Reputation: 578
How to sniff specific packets using python module Scapy?
I want to capture ONLY deauth packets, and then work on them. I was able to generate deauth attack using scapy, but dont knot how to capture it.
Thanks.
Upvotes: 0
Views: 6786
Answers (1)
Reputation: 9614
You have to sniff all packets and check whether they are deauth packets.
Based upon this concise link, and since deauth packet is of type 0 and subtype 0xC, as mentioned here, this is what you need:
#!/usr/bin/env python
from scapy.all import *
def PacketHandler(pkt):
if pkt.haslayer(Dot11) and pkt.type == 0 and pkt.subtype == 0xC:
print "Deauth packet sniffed: %s" % (pkt.summary())
sniff(iface="mon0", prn = PacketHandler)
You have to set your interface into monitor mode beforehand. The exact method to do so depends on your operating system. Here is a good link that explains how this can be done for several popular operating systems.
In order to sniff on several channels, you should continuously switch between channels in the background.
For your reference, here is the official API documentation on the sniff function:
sniff(prn=None, lfilter=None, count=0, store=1, offline=None, L2socket=None,
timeout=None) Sniffs packets from the network and return them in a
packet list. This function can have many parameters:
count: number of packets to capture. 0 means infinity.
store: wether to store sniffed packets or discard them. When you only
want to monitor your network forever, set store to 0.
prn: function to apply to each packet. If something is returned, it is dis-
played. For instance you can use prn = lambda x: x.summary().
lfilter: python function applied to each packet to determine. if further
action may be done. For instance, you can use lfilter = lambda
x: x.haslayer(Padding)
offline: pcap file to read packets from, instead of sniffing them. In this
case, BPF filter won’t work.
timeout: stop sniffing after a given time (default: None).
L2socket: you can provide a supersocket for sniffing instead of the one
from conf.L2listen.
Upvotes: 2
Related Questions
- Python/Scapy: sniff only incoming packets
- Filter options for sniff function in scapy
- Scapy - TCPSession from list of packets
- how to sniff packets, modify and then send
- Scapy sniff the packet multiple times?
- python-3.4 Scapy sniffing
- scapy sniff function not catching any packets
- sniff traffic on a particular port using scapy
- Scapy - How to sniff packet and send it as encapsulated data
- Scapy - how to check packet type of sniffed packets