我想捕获deauth数据包,然后处理它们。我能够使用scapy生成deauth攻击,但是不知道如何捕获它。
感谢。
答案 0 :(得分:2)
您必须嗅探所有数据包并检查它们是否为deauth数据包。
基于this concise link,并且deauth数据包的类型为0,子类型0xC,如上所述here,这就是您所需要的:< / p>
#!/usr/bin/env python
from scapy.all import *
def PacketHandler(pkt):
if pkt.haslayer(Dot11) and pkt.type == 0 and pkt.subtype == 0xC:
print "Deauth packet sniffed: %s" % (pkt.summary())
sniff(iface="mon0", prn = PacketHandler)
您必须事先将界面设置为监控模式。确切的方法取决于您的操作系统。这是a good link,解释了如何为几种流行的操作系统做到这一点。
为了嗅探几个频道,你应该在后台不断切换频道。
供您参考,以下是sniff函数的official API documentation:
sniff(prn=None, lfilter=None, count=0, store=1, offline=None, L2socket=None,
timeout=None) Sniffs packets from the network and return them in a
packet list. This function can have many parameters:
count: number of packets to capture. 0 means infinity.
store: wether to store sniffed packets or discard them. When you only
want to monitor your network forever, set store to 0.
prn: function to apply to each packet. If something is returned, it is dis-
played. For instance you can use prn = lambda x: x.summary().
lfilter: python function applied to each packet to determine. if further
action may be done. For instance, you can use lfilter = lambda
x: x.haslayer(Padding)
offline: pcap file to read packets from, instead of sniffing them. In this
case, BPF filter won’t work.
timeout: stop sniffing after a given time (default: None).
L2socket: you can provide a supersocket for sniffing instead of the one
from conf.L2listen.