frame.get_ssid()
channel = _frame.get_ds_parameter_set()
security = ieee80211.get_security(_frame)
vs_list = _frame.get_vendor_specific()
for item in vs_list:
oui, data = item
vs_type = data[0]
length = struct.pack("B", len(oui + data))
raw_data = wps.WPSInformationElement.VENDOR_SPECIFIC_IE_ID + length + oui + data
if oui == wps.WPSInformationElement.WPS_OUI and vs_type == wps.WPSInformationElement.WPS_OUI_TYPE:
info_items = dict()
if ssid:
info_items['SSID'] = ssid
if channel:
info_items['Channel'] = channel
info_items['Security'] = security
ie = wps.WPSInformationElement(raw_data)
for element in ie.get_elements():
k, v = element
if all(c in string.printable for c in v):
info_items[string.capwords(k)] = v
else:
info_items[string.capwords(k)] = repr(v)
aux = writer.get_device_information_dict(
device_mac.upper(), self.__module_name__,
info_items)
self.__output__.put(aux)
def process_body(self, mgt_frame, data):
"""
Process Probe Response frame searching for WPS and P2P IEs and storing information.
"""
device_mac = ieee80211.get_string_mac_address_from_array(
mgt_frame.get_source_address())
probe_response_frame = self.decoder.get_protocol(
dot11.Dot11ManagementProbeResponse)
ssid = probe_response_frame.get_ssid()
if not ssid:
return
if not ssid.startswith(self.WIFI_DIRECT_SSID):
return
if device_mac not in self.__devices__.keys():
self.__devices__[device_mac] = list()
vs_list = probe_response_frame.get_vendor_specific()
wps_ie_info = dict()
p2p_ie_info = dict()
channel = probe_response_frame.get_ds_parameter_set()
for vs_element in vs_list:
oui, data = vs_element
vs_type = data[0]
length = struct.pack("B", len(oui + data))
raw_data = wps.WPSInformationElement.VENDOR_SPECIFIC_IE_ID + length + oui + data
if oui == wps.WPSInformationElement.WPS_OUI and vs_type == wps.WPSInformationElement.WPS_OUI_TYPE:
ie = wps.WPSInformationElement(raw_data)
for wps_element in ie.get_elements():
k, v = wps_element
if all(c in string.printable for c in v):
wps_ie_info[string.capwords(k)] = v
else:
wps_ie_info[string.capwords(k)] = repr(v)
elif oui == p2p.P2PInformationElement.P2P_OUI and vs_type == p2p.P2PInformationElement.P2P_OUI_TYPE:
ie = p2p.P2PInformationElement(raw_data)
for p2p_element in ie.get_elements():
k, v = p2p_element
if all(c in string.printable for c in v):
p2p_ie_info[k] = v
else:
p2p_ie_info[k] = repr(v)
if not p2p_ie_info:
return
info_items = OrderedDict()
info_items['SSID'] = ssid
if channel:
info_items['Channel'] = channel
for key, value in p2p_ie_info.items():
info_items['%s' % key] = value
for key, value in wps_ie_info.items():
info_items['WPS %s' % key] = value
aux = writer.get_device_information_dict(device_mac.upper(),
self.__module_name__,
info_items)
self.__output__.put(aux)
