def parse(list): parsed_list = [] for network in list: try: ap={} network = network.strip() essid="" address="" quality="" signal="" channel="" encryption_key="" key_type="" group_cipher="" pairwise_cipher="" authentication_suites="" tsf="" frequency="" #Get Frequency match = re.search('Frequency:(\S+)', network) if match: frequency = match.group(1) ap.update({"frequency":frequency}) #Get the TSF match = re.search('Extra:tsf=(\S+)', network) if match: tsf = match.group(1) i = int(tsf, 16) tsf = str(timedelta(microseconds=i))[:-4] ap.update({"tsf":tsf}) #Get the name of the AP match = re.search('ESSID:"(([ ]*(\S+)*)*)"',network) if match: essid = match.group(1) ap.update({"essid":essid}) #Get the BSSID of the AP match = re.search('Address: (\S+)',network) if match: address = match.group(1) ap.update({"mac":address}) #Get the Channel of the AP match = re.search('Channel:(\S+)',network) if match: channel = match.group(1) ap.update({"channel":channel}) #Find the brand of the AP global table_of_manufacturers manufacturer_data = manufacturer.search(table_of_manufacturers,str(address)) if(len(manufacturer_data)>0): ap.update({"manufacturer":manufacturer_data[0].manuf}) ap.update({"comment":manufacturer_data[0].comment}) else: ap.update({"manufacturer":"Null"}) ap.update({"comment":"Null"}) #Get the quality of the signal and the signal level match = re.search('Quality=(\d+/\d+) Signal level=(-\d+) dBm',network) if match: quality = match.group(1) a = quality[0:2] b = quality[3:5] quality_calc = format((float(a)/float(b)), '.2f') signal = match.group(2) ap.update({"quality":quality}) ap.update({"quality_calc":quality_calc}) ap.update({"signal":signal}) #Check if there is an Encryption key on the AP match = re.search('Encryption key:(\S+)',network) if match: encryption_key = match.group(1) ap.update({"encryption":encryption_key}) #Find the encryption type (WEP, WPA, WPA2 or Open) match = re.search(r'(?<=802.11i/)[a-zA-Z0-9_ ]*',network) if match and match != "Unknown" and match != "IEEE 802": key_type=match.group(0) ap.update({"key type":key_type}) elif ap['encryption']=='on': key_type="WEP" ap.update({"key type":key_type}) else: key_type="Open" ap.update({"key type":key_type}) #Get the Cipher being used match = re.search(r'Group Cipher : ([a-zA-Z0-9_ ]*)',network) if match: group_cipher=match.group(1) ap.update({"group cipher":group_cipher}) elif ap['encryption']=='on': group_cipher="WEP" ap.update({"group cipher":group_cipher}) else: group_cipher="" ap.update({"group cipher":group_cipher}) #Get the Pairwise Cipher being used match = re.search('Pairwise Ciphers ([(\d+)]*) : ([a-zA-Z0-9_ ]*)',network) if match: pairwise_cipher=match.group(2) ap.update({"pairwise cipher":pairwise_cipher}) elif ap['encryption']=='on': pairwise_cipher="WEP" ap.update({"pairwise cipher":pairwise_cipher}) else: pairwise_cipher="" ap.update({"pairwise cipher":pairwise_cipher}) #Get the Authentication Suites match = re.search('Authentication Suites ([(\d+)]*) : ([a-zA-Z0-9_ ]*)',network) if match: authentication_suites=match.group(2) ap.update({"authentication suites":authentication_suites}) elif ap['encryption']=='on': authentication_suites="" ap.update({"authentication suites":authentication_suites}) else: authentication_suites="" ap.update({"authentication suites":authentication_suites}) parsed_list.append(ap) except: pass return parsed_list
def aps_lookup(pkt): global table_of_manufacturers global channel table_of_manufacturers = manufacturer.MacParser( manufacturer_table).refresh() parsed_list = [] ap = {} if (channel > 13): channel = 1 channel_hopper() channel += 1 # we are checking if ssid is already in the access_points list (and we also want same ssid with different bssid) if ((pkt.haslayer(Dot11Beacon) or pkt.haslayer(Dot11ProbeResp)) and (pkt[Dot11].addr3 not in access_points)): # for future work #print pkt[Dot11].cap #print pkt[Dot11ProbeResp].cap access_points.add(pkt[Dot11].addr3) ssid = pkt[Dot11].info ap.update({"essid": ssid}) bssid = pkt[Dot11].addr3 ap.update({"mac": bssid.upper()}) channel = int(ord(pkt[Dot11Elt:3].info)) ap.update({"channel": channel}) capability = pkt.sprintf("{Dot11Beacon:%Dot11Beacon.cap%}\ {Dot11ProbeResp:%Dot11ProbeResp.cap%}") extra = pkt.notdecoded sig_str = -(256 - ord(extra[-4:-3])) ap.update({"signal": sig_str}) manufacturer_data = manufacturer.search(table_of_manufacturers, str(pkt.addr2)) if (manufacturer_data == []): vendor = "Not Found" ap.update({"manufacturer": "Null"}) else: vendor = manufacturer_data[0].manuf ap.update({"manufacturer": vendor}) if (str(vendor) == "None"): vendor = "Not Found" if (re.search("privacy", capability)): encryption = "1" key_type = "Protected" ap.update({"key type": key_type}) # for future work #print pkt[Dot11Elt].ID #if (pkt[Dot11Elt].ID == 48): # key_type = "WPA2" # ap.update({"key type":key_type}) # encryption = key_type #elif (pkt[Dot11Elt].ID == 221 and pkt[Dot11Elt].info.startswith('\x00P\xf2\x01\x01\x00')): # key_type = "WEP" # ap.update({"key type":key_type}) # encryption = key_type #encryption = "1" #key_type="Yes" #ap.update({"key type":key_type}) else: encryption = "0" key_type = "Open" ap.update({"key type": key_type}) # call passive detectors if (profile): passive_detectors.authorized_aps(ap, profile) passive_detectors.free_WiFis_detect(ap, captured_aps) passive_detectors.spot_karma(ap) captured_aps.append(ap) spaces = 23 - len(ssid) spaces = ' ' * spaces if encryption == "0": print colors.get_color("OKGREEN") + "%s %s %s %2d %s %s %s" % ( ssid, spaces, bssid, int(channel), vendor, encryption, sig_str) + colors.get_color("ENDC") else: print "%s %s %s %2d %s %s %s" % ( ssid, spaces, bssid, int(channel), vendor, encryption, sig_str) ## For Database Module ##db_api.insert_in_db_scapy(conn, ssid, bssid, int(channel), vendor, encryption) signal.signal(signal.SIGINT, signal_handler)