hii readers,
Done!
In Simple Words, We Will Try To Extract Beacon Frames Because These Frames are Responsible For Finding Available Access Point SSID, BSSID And Other Useful Information. SSID means AP Name And BSSID means Access Point MAC Address. Now, Let Me Show You Quickly My Codes.
Import Module
Function For Print Information In Nice Way.!!
Function For Extracting Various Information From Captured Packets.
Function For Capturing Live Packets From Interface.
Main Function To Create PyShark Live Capture Object With Beacon Filter
Main Trigger To Run Functions.
In Today's Post, I Am Going To Show How To Create AcessPoint / ESSID Finder Using Python And PyShark Or How To Create Airodump-ng Clone Using Python And PyShark - Part 1 Or How to find New Wireless Access Points Using Pyshark Etc ... Etc
readers, This Is My Seventh Post On Wireless Testing Topic and in today's post, i am going to show you one of the simplest way to extract various types of information like
- BSSID
- Frame Type
- Frame Sub Type
- Addr
- Channel
- Frequency
- Signal Dbm
- Data Rate
- Phy
- ESSID
from Beacon Packets Using PyShark Module. readers, if you are new visitor on my blog then i will suggest you to check our blog index for more useful posts.
So, Let's Start Our Tutorial With PyShark Introduction
PyShark Introduction
According to its Official Documentation
"""Python wrapper for tshark, allowing python packet parsing using wireshark dissectors.
There are quite a few python packet parsing modules, this one is different because it doesn't actually parse any packets, it simply uses tshark's (wireshark command-line utility) ability to export XMLs to use its parsing.
This package allows parsing from a capture file or a live capture, using all wireshark dissectors you have installed. Tested on windows/linux."""
For PyShark Installation Instruction and Documentation Check Here
Python Codes Strategy
- First Import PyShark Module.
- Use PyShark LiveCapture Function For Capturing Packets.
- Check Frame Type And Sub Types To Verify as a Beacon Packet.
- Extract Useful Informations
- Print On User Screen.
Done!
In Simple Words, We Will Try To Extract Beacon Frames Because These Frames are Responsible For Finding Available Access Point SSID, BSSID And Other Useful Information. SSID means AP Name And BSSID means Access Point MAC Address. Now, Let Me Show You Quickly My Codes.
LiveBeaconAnalyser.py
1 | # |
To Run These Codes, First You Need To Start Your Wireless Interface On Monitor Mode. If You Don't Know How? Click Here
Then, Open Your Terminal And Type:
And Then, Wait For Few Moment To Find Available Access Points In Range of Your device.
Done!
Now, Let Me Explain You, What Exactly Happening Here. And To Make These Codes More Easy To Understand here, i am dividing our codes in small parts.
Then, Open Your Terminal And Type:
sudo python LiveBeaconAnalyser.py mon0And Then, Wait For Few Moment To Find Available Access Points In Range of Your device.
Done!
Now, Let Me Explain You, What Exactly Happening Here. And To Make These Codes More Easy To Understand here, i am dividing our codes in small parts.
Code Part 1.
Import Module
# import module
import pyshark
import sys
# Required Data Feild
Feild = {
# Key Value Required
'interface' : (None, True),
}
# Format For Printing Beacon Data
BEACON_FORMAT = '\t {bssid} {type} {subtype} {data_rate} {frequency} {channel} {signal} {addr} {ssid} {num}'
# Label
print '\t BSSID #Type #Subtype #Rate #Frequency #Channel #Signal #ADDR #ESSID #Beacon'
Code Part 2.
Function For Print Information In Nice Way.!!
def display_info(data):
line = 0
for a,b in data.iteritems():
print BEACON_FORMAT.format(**b)
line+=1
# Backspace Trick
sys.stdout.write("\033[{}A".format(line))
return
Code Part 3.
Function For Extracting Various Information From Captured Packets.
# Function For Extracting From pyshark Packets
def ap_info_extractor(pkt):
'''
Extracting Various Values.
Labels :
bssid
type
subtype
addr
channel
frequency
signal
data_rate
phy
ssid
'''
ref = {}
ref['bssid'] = pkt.wlan.bssid
ref['type'] = pkt.wlan.fc_type
ref['subtype'] = pkt.wlan.fc_type_subtype
ref['addr'] = pkt.wlan.addr
ref['channel'] = pkt.wlan_radio.channel
ref['frequency']= pkt.wlan_radio.frequency
ref['signal'] = pkt.wlan_radio.signal_dbm
ref['data_rate']= pkt.wlan_radio.data_rate
ref['phy'] = pkt.wlan_radio.phy
ref['ssid'] = pkt.wlan_mgt.ssid
#ref['psk'] = pkt.wlan_mgt.rsn_akms_list
return ref
Code Part 4.
Function For Capturing Live Packets From Interface.
# Live Sniffing Function
def wlan_sniffer(cap):
"""
Function For Sniffing Live Beacon Packets From Interface
Based On Pyshark LiveCapture.
"""
# Captured Bssid List
bssid_list = {}
# Get Packets
for num, packets in enumerate(cap):
# Extract Information From Packet
data = ap_info_extractor(packets)
# Packet Num
data['num'] = num
# Append Data In Captured Bssid List
bssid_list[data['bssid']]=data
# Display Captured Packets Information
display_info(bssid_list)
return
Code Part 5.
Main Function To Create PyShark Live Capture Object With Beacon Filter
# Main Function
def main(**kwargs):
"""
creating pyshark.LiveCapture Object With Beacon Filter Engaged.
"""
cap = pyshark.LiveCapture(display_filter="wlan.fc.type_subtype == 0x0008",**kwargs)
# Live Sniffing Function
wlan_sniffer(cap)
return
Code Part 6.
Main Trigger To Run Functions.
if __name__=='__main__':
# Get Arguments
args = sys.argv
if len(args)!=2:
# Check Interface Name Condition
print "[*] Please Provide Interface Name :\n :~# python {} [Interface_name]".format(args[0])
sys.exit(0)
# Interface Name
interface = args[1]
# Trigger Main
main(interface=interface)