Wireless network security Python uses raw sockets to sniff WiFi SSID

Source: Internet
Author: User
Tags ord


1. Introduction


With the widespread popularity of wireless networks, people are increasingly using wireless networks, he changed the way people live. Now a lot of people go to a place, the first thing to ask is "Is there WiFi?" However, the wireless network security problem has not aroused people's attention enough. In some public places, such as airports, train stations, cafes, restaurants, and so on, some free Wi-Fi is provided for customers to use, but their security is very unreliable. WiFi fishing, counterfeit hotspots, traffic hijacking is often used in this event to attack people in public places connected to WiFi, resulting in terrible information breaches.
This article is the main WiFi hotspot broadcast signal beaconframe and uses concise python to sniff the SSID of the AP.


2. Learn about BeaconFrame2.1 a simple wireless network.


  
Some laptops, smartphones, pads and other smart terminals wirelessly connect to the Internet via wireless hotspots (APS). Attackers use a single computer and a wireless card to attack.


2.2 Understanding the types of WLAN packages


There are three kinds of package types:


    • Management
    • Control
    • Data

      For more detailed information, refer to:
      Http://standards.ieee.org/about/get/802/802.11.html
      The following is an explanation of the WLAN packet fields.

      Understanding Wireless access points (ap,access Piont)

    • Each AP is configured with an SSID.

    • This SSID plays the role of a network name.
    • The terminal device searches for this AP or wireless network through this SSID.
    • The AP sends a broadcast frame (beaconframes) to indicate its presence.
    • The endpoint lists the wireless networks by SSID.
2.3 Wireshark crawl Beaconframe for analysis.


Connect the USB wireless card to the Kali and turn on the monitor mode.
"'
# ifconfig Wlan0 up
# Airmon-ng Start Wlan0



"'



End the related process and improve the monitoring stability. and view the monitoring interface.






Start the Wireshark and listen with the Mon0 interface.
# wireshark &

Before starting, select Mon0.
Select a beacon frame type of package to view.






You can see that this beaconframe broadcast frame was sent by the "LYC" hotspot.


3. Python uses raw sockets to sniff WiFi SSID


The raw socket, the original socket, can receive data frames or packets on the local network card, which is very useful for monitoring traffic and analysis of networks. Using raw sockets is not a good idea in the traditional sense, but it allows you to access the network interface at a low level and get all the packages directly.
Vim Open the ssniffer.py file and write the Python code:


#! / usr / bin / env python

import socket

rawSocket = socket.socket (socket.AF_PACKET, socket.SOCK_RAW, socket.htons (0x0003))
rawSocket.bind (("mon0", 0x0003)) #Binding mon0 interface

apList = set ()

while True:
     pkt = rawSocket.recvfrom (2048) [0]
     # Through wireshark packet analysis, we know that the frame control of BeaconFrame is 0x80, that is, the subtype is 8.
     if pkt [26] == "\ x80":
         if pkt [36:42] not in apList and ord (pkt [63])> 0:
             apList.add (pkt [36:42]) # 36 to 42 bytes of the packet store the MAC address of the AP
             print "SSID:% s AP ‘s MAC address:% s"% (pkt [64: 64 + ord (pkt [63])], pkt [36:42] .encode (‘hex‘)) 


Save, add executable permissions, and execute.



"' # chmod +x ssniffer.py
#./ssniffer.py



Python only needs 10来 lines of code to get it done, isn't it powerful.
We use the Airodump-ng command to verify the results,
# airodump-ng mon0






Haha, finally said: "Has fun, enjoy!!!" ”



Wireless network security Python uses raw sockets to sniff WiFi SSID


Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.