def test_integration_devices_get_all_date_phy_filter(self): here_dir = os.path.dirname(os.path.abspath(__file__)) test_db = os.path.join(here_dir, "../assets/testdata.kismet_5") abstraction = kismetdb.Devices(test_db) all_alerts = abstraction.get_all(first_time_gt="2018-01-01", phyname=["Bluetooth", "IEEE802.11"]) assert all_alerts
def test_integration_devices_yield_meta(self): here_dir = os.path.dirname(os.path.abspath(__file__)) test_db = os.path.join(here_dir, "../assets/testdata.kismet_5") abstraction = kismetdb.Devices(test_db) for alert in abstraction.yield_meta(): assert alert assert "device" not in alert
def test_integration_devices_get_meta(self): here_dir = os.path.dirname(os.path.abspath(__file__)) test_db = os.path.join(here_dir, "../assets/testdata.kismet_5") abstraction = kismetdb.Devices(test_db) all_alerts = abstraction.get_meta() assert all_alerts assert "json" not in all_alerts[0]
def test_integration_devices_get_all(self): here_dir = os.path.dirname(os.path.abspath(__file__)) test_db = os.path.join(here_dir, "../assets/testdata.kismet_4") abstraction = kismetdb.Devices(test_db) all_devices = abstraction.get_all() assert all_devices for device in all_devices: assert isinstance(device["min_lat"], float) assert isinstance(device["min_lon"], float) assert isinstance(device["max_lat"], float) assert isinstance(device["max_lon"], float) assert isinstance(device["avg_lat"], float) assert isinstance(device["avg_lon"], float)
def main(): parser = argparse.ArgumentParser(description="Kismet devices to json") parser.add_argument("--in", action="store", dest="infile", help="Input (.kismet) file") parser.add_argument("--out", action="store", dest="outfile", help=("Output filename (optional). If omitted, logs " "multi-line and indented (human-readable) " "to stdout.")) parser.add_argument("--start-time", action="store", dest="starttime", help="Only list devices seen after given time") parser.add_argument("--min-signal", action="store", dest="minsignal", help=("Only list devices with a best signal higher " "than min-signal")) results = parser.parse_args() query_args = {} if results.infile is None: print("Expected --in [file]") sys.exit(1) if not os.path.isfile(results.infile): print("Could not find input file \"{}\"".format(results.infile)) sys.exit(1) if results.starttime: query_args["first_time_gt"] = results.starttime if results.minsignal: query_args["strongest_signal_gt"] = results.minsignal logf = None devices_abstraction = kismetdb.Devices(results.infile) devs = [row["device"] for row in devices_abstraction.get_all(**query_args)] if results.outfile: logf = open(results.outfile, "w") logf.write( json.dumps(devs, sort_keys=True, indent=4, separators=(",", ": "))) else: print( json.dumps(devs, sort_keys=True, indent=4, separators=(",", ": ")))
def main(): parser = argparse.ArgumentParser(description="Kismet to Filebeat json") parser.add_argument("--in", action="store", dest="infile", required=True, help="Input (.kismet) file") parser.add_argument("--out", action="store", dest="outfile", help=("Output filename (optional) for appending. If " "unspecified, each record will be printed to " "stdout, one record per line, ideal for piping " "into filebeat.")) parser.add_argument("--start-time", action="store", dest="starttime", help="Only list devices seen after given time") parser.add_argument("--min-signal", action="store", dest="minsignal", help=("Only list devices with a best signal higher " "than min-signal")) results = parser.parse_args() query_args = {} if not os.path.isfile(results.infile): print("Could not find input file \"{}\"".format(results.infile)) sys.exit(1) if results.starttime: query_args["first_time_gt"] = results.starttime if results.minsignal: query_args["strongest_signal_gt"] = results.minsignal logf = None devices_abstraction = kismetdb.Devices(results.infile) for device in [ json.loads(row["device"]) for row in devices_abstraction.yield_all(**query_args) ]: stripped_device = strip_old_empty_trees(device) if results.outfile: logf = open(results.outfile, "a") logf.write(json.dumps(stripped_device, sort_keys=True)) else: print(json.dumps(stripped_device, sort_keys=True))
def test_integration_devices_yield_all_date_phy_filter(self): here_dir = os.path.dirname(os.path.abspath(__file__)) test_db = os.path.join(here_dir, "../assets/testdata.kismet_5") abstraction = kismetdb.Devices(test_db) for device in abstraction.yield_meta(first_time_gt="2018-01-01", phyname=[ "Bluetooth", "IEEE802.11" ]): assert device assert "device" not in device assert isinstance(device["min_lat"], float) assert isinstance(device["min_lon"], float) assert isinstance(device["max_lat"], float) assert isinstance(device["max_lon"], float) assert isinstance(device["avg_lat"], float) assert isinstance(device["avg_lon"], float)
def test_integration_devices_instantiate(self): here_dir = os.path.dirname(os.path.abspath(__file__)) test_db = os.path.join(here_dir, "../assets/testdata.kismet_5") abstraction = kismetdb.Devices(test_db) assert abstraction
