class Sniffer(object):
"Channel hopping, packet sniffing, parsing and finally storing"
def __init__(self,
db,
interface,
related_interface,
sniffer_name,
enable_hopping,
use_24=True,
use_pop5=False):
self.db = db
self.sniffer_name = sniffer_name
self.interface = interface
self.enable_hopping = enable_hopping
# Check interface existance
if not self._iface_exists(interface):
print "Exiting: Interface %s doesn't exist" % interface
sys.exit(1)
if related_interface and not self._iface_exists(related_interface):
print "Exiting: Related interface %s doesn't exist" % interface
sys.exit(1)
# Logging
header = 'SNIFF'
if sniffer_name:
header += '_' + sniffer_name
self.log = Log(self.db, use_stdout=True, header=header)
# Submodules
self.packet_parser = PacketParser(self.log)
self.hopper = Hopper(self.log, interface, related_interface)
ret = self.hopper.configure(use_24=use_24, use_pop5=use_pop5)
if ret is False:
sys.exit(1)
config.conf.sniff_promisc = 0
self.log.info("Promiscuous mode disabled")
self.watchdog = WatchDog(interval=20)
def _iface_exists(self, iface_name):
"Check if interface exists"
path = '/sys/class/net'
iface_path = os.path.join(path, iface_name)
try:
_ = os.stat(iface_path)
return True
except OSError:
return False
def run(self):
"Sniffer main loop"
begin = time()
pkts_all = 0
sniff_begin = time()
stat_prev = sniff_begin
stat_every = 3 # seconds
while True:
start = time()
# This catches KeyboardInterrupt,
# TODO: Disable this catching + Probably hop on another thread and use prn argument.
# But then - you'd have watchdog problems.
pkts = sendrecv.sniff(iface=self.interface, count=20, timeout=0.1)
pkts_all += len(pkts)
for pkt in pkts:
data = self.packet_parser.parse(pkt)
if data is None:
continue
data['ch'] = self.hopper.channel_number
data['sniffer'] = self.sniffer_name
if ('PROBE_REQ' in data['tags'] or 'PROBE_RESP' in data['tags']
or 'ASSOC_REQ' in data['tags']
or 'DISASS' in data['tags']):
# Increase karma when client traffic is detected
self.hopper.increase_karma()
data['tags'] = list(data['tags'])
self.db.frames.add(data)
now = time()
took = now - start
if stat_prev + stat_every < now:
took = time() - sniff_begin
print "STAT: pkts=%d t_total=%.2fs pps=%.2f swipes=%d avg_swipe_t=%.2f cur_ch=%d" % (
pkts_all,
took,
pkts_all / took,
self.hopper.swipes_total,
took / (self.hopper.swipes_total + 0.001),
self.hopper.channel_number,
)
stat_prev = now
if self.enable_hopping:
ret = self.hopper.karmic_hop()
if ret is False:
break
self.watchdog.dontkillmeplease()
class Sniffer(object):
"Channel hopping, packet sniffing, parsing and finally storing"
def __init__(self, db, interface, related_interface, sniffer_name, enable_hopping,
use_24=True, use_pop5=False):
self.db = db
self.sniffer_name = sniffer_name
self.interface = interface
self.enable_hopping = enable_hopping
# Check interface existance
if not self._iface_exists(interface):
print "Exiting: Interface %s doesn't exist" % interface
sys.exit(1)
if related_interface and not self._iface_exists(related_interface):
print "Exiting: Related interface %s doesn't exist" % interface
sys.exit(1)
# Logging
header = 'SNIFF'
if sniffer_name:
header += '_' + sniffer_name
self.log = Log(self.db, use_stdout=True, header=header)
# Submodules
self.packet_parser = PacketParser(self.log)
self.hopper = Hopper(self.log, interface, related_interface)
ret = self.hopper.configure(use_24=use_24, use_pop5=use_pop5)
if ret is False:
sys.exit(1)
config.conf.sniff_promisc = 0
self.log.info("Promiscuous mode disabled")
self.watchdog = WatchDog(interval=20)
def _iface_exists(self, iface_name):
"Check if interface exists"
path = '/sys/class/net'
iface_path = os.path.join(path, iface_name)
try:
_ = os.stat(iface_path)
return True
except OSError:
return False
def run(self):
"Sniffer main loop"
begin = time()
pkts_all = 0
sniff_begin = time()
stat_prev = sniff_begin
stat_every = 3 # seconds
while True:
start = time()
# This catches KeyboardInterrupt,
# TODO: Disable this catching + Probably hop on another thread and use prn argument.
# But then - you'd have watchdog problems.
pkts = sendrecv.sniff(iface=self.interface, count=20, timeout=0.1)
pkts_all += len(pkts)
for pkt in pkts:
data = self.packet_parser.parse(pkt)
if data is None:
continue
data['ch'] = self.hopper.channel_number
data['sniffer'] = self.sniffer_name
if ('PROBE_REQ' in data['tags'] or
'PROBE_RESP' in data['tags'] or
'ASSOC_REQ' in data['tags'] or
'DISASS' in data['tags']):
# Increase karma when client traffic is detected
self.hopper.increase_karma()
data['tags'] = list(data['tags'])
self.db.frames.add(data)
now = time()
took = now - start
if stat_prev + stat_every < now:
took = time() - sniff_begin
print "STAT: pkts=%d t_total=%.2fs pps=%.2f swipes=%d avg_swipe_t=%.2f cur_ch=%d" % (
pkts_all, took,
pkts_all / took,
self.hopper.swipes_total,
took/(self.hopper.swipes_total + 0.001),
self.hopper.channel_number,
)
stat_prev = now
if self.enable_hopping:
ret = self.hopper.karmic_hop()
if ret is False:
break
self.watchdog.dontkillmeplease()
