def aps_lookup(pkt): global table_of_manufacturers global channel table_of_manufacturers = manufacturer.MacParser( manufacturer_table).refresh() parsed_list = [] ap = {} if (channel > 13): channel = 1 channel_hopper() channel += 1 # we are checking if ssid is already in the access_points list (and we also want same ssid with different bssid) if ((pkt.haslayer(Dot11Beacon) or pkt.haslayer(Dot11ProbeResp)) and (pkt[Dot11].addr3 not in access_points)): # for future work #print pkt[Dot11].cap #print pkt[Dot11ProbeResp].cap access_points.add(pkt[Dot11].addr3) ssid = pkt[Dot11].info ap.update({"essid": ssid}) bssid = pkt[Dot11].addr3 ap.update({"mac": bssid.upper()}) channel = int(ord(pkt[Dot11Elt:3].info)) ap.update({"channel": channel}) capability = pkt.sprintf("{Dot11Beacon:%Dot11Beacon.cap%}\ {Dot11ProbeResp:%Dot11ProbeResp.cap%}") extra = pkt.notdecoded sig_str = -(256 - ord(extra[-4:-3])) ap.update({"signal": sig_str}) manufacturer_data = manufacturer.search(table_of_manufacturers, str(pkt.addr2)) if (manufacturer_data == []): vendor = "Not Found" ap.update({"manufacturer": "Null"}) else: vendor = manufacturer_data[0].manuf ap.update({"manufacturer": vendor}) if (str(vendor) == "None"): vendor = "Not Found" if (re.search("privacy", capability)): encryption = "1" key_type = "Protected" ap.update({"key type": key_type}) # for future work #print pkt[Dot11Elt].ID #if (pkt[Dot11Elt].ID == 48): # key_type = "WPA2" # ap.update({"key type":key_type}) # encryption = key_type #elif (pkt[Dot11Elt].ID == 221 and pkt[Dot11Elt].info.startswith('\x00P\xf2\x01\x01\x00')): # key_type = "WEP" # ap.update({"key type":key_type}) # encryption = key_type #encryption = "1" #key_type="Yes" #ap.update({"key type":key_type}) else: encryption = "0" key_type = "Open" ap.update({"key type": key_type}) # call passive detectors if (profile): passive_detectors.authorized_aps(ap, profile) passive_detectors.free_WiFis_detect(ap, captured_aps) passive_detectors.spot_karma(ap) captured_aps.append(ap) spaces = 23 - len(ssid) spaces = ' ' * spaces if encryption == "0": print colors.get_color("OKGREEN") + "%s %s %s %2d %s %s %s" % ( ssid, spaces, bssid, int(channel), vendor, encryption, sig_str) + colors.get_color("ENDC") else: print "%s %s %s %2d %s %s %s" % ( ssid, spaces, bssid, int(channel), vendor, encryption, sig_str) ## For Database Module ##db_api.insert_in_db_scapy(conn, ssid, bssid, int(channel), vendor, encryption) signal.signal(signal.SIGINT, signal_handler)
def scan(*arg): ##print ("Scanning "+str(len(arg))) active_probing, profile = False, False interface = arg[0] if(len(arg)==2): profile = arg[1] elif(len(arg)==3): active_probing = arg[1] interface_monitor = arg[2] elif(len(arg)==4): profile = arg[1] active_probing = arg[2] interface_monitor = arg[3] global table_of_manufacturers table_of_manufacturers = manufacturer.MacParser(manufacturer_table).refresh() sys.stdout=Unbuffered(sys.stdout) table = ['Date','AP Name','CH','BSSID','Brand','Signal','Quality','Frequency','Encryption','Cipher', 'Authentication','TSF'] print (colors.get_color("BOLD") + '{:^22s}|{:^24s}|{:^9s}|{:^19s}|{:^15s}|{:^8s}|{:^9s}|{:^11s}|{:^18s}|{:^8s}|{:^16s}|{:^16s}'.format(table[0],table[1],table[2],table[3],table[4],table[5],table[6],table[7],table[8],table[9],table[10],table[11]) + colors.get_color("ENDC")) while True: ap_list = get_results(interface) try: for line in ap_list: # filter to check if APs already exists if filter_aps(line, profile): limited = False if len(line['essid'])>21: limited = True # apply detections heuristics if limited: if (noknowled_detector.suspicious_behaviours(line,captured_aps) == "suspicious_1"): print (colors.get_color("FAIL") + '{:^22s} {:<23s} {:^9s} {:^19s} {:^15s} {:^8s} {:^9s} {:^10s} {:^18s} {:^8s} {:^16s} {:<18s}'.format(getTimeDate(),line['essid'][0:21],line['channel'],line['mac'], line['manufacturer'],line['signal'],line['quality'],line['frequency'],line['key type'],line['group cipher'], line['authentication suites'], line['tsf']) + colors.get_color("ENDC") ) elif (noknowled_detector.suspicious_behaviours(line,captured_aps) == "suspicious_2" or noknowled_detector.suspicious_behaviours(line,captured_aps) == "suspicious_4"): print (colors.get_color("FAIL1") + '{:^22s} {:<23s} {:^9s} {:^19s} {:^15s} {:^8s} {:^9s} {:^10s} {:^18s} {:^8s} {:^16s} {:<18s}'.format(getTimeDate(),line['essid'][0:21],line['channel'],line['mac'], line['manufacturer'],line['signal'],line['quality'],line['frequency'],line['key type'],line['group cipher'], line['authentication suites'], line['tsf']) + colors.get_color("ENDC") ) elif (noknowled_detector.suspicious_behaviours(line,captured_aps) == "suspicious_3"): print (colors.get_color("FAIL2") + '{:^22s} {:<23s} {:^9s} {:^19s} {:^15s} {:^8s} {:^9s} {:^10s} {:^18s} {:^8s} {:^16s} {:<18s}'.format(getTimeDate(),line['essid'][0:21],line['channel'],line['mac'], line['manufacturer'],line['signal'],line['quality'],line['frequency'],line['key type'],line['group cipher'], line['authentication suites'], line['tsf']) + colors.get_color("ENDC") ) else: print '{:^22s} {:<23s} {:^9s} {:^19s} {:^15s} {:^8s} {:^9s} {:^10s} {:^18s} {:^8s} {:^16s} {:<18s}'.format(getTimeDate(),line['essid'][0:21],line['channel'],line['mac'], line['manufacturer'],line['signal'],line['quality'],line['frequency'],line['key type'],line['group cipher'], line['authentication suites'], line['tsf']) else: if (noknowled_detector.suspicious_behaviours(line,captured_aps) == "suspicious_1"): print (colors.get_color("FAIL") + '{:^22s} {:<23s} {:^9s} {:^19s} {:^15s} {:^8s} {:^9s} {:^10s} {:^18s} {:^8s} {:^16s} {:<18s}'.format(getTimeDate(),line['essid'],line['channel'],line['mac'], line['manufacturer'],line['signal'],line['quality'],line['frequency'],line['key type'],line['group cipher'], line['authentication suites'], line['tsf']) + colors.get_color("ENDC") ) elif (noknowled_detector.suspicious_behaviours(line,captured_aps) == "suspicious_2" or noknowled_detector.suspicious_behaviours(line,captured_aps) == "suspicious_4"): print (colors.get_color("FAIL1") + '{:^22s} {:<23s} {:^9s} {:^19s} {:^15s} {:^8s} {:^9s} {:^10s} {:^18s} {:^8s} {:^16s} {:<18s}'.format(getTimeDate(),line['essid'],line['channel'],line['mac'], line['manufacturer'],line['signal'],line['quality'],line['frequency'],line['key type'],line['group cipher'], line['authentication suites'], line['tsf']) + colors.get_color("ENDC") ) elif (noknowled_detector.suspicious_behaviours(line,captured_aps) == "suspicious_3"): print (colors.get_color("FAIL2") + '{:^22s} {:<23s} {:^9s} {:^19s} {:^15s} {:^8s} {:^9s} {:^10s} {:^18s} {:^8s} {:^16s} {:<18s}'.format(getTimeDate(),line['essid'],line['channel'],line['mac'], line['manufacturer'],line['signal'],line['quality'],line['frequency'],line['key type'],line['group cipher'], line['authentication suites'], line['tsf']) + colors.get_color("ENDC") ) else: print '{:^22s} {:<23s} {:^9s} {:^19s} {:^15s} {:^8s} {:^9s} {:^10s} {:^18s} {:^8s} {:^16s} {:<18s}'.format(getTimeDate(),line['essid'],line['channel'],line['mac'], line['manufacturer'],line['signal'],line['quality'],line['frequency'],line['key type'],line['group cipher'], line['authentication suites'], line['tsf']) if(profile): passive_detectors.authorized_aps(line, profile) if( line['key type'] == "Open"): passive_detectors.free_WiFis_detect(line, captured_aps) passive_detectors.spot_karma(line) #passive_detectors.deauth_detector(interface_monitor) # new stufx if (active_probing): passive_detectors.spoting_PineAP(line, active_probing, interface_monitor) else: passive_detectors.spoting_PineAP(line) #if (deauth_detect): #passive_detectors.deauth_detector(interface_monitor) # new stufx # end of detections heuristics passive_detectors.check_tsf(line) captured_aps.append(line) signal.signal(signal.SIGINT, signal_handler) time.sleep(1) except Exception, err: logs_api.errors_log(str(err)) pass
