In the field of cybersecurity, capturing and analyzing network traffic is a crucial task. With Scapy, a powerful packet manipulation tool in Python, you can capture, analyze, and manipulate network packets in real-time. I created a wireless network tool called PySniffer that enables you to capture, analyze, and crack wireless network traffic.
PySniffer is a tool that I created using the Python programming language and the Scapy library. The name PySniffer is a combination of two words: “Py,” which is short for Python, and “Sniffer,” which is a term used to describe a tool that monitors network traffic.
I came up with the idea for PySniffer when I first learned about the Scapy library. Scapy is a powerful packet manipulation tool that can be used for network analysis, penetration testing, and more. I realized that by using Scapy, I could create a tool that would allow me to sniff wireless network traffic and analyze it for security purposes.
It allows you to do two main things:
- Sniff wireless network traffic and extract the SSID, BSSID, and channel of each wireless network beacon frame.
- Crack WEP encryption using an ARP injection attack and a specified WEP key.
Creating PySniffer
Here are the steps I followed to create PySniffer:
Step 1: Installing Scapy
The first step was to install the Scapy library. Scapy is a powerful packet manipulation tool that allows you to capture, analyze, and manipulate network packets in real-time. You can install Scapy using pip with the following command:
pip install scapy
Step 2: Define the handle_packet() Function
The handle_packet() function is responsible for handling packets that are captured by Scapy. This function takes a packet argument, which is a Scapy packet object.
Inside the handle_packet() function, we can access various packet attributes using Scapy’s built-in packet fields. For example, we can check if the packet has a Dot11 layer (which is the layer used for Wi-Fi packets) using the packet.haslayer(Dot11) method.
Step 3: Define the sniff_wireless() Function
The sniff_wireless() function is responsible for sniffing wireless network traffic. This function takes an interface argument, which is the name of the wireless interface to use for sniffing.
Inside the sniff_wireless() function, we can use the sniff() function from Scapy to start sniffing wireless network traffic. We can pass in the iface argument to specify the wireless interface to use, and the prn argument to specify the callback function to be called for each packet that is captured.
Step 4: Define the crack_wep() Function
The crack_wep() function is responsible for cracking WEP encryption. This function takes five arguments: interface, bssid, channel, ssid, and wep_key.
Inside the crack_wep() function, we first set some Scapy configuration variables (conf.iface and conf.monitor) to prepare for packet sniffing. We then use the os.system() function to set the wireless interface to the correct channel.
Next, we create an ARP request packet using the ARP() function from Scapy. This packet is used to send a request to the access point with the specified bssid to obtain its MAC address.
We then create a broadcast packet using the Ether() function from Scapy. This packet is used to send the ARP request to all devices on the network.
We use the srp() function from Scapy to send the broadcast packet and wait for a response. If we receive a response, we check if the response is an ARP response and if the source IP address is the router’s IP address. If these conditions are met, we print the WEP key and return.
Source Code:
from scapy.all import *
# Function to sniff wireless network traffic
def sniff_wireless(interface):
sniff(iface=interface, prn=handle_packet)
# Function to handle captured packets
def handle_packet(packet):
if packet.haslayer(Dot11):
if packet.type == 0 and packet.subtype == 8: # Beacon frame
ssid = packet.info.decode()
bssid = packet.addr3
channel = int(ord(packet[Dot11Elt:3].info))
print(f"SSID: {ssid}, BSSID: {bssid}, Channel: {channel}")
# Function to crack WEP encryption
def crack_wep(interface, bssid, channel, ssid, wep_key):
conf.iface = interface
conf.monitor = True
os.system(f"iwconfig {interface} channel {channel}")
key = wep_key.split(":")
key = bytes([int(x, 16) for x in key])
arp_request = ARP(pdst="192.168.1.1/24", hwdst=bssid)
broadcast = Ether(dst="ff:ff:ff:ff:ff:ff")
packet = broadcast / arp_request
while True:
response = srp(packet, timeout=1, verbose=False)[0]
if response:
for packet in response:
if packet[ARP].op == 2:
if packet[ARP].psrc == "192.168.1.1":
print("WEP Key Found: ", wep_key)
return
# Example usage
interface = "wlan0"
ssid = "MyWifiNetwork"
bssid = "00:11:22:33:44:55"
channel = 6
wep_key = "a0:1b:2c:3d:4e:5f"
sniff_thread = threading.Thread(target=sniff_wireless, args=(interface,))
sniff_thread.start()
crack_wep(interface, bssid, channel, ssid, wep_key)
Usage:
Clone the repository to your local machine:
git clone https://github.com/sainsec/PySniffer.git
Install the necessary dependencies:
pip install -r requirements.txt
Run the tool with the following command to sniff wireless network traffic:
python pysniffer.py sniff INTERFACE
Run the tool with the following command to crack WEP encryption:
python pysniffer.py crack INTERFACE BSSID CHANNEL SSID WEP_KEY
Replace INTERFACE, BSSID, CHANNEL, SSID, and WEP_KEY with the appropriate values for the network you want to target.
PySniffer is a powerful tool that can help you secure your wireless network by monitoring the traffic that is passing through it. Whether you are a network administrator, a security professional, or just a curious user, PySniffer can help you better understand your network and keep it secure. You can also find this tool my Github. Thanks for reading!
Top comments (0)