how to create AP/SSID finder Using Python and Pyshark module | Airodump-ng Clone Using Python - Part - 1

Posted by Suraj Singh on July 06, 2017 · 20 mins read
hii readers,



In Today's Post, I Am Going To Show How To Create AcessPoint / ESSID Finder Using Python And PyShark Or How To Create Airodump-ng Clone Using Python And PyShark - Part 1 Or How to find New Wireless Access Points Using Pyshark Etc ... Etc

readers, This Is My Seventh Post On Wireless Testing Topic and in today's post, i am going to show you one of the simplest way to extract various types of information like


  • BSSID
  • Frame Type
  • Frame Sub Type
  • Addr
  • Channel
  • Frequency
  • Signal Dbm
  • Data Rate
  • Phy
  • ESSID

from Beacon Packets Using PyShark Module. readers, if you are new visitor on my blog then i will suggest you to check our blog index for more useful posts.

So, Let's Start Our Tutorial With PyShark Introduction

PyShark Introduction


According to its Official Documentation 

                                         """Python wrapper for tshark, allowing python packet parsing using wireshark dissectors.
There are quite a few python packet parsing modules, this one is different because it doesn't actually parse any packets, it simply uses tshark's (wireshark command-line utility) ability to export XMLs to use its parsing.
This package allows parsing from a capture file or a live capture, using all wireshark dissectors you have installed. Tested on windows/linux."""
For PyShark Installation Instruction and Documentation Check Here

Python Codes Strategy



  • First Import PyShark Module.
  • Use PyShark LiveCapture Function For Capturing Packets.
  • Check Frame Type And Sub Types To Verify as a Beacon Packet.
  • Extract Useful Informations
  • Print On User Screen.

Done!

In Simple Words, We Will Try To Extract Beacon Frames Because These Frames are Responsible For Finding Available Access Point SSID, BSSID And Other Useful Information.  SSID means AP Name And BSSID means Access Point MAC Address. Now, Let Me Show You Quickly My Codes.


LiveBeaconAnalyser.py


  1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
# 
# Live Beacon Packets Analyser
#
# This Script is Based On Pyshark
#
#
#

# import module
import pyshark
import sys

# Required Data Feild
Feild = {
# Key Value Required
'interface' : (None, True),
}


# Format For Printing Beacon Data
BEACON_FORMAT = '\t {bssid} {type} {subtype} {data_rate} {frequency} {channel} {signal} {addr} {ssid} {num}'

# Label
print '\t BSSID #Type #Subtype #Rate #Frequency #Channel #Signal #ADDR #ESSID #Beacon'



def display_info(data):
line = 0
for a,b in data.iteritems():
print BEACON_FORMAT.format(**b)
line+=1

# Backspace Trick
sys.stdout.write("\033[{}A".format(line))
return



# Function For Extracting From pyshark Packets
def ap_info_extractor(pkt):
'''
Extracting Various Values.

Labels :
bssid
type
subtype
addr
channel
frequency
signal
data_rate
phy
ssid


'''
ref = {}
ref['bssid'] = pkt.wlan.bssid
ref['type'] = pkt.wlan.fc_type
ref['subtype'] = pkt.wlan.fc_type_subtype
ref['addr'] = pkt.wlan.addr
ref['channel'] = pkt.wlan_radio.channel
ref['frequency']= pkt.wlan_radio.frequency
ref['signal'] = pkt.wlan_radio.signal_dbm
ref['data_rate']= pkt.wlan_radio.data_rate
ref['phy'] = pkt.wlan_radio.phy
ref['ssid'] = pkt.wlan_mgt.ssid
#ref['psk'] = pkt.wlan_mgt.rsn_akms_list

return ref


# Live Sniffing Function
def wlan_sniffer(cap):
"""
Function For Sniffing Live Beacon Packets From Interface
Based On Pyshark LiveCapture.

