Logging MAC addresses into a csv using scapy and python -


alright, i'm trying create csv file list of mac addresses , ssids have been seen. code i've got far, of from: http://edwardkeeble.com/2014/02/passive-wifi-tracking/ using python 2.7.

from scapy.all import * import csv, time datetime import datetime   probe_request_type=0 probe_request_subtype=4  whitelist = ['de:ad:be:ef:ca:fe',] # replace phone's mac address  def packethandler(pkt):     if pkt.haslayer(dot11):         if pkt.type==probe_request_type , pkt.subtype == probe_request_subtype , ( pkt.addr2.lower() not in whitelist , pkt.addr2.upper() not in whitelist):             checkcsv(pkt)  def printpacket(pkt):     try:         = pkt.notdecoded     except:         = none     if extra!=none:         signal_strength = -(256-ord(extra[-4:-3]))     else:         signal_strength = -100         print "no signal strength found"     print "added: %s ssid: %s"%(pkt.addr2,pkt.getlayer(dot11probereq).info)      open('logmacs.csv','ab') out:         w=csv.writer(out)         w.writerow([datetime.now().strftime('%y-%m-%d'),datetime.now().strftime('%h:%m:%s'),pkt.addr2,pkt.getlayer(dot11probereq).info,signal_strength])         out.close()  def checkcsv(pkt):     open('logmacs.csv', 'rb') f:         reader = csv.reader(f, delimiter=',')         row in reader:             if pkt.addr2 != row[2]:                 printpacket(pkt)         f.close()   def main():     print "[%s] starting scan"%datetime.now()     print "scanning..."     while true:         sniff(iface=sys.argv[1],prn=packethandler, count=1)         time.sleep(2)  if __name__=="__main__":     main()

right seems either captures whole lot of packets or gets stuck in loop writing single packet. added "count=1 , while true: , time.sleep(2)" try prevent that, doesn't seem have helped.

what i'm trying log date/time when mac seen create list of unique macs isn't quite doing that....

you shouldn't write output file while reading it. update contents of logmacs.csv in printpacket while iterating on in checkcsv.

i modify checkcsv's implementation (and name) store monitored packets new variable in memory , check whether output file should updated based on newly introduced variable. has added advantage more efficient.

i open file writing once rather in every single write (try using class rather function).

edit:

in response request clarification here basic implementation along guidelines aiming for:

from scapy.all import * datetime import datetime import csv  probe_request_type = 0 probe_request_subtype = 4  whitelist = ['de:ad:be:ef:ca:fe',] # replace phone's mac address  packet_file_path = 'logmacs.csv'  class packethandler(object):     def __init__(self, packet_file_path):         self.packet_file_path = packet_file_path         self.handled_packets = set()      def __enter__(self):         self.csv_file = open(self.packet_file_path, 'ab')         self.csv_writer = csv.writer(self.csv_file)         return self      def __exit__(self, *exc_info):         self.csv_file.close()      def handle_packet(self, pkt):         if pkt.haslayer(dot11) , pkt.type == probe_request_type , pkt.subtype == probe_request_subtype , (pkt.addr2.lower() not in whitelist , pkt.addr2.upper() not in whitelist) , pkt.addr2 not in self.handled_packets:             self.add_packet(pkt)      def add_packet(self, pkt):         self.handled_packets.add(pkt.addr2)         try:             signal_strength = -(256 - ord(pkt.notdecoded[-4:-3]))         except exception, e:             signal_strength = -100             print "no signal strength found"         self.csv_writer.writerow([datetime.now().strftime('%y-%m-%d'),                                   datetime.now().strftime('%h:%m:%s'),                                   pkt.addr2,                                   pkt.getlayer(dot11probereq).info,                                   signal_strength])         print "added: %s ssid: %s" % (pkt.addr2, pkt.getlayer(dot11probereq).info)   def main():     packet_handler = packethandler(packet_file_path)     print "[%s] starting scan" % datetime.now()     print "scanning..."     packet_handler ph:         sniff(iface=sys.argv[1], prn=ph.handle_packet)  if __name__=="__main__":     main()

the major improvements highlight:

  1. the output file opened once, during __enter__ method, invoked when with statement entered.

  2. rather analyzing output file in order find out whether client encountered, local variable maintained hold detected clients. inspecting variable more efficient opening , reading output file.


Comments

Post a Comment

Popular posts from this blog

jquery - How do you format the date used in the popover widget title of FullCalendar? -

Image
in fullcalendar, how format date used in popover widget title when clicking '+n more'? code: <div class="fc-popover fc-more-popover"> <div class="fc-header fc-widget-header"> <span class="fc-close fc-icon fc-icon-x"></span> <span class="fc-title">tuesday, april 7</span> ... </div> ... </div> you use daypopoverformat that. determines date format of title of popover created eventlimitclick option. must date formatting string. default value "dddd, mmmm d" english , "ll" other languages.
Read more

Bubble Sort Manually a Linked List in Java -

Image
this first question here. trying manually sort linked list of integers in java , can not figure out wrong code. suggestions? don't error, still have output unordered. tried few different ways, nothing worked. appreciate if can me that. public class node { int data; node nextnode; public node(int data) { this.data = data; this.nextnode = null; } public int getdata() { return this.data; } } // node class public class datalinkedlist implements datainterface { private node head; private int size; public datalinkedlist(){ this.head = null; this.size = 0; } public void add(int data) { node node = new node(data); if (head == null) { head = node; } else { node currentnode = head; while(currentnode.nextnode != null) { currentnode = currentnode.nextnode; } currentnode.nextnode = node; ...
Read more

asp.net mvc - SSO between MVCForum and Umbraco7 -

i need integrate sso between mvcforum (forum of company) , umbraco7 (manages cms company). however struggling shared authentication work. tried several ways suggested on other threads still not running expected. here did: 1. in mvcforum (forum.mywebsite.com) 1.1. machine key in web.xml: <machinekey validationkey="the same key umbraco7" decryptionkey="the same key umbraco7" validation="sha1" decryption="aes" /> 1.2. authenticate forms in web.xml <forms name="my-sso-auth" protection="all" path="/" timeout="43200" domain="forum.mywebsite.com" loginurl="/members/logon" enablecrossappredirects="true" /> 2. in umbraco7 (news.mywebsite.com) 2.1. machine key in web.xml: <machinekey validationkey="the same key mvcforum" decryptionkey="the same key mvcforum" validation="sha1" decryption="aes" /> 2.2. a...
Read more