how to create wifi packet sniffer using python and scapy

Namaste Friends,



As We already Know, In Today's Digital Life Wireless Technology Spreading Their Range Very Rapidly And Now, Wi-Fi Networks Are Really Playing Big Roles In Providing Fast And Reliable Network Connections To Their Users and  Yes, That's Why Now, I Am Focusing My Blog Tutorials On Wireless Related Python Tools. In Other Words, Now I Also Wants To Show You Python programming Language Power In Wireless Technology Field And as A Beginning Today, I am Going To Show You How To Find Available Wireless Access Points (AP) Using Python And Scapy.

Now, Let Me First Introduce Python Scapy Module.


Python Scapy Module Introduction

Python Scapy Module Is A Very Useful Module That's Provides Us Capabilities To Encode And Decode Various Types of Packets Belongs To Different Types of Protocol, Various Types Of Packet Sniffing, Various Types Of Packet Capturing And Receiving And Much More. In Simple Word, Scapy module can be used to handle different types of Network Task like Scanning, Packet Capturing, Sniffing, Different Types of Network Attacks and much more.

And In My Opinion If You Want To Be A Intelligent Network Expert Then Don't Under estimate The Possibilities Of Python Scapy Module.

Now, Let's Focus To Our Wireless Sniffing Codes.
In These Codes, First With The Help of Scapy Module, I Will try To Capture All Packets Available On Air Then Again With The Help Of Scapy Module I Will Also Extract Or Decode Those Frames To Find Available Access Point.
Ohh, I Forget To Mention That To Run These Codes We Also Need Aircrack-ng Suite And Monitor Mode Supported Wifi Card Because To Make Our Script Successful We Need Monitor Mode And For Monitor Mode We Need Supported Wifi Card And Airmon-ng Suite Or You Can Also Use Built-in Command Line Tool Called iwconfig. Click here
Now, let's Focus To Our Main Point. In Simple Words, We Will Try To Extract Becon Frames Because These Frames are Responsible To Help In Finding Available Access Point SSID And BSSID.  SSID means AP Name And BSSID means Access Point MAC Address. Now, Let Me Show You Quickly My Codes.


Get_Wifi_AP.py


 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
#!/usr/bin/env python


# import scapy module
import scapy.all as scapy


# Extracted Packet Format 
Pkt_Info = """
---------------[ Packet Captured ]-----------------------
 Subtype  : {}
 Address 1  : {}
 Address 2 : {} [BSSID]
 Address 3  : {}
 Address 4 : {}
 AP  : {} [SSID]

"""

# Founded Access Point List
ap_list = []

# For Extracting Available Access Points
def PacketHandler(pkt) :
 #
 # pkt.haslayer(scapy.Dot11Elt)
 #
 #  This Situation Help Us To Filter Dot11Elt Traffic From
 #  Various Types Of Packets
 #
 # pkt.type == 0 
 #
 # This Filter Help Us To Filter Management Frame From Packet
 #
 # pkt.subtype == 8 
 #
 # This Filter Help Us To Filter Becon From From Captured Packets
 #
 #
 if pkt.haslayer(scapy.Dot11Elt) and pkt.type == 0 and pkt.subtype == 8 :
  # 
  # This Function Will Verify Not To Print Same Access Point Again And Again
  #
  if pkt.addr2 not in ap_list:
   #
   # Append Access Point
   #
   ap_list.append(pkt.addr2)
   #
   # Print Packet Informations
   #
    print Pkt_Info.format(pkt.subtype,pkt.addr1, pkt.addr2, pkt.addr3, pkt.addr4, pkt.info)
 
# Main Trigger
if __name__=="__main__":

 # Previous Function Trigger
 #
 # here, iface="mon0" for Interface with monitor mode enable
 # 
 scapy.sniff(iface="mon0", prn = PacketHandler, timeout=300)

As You See In Above Codes, In First Line To Import Scapy Module Then  PacketHandler(pkt)  Function Is For Extracting Packets as pkt.haslayer(scapy.Dot11Elt) To Filter Dot11Elt Frames From Captured Frames, pkt.type == 0  To Filter Management Frames And pkt.subtype == 8  To Filter Becon Frames.

Here, Our Main Purpose Is To Capture Becon Frames Because These Packets Contains Access Point Information. Then, We will Simply Extract Those Becon Frames To Find Our Useful Information.
Thanks To Scapy Module That Help Us To Do Our Work Very Easily And Fastly.

Now, To Run This Codes, First We need To enable Monitor Mode.

Just Follow Below Setups To Enable Monitor Mode.



sudo airmon-ng

sudo airmon-ng start [Interface]




Now To Run Our Sniffing Code Just Type Below Commands

sudo python Get_Wifi_AP.py


To Download Raw Script Click Here

And Then, Wait For Few Moment To Find Available Access Points In Range of Your device.

Done!


In My Next Tutorials,  I Will Explain More Other Python Tools Related To Wireless Testings.

Thanks For Reading
Have A Nice Day

Share this

Related Posts

Previous
Next Post »