Geek asks and answers

Scapy - Download RSSI from WiFi Packages

I am trying to get RSSI or signal strength from WiFi packets. I also want RSSI from "WiFi sensing requests" (when someone searches for WiFi access points).

I managed to see this from kismet logs, but that was just to make sure it was possible - I don't want to use kismet all the time.

For a "full time scan" I use scapy. Does anyone know where I can find RSSI or signal strength (in dBm) from packets sniffed by a scythe? I don’t know how the whole package is created, and there are many “hex” values ​​that I don’t know how to parse / interpret.

I sniff both interfaces - wlan0 (detection when someone connects to my hotspot) and mon.wlan0 (detection when someone searches for hotspots). The equipment (WiFi card) that I use is based on the Prism chipset (ISL3886). However, a test with Kismet was run on Atheros (AR2413) and Intel iwl4965.

Edit1:

Looks like I need to access some information stored in PrismHeader: http://trac.secdev.org/scapy/browser/scapy/layers/dot11.py line 92?

Does anyone know how to enter this information? package.show () and packet.show2 () show nothing from this class / level

Edit2:

, , . kismet, scapy, :

###[ RadioTap dummy ]###
  version= 0
  pad= 0
  len= 26
  present= TSFT+Flags+Rate+Channel+dBm_AntSignal+Antenna+b14
  notdecoded= '8`/\x08\x00\x00\x00\x00\x10\x02\x94\t\xa0\x00\xdb\x01\x00\x00'
  ...

, kismet.

+5
5

:

  • , - , " " ( / ). hostapd.

  • airmon-ng - tcpdump, scapy .

+2

, scapy.layers.dot11.Packet .

https://github.com/ivanlei/airodump-iv/blob/master/airoiv/scapy_ex.py

:

import scapy_ex

:

packet.show()

:

###[ 802.11 RadioTap ]###
  version   = 0
  pad       = 0
  RadioTap_len= 18
  present   = Flags+Rate+Channel+dBm_AntSignal+Antenna+b14
  Flags     = 0
  Rate      = 2
  Channel   = 1
  Channel_flags= 160
  dBm_AntSignal= -87
  Antenna   = 1
  RX_Flags  = 0
+4

- . dBm_AntSignal .

100% , sig_str = -(256 - ord(packet.notdecoded[-2:-1])) , , dBm_AntSignal.

OpenWRT TP-Link MR3020 extroot Edward Keeble Passive Wifi Monitoring .

scapy_ex.py, :

802.11 RadioTap

  version   = 0

  pad       = 0

  RadioTap_len= 36

  present   = dBm_AntSignal+Lock_Quality+b22+b24+b25+b26+b27+b29

  dBm_AntSignal= 32

  Lock_Quality= 8
+1

, "RadioTap", , Radiotap, Prism, Prism, p54 " SoftMAC", , , Radiotap; p54 prism54?

0

, airmon-ng, tcpdump, , sig_str = -(256-ord(packet.notdecoded[-4:-3])), -256, 0. .

 version   = 0
 pad       = 0
 len       = 36
 present   = TSFT+Flags+Rate+Channel+dBm_AntSignal+b14+b29+Ext
 notdecoded= ' \x08\x00\x00\x00\x00\x00\x00\x1f\x02\xed\x07\x05 
 .......
0

More articles:


All Articles