Scapy is a library supported by both Python2 and Python3. It is used for interacting with the packets on the network. It has several functionalities through which we can easily forge and manipulate the packet. Through scapy module, we can create different network tools like ARP Spoofer, Network Scanner, packet dumpers, etc. This module can be used to create more advanced tools related to network security and ethical hacking.
In this article, we will see how to get the mac-address of various wireless networks connected around you and the type of packets they are sending. We are going to explore the Adress2 in the WLAN header which is the transmitter address. Then we will create a set of these addresses and will print all the unique addresses we got.
We use Dot 11 layer of the wireless device to gets its address and payload. Dot11 is the technical name for the global specifications for wireless communications networks.
For scapy to run successfully following conditions should be met:
For Windows:
- Install WinPcap.
- Go the Start -> Command Prompt -> Open in Administration. And use the command “ipconfig/all” and copy the Description of the Wireless Adapter which we will be using in the future. It will look like this “Qualcomm QCA9377 802.11ac Wireless Adapter”.
- Now to the IDE you are using and open terminal and install scapy using “pip install scapy”.
For Linux:
Simply install scpay using “pip install scapy” using terminal and use it. No additional process is required. To get desired addresses and packets sniff() method of the scapy module is used.
Syntax: sniff( iface , count, prn, timeout = None )
Parameter:
- iface is the interface we want to sniff to be on. ( Default = All interfaces available).
- count is the total number of packets to be sniffed. (0 means infinity)
- prn is the callback method to be applied to every sniffed packet.
- timeout is the time after which you want to sniff function to stop working in s. (Default is none)
Approach
- Import module
- Find Iface name
- Declare the IFACE_NAME as the network card description to be feed to the sniff function as the interface
- Call the sniff() function with required parameters
Example 1: Printing all the detected addresses
Python3
import sys from scapy. all import * IFACE_NAME = "Qualcomm QCA9377 802.11ac Wireless Adapter" devices = set () def PacketHandler(pkt): if pkt.haslayer(Dot11): dot11_layer = pkt.getlayer(Dot11) if dot11_layer.addr2 and (dot11_layer.addr2 not in devices): devices.add(dot11_layer.addr2) print (dot11_layer.addr2) sniff(iface = IFACE_NAME, count = 1 , prn = PacketHandler) |
Output:
Example 2: Printing all the detected packet types & addresses
Python3
import sys from scapy. all import * IFACE_NAME = "Qualcomm QCA9377 802.11ac Wireless Adapter" devices = set () def PacketHandler(pkt): if pkt.haslayer(Dot11): dot11_layer = pkt.getlayer(Dot11) if dot11_layer.addr2 and (dot11_layer.addr2 not in devices): devices.add(dot11_layer.addr2) print ( len (devices), dot11_layer.addr2, dot11_layer.payload.name) sniff(iface = IFACE_NAME, count = 100 , prn = PacketHandler) |
Output: