Sniffing Access Points and its Mac Addresses Using Python

3
9864
Sniffing Access Points and its Mac Addresses Using Python

Sniffing Access Points and its Mac Addresses Using Python ( Python Tutorials: 5 )

Well, once again it’s time to do something interesting using python and reveal the power of python programming.

We will learn how to use a library in python called Scapy. Also, we will utilize Scapy library for Sniffing Access Points and its Mac Addresses Using Python. First let’s talk about, what are SSIDs and MAC addresses.

SSID

Basically, SSIDs are the name of your Wireless Network. SSID stands for (Service Set Identifier). SSIDs help to separate two wifi signals in a network. However, there can be multiple numbers of wireless stations but we can identify each of them clearly using their unique Service Set Identifier. For example, when you click wifi icon in your system, the network manager will quickly populate the wifi section with all possible wifi signals present in your area. All those signals that you see, display their own unique wifi name called SSID. In this way, We can identify our Access Point’s SSID and connect to it successfully.

MAC Address

It’s nothing but a unique set of numbers and characters associated to each of your hardware devices to better identify them in a network. MAC stands for Media Access Control and also called as a Physical address. MAC addresses are used as a network address for most IEEE 802 network technologies, including Ethernet and WiFi. It normally looks like:

60:e3:27:4f:5c:6d

where, 60:e3:27 = 24 bits

                                +       = 48 bits

           4f:5c:6d = 24 bits

The first 24 bits in a MAC address represents Vendor’s id and may be referred to as the burned-in address (BIA) or you can say Organizationally Unique Identifier (OUI) and the remaining 24 bits are the Network Interface Controller(NIC) Specific. In total, a MAC address is of 48 bits. This information are stored in its hardware, such as the card’s read-only memory or some other firmware mechanism. A network node may have multiple NICs and each NIC must have a unique MAC address.

Scapy

It’s Basically a packet manipulation tool written in python language. It is able to forge or decode packets of a wide number of protocols and send them on the wire, capture them, match requests and replies, and so on. It does tasks like tracerouting, scanning, probing, unit tests, attacks or network discovery. Scapy can be used to perform the jobs done by many network tools, such as Nmap, hping, arpscan, and tshark (the command line of Wireshark). It performs other specific tasks that most of other tools can’t handle easily, like sending an invalid number of frames, injecting your own 802.11 frames, combining technics (VLAN hopping+ARP cache poisoning, VOIP decoding on WEP encrypted channel).

Some terminologies in scapy:

  • Scanning: The act of probing a host machine to identify any specific detail about it. Eg. Port scanning.
  • Sniffing: The act of intercepting and logging the packets which flow across the network.
  • Fuzzing: A software testing technique in which random data is passed as input to a computer application to check its stability.

If in case your Linux distribution doesn’t come preinstalled with scapy then you can easily install it using the following link:

Download and install latest version:

http://www.secdev.org/projects/scapy/doc/installation.html

Once you have all setup, let’s get into python program now:

The above code will start scanning all the available wifi access points and print them into the terminal window. But in order to scan the wifi signals your system’s wifi adapter should be in monitoring mode(mon0).

Monitoring mode(mon) basically allows a computer to monitor all traffic received from the wireless network. To enable monitoring mode, follow the instructions below:

The above command will enable monitoring mode on mon0. If you want to stop monitoring mode then type:

This command will stop the monitoring mode in your wifi card. Now for some reason you might not see your wifi icon in the top menu bar, so to get it back type:

This command will get the Network manager back into its location so no need to restart your system.

Now, execute the above python program by providing execution permissions:

The output of the above program will be something like this:

As you can see the SSIDs are getting repeated. So to get rid of this issue and also display the associated MAC address of the SSIDs, make these few changes into the python program.

In the above program, we have just inserted a few lines to get the MAC address and stop the repetition of the SSIDs. The lines are:

Here we are checking new MAC addresses of the Access Point and appending(ap_list.append(pkt.addr2)) it to the Access Point list(ap_list[]) so that whenever the same MAC address appears again we just ignore it and only print the new MAC address with their SSIDs. But at first, we print every new MAC addresses and add them to the access point list. And if the MAC address is unique already then just go ahead and print the SSID along with it’s MAC address and then also add it to the Access point list so that it doesn’t get repeated the next time it appears.

The output of the above program will be:

Now you can see there is no repetition of the SSIDs. Also, the MAC addresses are displayed alongside the SSIDs.

In the program, we are importing all the required packages from the scapy library (from scapy.all import *) and we are calling a PacketHandler every time a new packet is received in the network. We have then defined the PacketHandler function as, def PacketHandler(pkt) which receives packets as an input. Scapy starts to sniff the network in mon0 interface and invokes PacketHandler every time it receives a new packet. Now we check if the packet type equals to 0 and packet subtype equals to 8, if it satisfies this condition then it’s a beacon frame.

Beacon Frame

Beacon frame is based on the IEEE 802.11 wireless LANs management framework. All the information it contains is about the network. Beacon frames are sent periodically to announce the presence of a wireless LAN.

Now we print the unique SSID and the MAC address of each sniffed Access Points and ignore the repeated access points by checking the access point list(ap_list[]) as we have already mentioned above. This is how Sniffing Access Points and its Mac Addresses Using Python works.

That’s all in this article. Stay tuned for more cool stuff.

If you have any questions or doubts then please mention it in the comment section below.

3 COMMENTS

  1. I’m typically to running a blog and i really admire your content. The article has actually peaks my interest. I am going to bookmark your web site and hold checking for brand new information.

LEAVE A REPLY