我尝试在python中使用scapy编写代码,第一步是扫描可用的所有访问点,第二步是获取连接到ap的设备的所有mac地址
我在第一步取得了成功,但在第二步我做错了
#!/usr/bin/env python
#part 1
# import scapy module
import scapy.all as scapy
# Extracted Packet Format
Pkt_Info = """
---------------[ Packet Captured ]-----------------------
Subtype : {}
Address 1 : {} | Address 2 : {} [BSSID]
Address 3 : {} | Address 4 : {}
AP : {} [SSID]
"""
# GetAPStations Function
def GetAPStation(*args, **kwargs):
"""
Function For Filtering Beacon Frames And Extract Access
Point Information From Captured Packets.
"""
ap=[]
packets=[]
CliList=[]
def PacketFilter(pkt):
if pkt.haslayer(scapy.Dot11Elt) and pkt.type == 0 and pkt.subtype ==
8:
if pkt.addr2 not in ap:
ap.append(pkt.addr2)
packets.append(pkt)
print Pkt_Info.format(pkt.subtype,pkt.addr1, pkt.addr2, pkt.addr3,
pkt.addr4,pkt.info)
scapy.sniff(prn=PacketFilter, *args, **kwargs)
return (ap, packets)
# Main Trigger
if __name__=="__main__":
# Previous Function Trigger
#
# here, iface="mon0" for Interface with monitor mode enable
#
GetAPStation(iface="mon0", timeout=60)
我不知道如何过滤Dot 11以获得第2部分中的mac地址,如果我需要信标帧或概率请求
好吧,所以我发现可以使用Dot11Qos层if (p.haslayer(scapy.Dot11QoS) and (p.addr1!="ff:ff:ff:ff:ff:ff") and (p.addr2== "ap mac")) :