def main(): parser = argparse.ArgumentParser(description="Kismet to KML Log Converter") parser.add_argument("--in", action="store", dest="infile", help="Input (.kismet) file") parser.add_argument("--out", action="store", dest="outfile", help="Output filename (optional)") parser.add_argument("--start-time", action="store", dest="starttime", help="Only list devices seen after given time") parser.add_argument("--min-signal", action="store", dest="minsignal", help=("Only list devices with a best signal higher " "than min-signal")) parser.add_argument("--strongest-point", action="store_true", dest="strongest", default=False, help="Plot points based on strongest signal") parser.add_argument("--title", action="store", dest="title", default="Kismet", help="Title embedded in KML file") parser.add_argument("--ssid", action="store", dest="ssid", help=("Only plot networks which match the SSID " "(or SSID regex)")) results = parser.parse_args() query_args = {} if results.infile is None: print("Expected --in [file]") sys.exit(1) if results.starttime: query_args["first_time_gt"] = results.starttime if results.minsignal: query_args["strongest_signal_gt"] = results.minsignal kml = simplekml.Kml() kml.document.name = results.title num_plotted = 0 devices = kismetdb.Devices(results.infile) for device in devices.yield_all(**query_args): try: dev = json.loads(device["device"]) # Check for the SSID if we"re doing that; allow it to trip # a KeyError and jump out of processing this device if results.ssid is not None: matched = False for s in dev["dot11.device"][ "dot11.device.advertised_ssid_map"]: # NOQA adv_ssid = dev["dot11.device"][ "dot11.device.advertised_ssid_map"][s][ "dot11.advertisedssid.ssid"] # NOQA if re.match(results.ssid, adv_ssid): matched = True break if not matched: print("Not a match on SSID!") continue loc = None if results.strongest: loc = dev["kismet.device.base.signal"][ "kismet.common.signal.peak_loc"] # NOQA else: loc = dev["kismet.device.base.location"][ "kismet.common.location.avg_loc"] # NOQA if loc == 0: print("Null island...") continue mac = dev["kismet.device.base.macaddr"] title = "" if "kismet.device.base.name" in dev: title = dev["kismet.device.base.name"] if title == "": if "dot11.device" in dev: if "dot11.device.last_beaconed_ssid" in dev[ "dot11.device"]: # NOQA title = dev["dot11.device"][ "dot11.device.last_beaconed_ssid"] # NOQA if title == "": title = mac kml.newpoint(name=title, coords=[(loc["kismet.common.location.lon"], loc["kismet.common.location.lat"], loc["kismet.common.location.alt"])]) num_plotted = num_plotted + 1 except TypeError: continue except KeyError: continue kml.save(results.outfile) print("Exported {} devices to {}".format(num_plotted, results.outfile))
def main(): parser = argparse.ArgumentParser(description="Kismet to CSV Log Converter") parser.add_argument("--in", action="store", dest="infile", help="Input (.kismet) file") parser.add_argument("--out", action="store", dest="outfile", help="Output CSV filename") parser.add_argument("--table", action="store", dest="srctable", help="Select the table to output") results = parser.parse_args() replacements = {} if results.infile is None: print("Expected --in [file]") sys.exit(1) if not os.path.isfile(results.infile): print("Could not find input file \"{}\"".format(results.infile)) sys.exit(1) if results.srctable is None: results.srctable = "devices" replacements["srctable"] = results.srctable if results.srctable == "devices": table_abstraction = kismetdb.Devices(results.infile) column_names = [ "first_time", "last_time", "devkey", "phyname", "devmac", "strongest_signal", "min_lat", "min_lon", "max_lat", "max_lon", "avg_lat", "avg_lon", "bytes_data", "type" ] elif results.srctable == "packets": table_abstraction = kismetdb.Packets(results.infile) column_names = [ "ts_sec", "ts_usec", "phyname", "sourcemac", "destmac", "transmac", "frequency", "devkey", "lat", "lon", "packet_len", "signal", "datasource", "dlt", "error" ] elif results.srctable == "datasources": table_abstraction = kismetdb.DataSources(results.infile) column_names = [ "uuid", "typestring", "definition", "name", "interface" ] elif results.srctable == "alerts": table_abstraction = kismetdb.Alerts(results.infile) column_names = [ "ts_sec", "ts_usec", "phyname", "devmac", "lat", "lon", "header" ] else: print("Invalid table entered, please retry with either devices, " "packets, datasources or alerts.") sys.exit(1) if results.outfile is None: results.outfile = "{}-{}.csv".format(results.infile, replacements["srctable"]) csv_file_mode = "wb" if sys.version_info[0] < 3 else "w" with open(results.outfile, csv_file_mode) as csvfile: csvWriter = csv.DictWriter(csvfile, delimiter="\t", extrasaction="ignore", fieldnames=column_names) nrows = 0 csvWriter.writeheader() for row in table_abstraction.yield_meta(): csvWriter.writerow(row) nrows = nrows + 1 if nrows % 1000 == 0: print("Wrote {} rows".format(nrows))