def scan(*arg): active_probing, profile = False, False email = arg[0] interface = arg[1] global interface_monitor if(len(arg) == 3): profile = arg[2] elif(len(arg) == 4): active_probing = arg[2] interface_monitor = arg[3] elif(len(arg) == 4): profile = arg[2] active_probing = arg[3] interface_monitor = arg[4] global table_of_manufacturers table_of_manufacturers = manufacturer.MacParser( manufacturer_table).refresh() table = ['Date', 'AP Name', 'CH', 'BSSID', 'Brand', 'Signal', 'Quality', 'Frequency', 'Encryption', 'Cipher', 'Authentication', 'TSF'] print(colors. get_color("BOLD") + '{:^22s}|{:^24s}|{:^9s}|{:^19s}|{:^15s}|{:^8s}|{:^9s}|{:^11s}|{:^18s}|{:^8s}|{:^16s}|{:^16s}'.format( table[0], table[1], table[2], table[3], table[4], table[5], table[6], table[7], table[8], table[9], table[10], table[11]) + colors.get_color("ENDC"), flush=True) while True: ap_list = get_results(interface) try: for line in ap_list: # filter to check if APs already exists if filter_aps(line, profile): limited = False if (noknowledge_detector.suspicious_behaviours(line, captured_aps) == "suspicious_1"): print(colors.get_color("FAIL") + '{:^22s} {:<23s} {:^9s} {:^19s} {:^15s} {:^8s} {:^9s} {:^10s} {:^18s} {:^8s} {:^16s} {:<18s}'.format(getTimeDate( ), line['essid'], line['channel'], line['mac'], line['manufacturer'], line['signal'], line['quality'], line['frequency'], line['key type'], line['group cipher'], line['authentication suites'], line['tsf']) + colors.get_color("ENDC"), flush=True) # captured AP with same bssid and dif essid and encryption (karma) elif (noknowledge_detector.suspicious_behaviours(line, captured_aps) == "suspicious_2" or noknowledge_detector.suspicious_behaviours(line, captured_aps) == "suspicious_4"): print(colors.get_color("FAIL1") + '{:^22s} {:<23s} {:^9s} {:^19s} {:^15s} {:^8s} {:^9s} {:^10s} {:^18s} {:^8s} {:^16s} {:<18s}'.format(getTimeDate( ), line['essid'], line['channel'], line['mac'], line['manufacturer'], line['signal'], line['quality'], line['frequency'], line['key type'], line['group cipher'], line['authentication suites'], line['tsf']) + colors.get_color("ENDC"), flush=True) # captured AP with same essid, bssid, encryption and dif channel elif (noknowledge_detector.suspicious_behaviours(line, captured_aps) == "suspicious_3"): print(colors.get_color("FAIL2") + '{:^22s} {:<23s} {:^9s} {:^19s} {:^15s} {:^8s} {:^9s} {:^10s} {:^18s} {:^8s} {:^16s} {:<18s}'.format(getTimeDate( ), line['essid'], line['channel'], line['mac'], line['manufacturer'], line['signal'], line['quality'], line['frequency'], line['key type'], line['group cipher'], line['authentication suites'], line['tsf']) + colors.get_color("ENDC"), flush=True) # captured AP with same essid, bssid, channel and dif encryption elif (noknowledge_detector.suspicious_behaviours(line, captured_aps) == "suspicious_4"): print(colors.get_color("ORANGE") + '{:^22s} {:<23s} {:^9s} {:^19s} {:^15s} {:^8s} {:^9s} {:^10s} {:^18s} {:^8s} {:^16s} {:<18s}'.format(getTimeDate( ), line['essid'], line['channel'], line['mac'], line['manufacturer'], line['signal'], line['quality'], line['frequency'], line['key type'], line['group cipher'], line['authentication suites'], line['tsf']) + colors.get_color("ENDC"), flush=True) else: email.sendmail("*****@*****.**", "*****@*****.**", "Rouge AP detected..") print('{:^22s} {:<23s} {:^9s} {:^19s} {:^15s} {:^8s} {:^9s} {:^10s} {:^18s} {:^8s} {:^16s} {:<18s}'.format(getTimeDate( ), line['essid'], line['channel'], line['mac'], line['manufacturer'], line['signal'], line['quality'], line['frequency'], line['key type'], line['group cipher'], line['authentication suites'], line['tsf'])) if(profile): passive_detectors.authorized_aps(line, profile) if(line['key type'] == "Open"): passive_detectors.free_WiFis_detect(line, captured_aps) passive_detectors.spot_karma(line) # passive_detectors.deauth_detector(interface_monitor) # new stufx if (active_probing): passive_detectors.spoting_PineAP( line, active_probing, interface_monitor) else: passive_detectors.spoting_PineAP(line) passive_detectors.check_tsf(line) captured_aps.append(line) signal.signal(signal.SIGINT, signal_handler) time.sleep(1) except Exception as err: logs_api.errors_log(str(err)) pass