"""

# Captured Bssid List
bssid_list = {}

# Get Packets
for num, packets in enumerate(cap):

# Extract Information From Packet
data = ap_info_extractor(packets)

# Packet Num
data['num'] = num

# Append Data In Captured Bssid List
bssid_list[data['bssid']]=data

# Display Captured Packets Information
display_info(bssid_list)
return

# Main Function
def main(**kwargs):
"""
creating pyshark.LiveCapture Object With Beacon Filter Engaged.
"""
cap = pyshark.LiveCapture(display_filter="wlan.fc.type_subtype == 0x0008",**kwargs)

# Live Sniffing Function
wlan_sniffer(cap)

return


if __name__=='__main__':

# Get Arguments
args = sys.argv

if len(args)!=2:
# Check Interface Name Condition

print "[*] Please Provide Interface Name :\n :~# python {} [Interface_name]".format(args[0])
sys.exit(0)

# Interface Name
interface = args[1]

# Trigger Main
main(interface=interface)

To Run These Codes, First You Need To Start Your Wireless Interface On Monitor Mode. If You Don't Know How? Click Here

Then, Open Your Terminal And Type:

sudo python LiveBeaconAnalyser.py mon0

And Then, Wait For Few Moment To Find Available Access Points In Range of Your device.




Done!

Now, Let Me Explain You, What Exactly Happening Here. And To Make These Codes More Easy To Understand here, i am dividing our codes in small parts.



Code Part 1.


Import Module


# import module
import pyshark
import sys

# Required Data Feild
Feild = {
# Key Value Required
'interface' : (None, True),
}


# Format For Printing Beacon Data
BEACON_FORMAT = '\t {bssid} {type} {subtype} {data_rate} {frequency} {channel} {signal} {addr} {ssid} {num}'

# Label
print '\t BSSID #Type #Subtype #Rate #Frequency #Channel #Signal #ADDR #ESSID #Beacon'


Code Part 2.


Function For Print Information In Nice Way.!!


def display_info(data):
line = 0
for a,b in data.iteritems():
print BEACON_FORMAT.format(**b)
line+=1

# Backspace Trick
sys.stdout.write("\033[{}A".format(line))
return




Code Part 3.


Function For Extracting Various Information From Captured Packets.


# Function For Extracting From pyshark Packets
def ap_info_extractor(pkt):
'''
Extracting Various Values.

Labels :
bssid
type
subtype
addr
channel
frequency
signal
data_rate
phy
ssid


'''
ref = {}
ref['bssid'] = pkt.wlan.bssid
ref['type'] = pkt.wlan.fc_type
ref['subtype'] = pkt.wlan.fc_type_subtype
ref['addr'] = pkt.wlan.addr
ref['channel'] = pkt.wlan_radio.channel
ref['frequency']= pkt.wlan_radio.frequency
ref['signal'] = pkt.wlan_radio.signal_dbm
ref['data_rate']= pkt.wlan_radio.data_rate
ref['phy'] = pkt.wlan_radio.phy
ref['ssid'] = pkt.wlan_mgt.ssid
#ref['psk'] = pkt.wlan_mgt.rsn_akms_list

return ref



Code Part 4.


Function For Capturing Live Packets From Interface.



# Live Sniffing Function
def wlan_sniffer(cap):
"""
Function For Sniffing Live Beacon Packets From Interface
Based On Pyshark LiveCapture.

"""

# Captured Bssid List
bssid_list = {}

# Get Packets
for num, packets in enumerate(cap):

# Extract Information From Packet
data = ap_info_extractor(packets)

# Packet Num
data['num'] = num

# Append Data In Captured Bssid List
bssid_list[data['bssid']]=data

# Display Captured Packets Information
display_info(bssid_list)
return

Code Part 5.


Main Function To Create PyShark Live Capture Object With Beacon Filter


# Main Function 
def main(**kwargs):
"""
creating pyshark.LiveCapture Object With Beacon Filter Engaged.
"""
cap = pyshark.LiveCapture(display_filter="wlan.fc.type_subtype == 0x0008",**kwargs)

# Live Sniffing Function
wlan_sniffer(cap)

return



Code Part 6.


Main Trigger To Run Functions.



if __name__=='__main__':

# Get Arguments
args = sys.argv

if len(args)!=2:
# Check Interface Name Condition

print "[*] Please Provide Interface Name :\n :~# python {} [Interface_name]".format(args[0])
sys.exit(0)

# Interface Name
interface = args[1]

# Trigger Main
main(interface=interface)

To Download Raw Script Click Here
Done!



                 



For Any Suggestion Or Query
Feel Free To Ask.

Have A Nice Day.